Koobface 6X

Sherry.ai

最近很流行~

Sebastian

Starting the file scan:

Begin scan in 'D:\kafan\Koobface'
D:\kafan\Koobface\32B96EDE7F0E7AFF065D34017BA501AC.exe
    --> Object
      [DETECTION] Contains recognition pattern of the WORM/Koobface.fx worm
    [NOTE]      A backup was created as '4a1e911c.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
D:\kafan\Koobface\910E8BD20D7CE6E9F197E887F1C15B31.exe
    --> Object
      [DETECTION] Contains recognition pattern of the WORM/Koobface.fx worm
    [NOTE]      A backup was created as '4a0c911b.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
D:\kafan\Koobface\D20A3B637428F9A1C3C986867E80E00E.exe
    --> Object
      [DETECTION] Contains recognition pattern of the WORM/Koobface.fx worm
    [NOTE]      A backup was created as '4a0c911c.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!


End of the scan: 2009年4月8日  19:56
Used time: 00:00 Minute(s)

The scan has been done completely.

      1 Scanned directories
      6 Files were scanned
      3 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      3 files were deleted
      0 Viruses and unwanted programs were repaired
      3 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
      3 Files not concerned
      0 Archives were scanned
      0 Warnings
      3 Notes

Palkia

病毒        2009-04-08  19:58:32        C:\Documents and Settings\Administrator\桌面\Koobface.rar\Koobface\D20A3B637428F9A1C3C986867E80E00E.exe        Worm.Koobface.fx.40960 (蠕虫病毒)        清除成功       
病毒        2009-04-08  19:58:32        C:\Documents and Settings\Administrator\桌面\Koobface.rar\Koobface\910E8BD20D7CE6E9F197E887F1C15B31.exe        Worm.Koobface.fx.40960 (蠕虫病毒)        清除成功       
病毒        2009-04-08  19:58:32        C:\Documents and Settings\Administrator\桌面\Koobface.rar\Koobface\32B96EDE7F0E7AFF065D34017BA501AC.exe        Worm.Koobface.fx.40960 (蠕虫病毒)        清除成功

BING126

McAfee miss

左手

2009-04-08 21:12:22    创建文件      操作:阻止并结束进程
进程路径:E:\virus\Koobface\5E4802415D245EAAC383772110BEFAAC.exe
文件路径:C:\windows\ld03.exe
触发规则:应用程序规则->02-允许修改的程序->*.*->*\*.exe


2009-04-08 21:12:23    创建文件      操作:阻止并结束进程
进程路径:E:\virus\Koobface\910E8BD20D7CE6E9F197E887F1C15B31.exe
文件路径:C:\windows\ld03.exe
触发规则:应用程序规则->02-允许修改的程序->*.*->*\*.exe


2009-04-08 21:12:24    创建文件      操作:阻止并结束进程
进程路径:E:\virus\Koobface\D20A3B637428F9A1C3C986867E80E00E.exe
文件路径:C:\windows\ld03.exe
触发规则:应用程序规则->02-允许修改的程序->*.*->*\*.exe


2009-04-08 21:12:25    创建文件      操作:阻止并结束进程
进程路径:E:\virus\Koobface\F23DD467C4AF3AF44F8343F40C5F2CC3.exe
文件路径:C:\windows\ld03.exe
触发规则:应用程序规则->02-允许修改的程序->*.*->*\*.exe


2009-04-08 21:12:26    创建文件      操作:阻止并结束进程
进程路径:E:\virus\Koobface\CA62F1D7EC58733B065864DE29291ECB.exe
文件路径:C:\windows\ld03.exe
触发规则:应用程序规则->02-允许修改的程序->*.*->*\*.exe


2009-04-08 21:12:27    创建文件      操作:阻止并结束进程
进程路径:E:\virus\Koobface\32B96EDE7F0E7AFF065D34017BA501AC.exe
文件路径:C:\windows\ld03.exe
触发规则:应用程序规则->02-允许修改的程序->*.*->*\*.exe

黑衣~魂

DW KILL ALL
32B96EDE7F0E7AFF065D34017BA501AC.exe - infected with Trojan.Popuper.14483
5E4802415D245EAAC383772110BEFAAC.exe - infected with Trojan.Proxy.origin
910E8BD20D7CE6E9F197E887F1C15B31.exe - infected with Trojan.Popuper.14483
CA62F1D7EC58733B065864DE29291ECB.exe - infected with Trojan.Proxy.origin
D20A3B637428F9A1C3C986867E80E00E.exe - infected with Trojan.Popuper.14483
F23DD467C4AF3AF44F8343F40C5F2CC3.exe - infected with Trojan.Proxy.origin

ledled

All to VB

Sebastian

D:\kafan\Koobface.rar/32B96EDE7F0E7AFF065D34017BA501AC.exe         已检测: Worm.Win32.Koobface!IK
D:\kafan\Koobface.rar/5E4802415D245EAAC383772110BEFAAC.exe         已检测: Worm.Win32.Koobface!IK
D:\kafan\Koobface.rar/910E8BD20D7CE6E9F197E887F1C15B31.exe         已检测: Worm.Win32.Koobface!IK
D:\kafan\Koobface.rar/CA62F1D7EC58733B065864DE29291ECB.exe         已检测: Worm.Win32.Koobface!IK
D:\kafan\Koobface.rar/D20A3B637428F9A1C3C986867E80E00E.exe         已检测: Worm.Win32.Koobface!IK
D:\kafan\Koobface.rar/F23DD467C4AF3AF44F8343F40C5F2CC3.exe         已检测: Worm.Win32.Koobface!IK

xppara

http://www.virustotal.com/zh-tw/ ... 724b8cb0f57da6c5059

尤金卡巴斯基

2009/4/9 16:43:25        已清除        病毒 Net-Worm.Win32.Koobface.fx        G:\Temp\Virus\Koobface.rar/Koobface\D20A3B637428F9A1C3C986867E80E00E.exe//PE_Patch.UPX//UPX               
2009/4/9 16:43:25        已清除        病毒 Net-Worm.Win32.Koobface.fx        G:\Temp\Virus\Koobface.rar/Koobface\910E8BD20D7CE6E9F197E887F1C15B31.exe//PE_Patch.UPX//UPX               
2009/4/9 16:43:25        已清除        病毒 Net-Worm.Win32.Koobface.fx        G:\Temp\Virus\Koobface.rar/Koobface\32B96EDE7F0E7AFF065D34017BA501AC.exe//PE_Patch.UPX//UPX               
2009/4/9 16:43:25        已清除        病毒 Net-Worm.Win32.Koobface.ga        G:\Temp\Virus\Koobface.rar/Koobface\CA62F1D7EC58733B065864DE29291ECB.exe//PE_Patch.UPX//UPX               
2009/4/9 16:43:25        已清除        病毒 Net-Worm.Win32.Koobface.ga        G:\Temp\Virus\Koobface.rar/Koobface\F23DD467C4AF3AF44F8343F40C5F2CC3.exe//PE_Patch.UPX//UPX               
2009/4/9 16:43:25        已清除        病毒 Net-Worm.Win32.Koobface.ga        G:\Temp\Virus\Koobface.rar/Koobface\5E4802415D245EAAC383772110BEFAAC.exe//PE_Patch.UPX//UPX