Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

System going down in 5 minutes.

computers / comp.sys.ibm.ps2.hardware / Re: clamAV reporting

SubjectAuthor
* clamAV reportingmoussa
+* Re: clamAV reportingJWR
|`- Re: clamAV reportingmoussa
`* Re: clamAV reportingmoussa
 `- Re: clamAV reportingKevin Bowling

1
clamAV reporting

<smalbn$1uas$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=1250&group=comp.sys.ibm.ps2.hardware#1250

  copy link   Newsgroups: comp.sys.ibm.ps2.hardware
Path: i2pn2.org!i2pn.org!aioe.org!ndpt8ezVC4D4j2AAPzkBUg.user.46.165.242.75.POSTED!not-for-mail
From: devo...@hotmail.com (moussa)
Newsgroups: comp.sys.ibm.ps2.hardware
Subject: clamAV reporting
Date: Mon, 8 Nov 2021 15:58:47 +0800
Organization: PS2moussa
Message-ID: <smalbn$1uas$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="63836"; posting-host="ndpt8ezVC4D4j2AAPzkBUg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.14.0
Content-Language: en-AU
X-Mozilla-News-Host: news://nntp.aioe.org:119
X-Notice: Filtered by postfilter v. 0.9.2
 by: moussa - Mon, 8 Nov 2021 07:58 UTC

ps-2.kev009.com/ncr3xxx/pcfiles/Machines/32xx/3262/AUDIO.EXE:
Win.Worm.Viking-2528 FOUND

??
--
Moussa

"People alike with a similar circumstances, tend to find each
others across space and time, given enough time in life, no
matter distance, language, race, colour and believes" (c) MEK
*** Do Not Copy, Duplicate or Use without my Permission ***

Re: clamAV reporting

<smangb$t8m$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=1251&group=comp.sys.ibm.ps2.hardware#1251

  copy link   Newsgroups: comp.sys.ibm.ps2.hardware
Path: i2pn2.org!i2pn.org!aioe.org!hLiL4GBfdIp9KEvckbZtRA.user.46.165.242.75.POSTED!not-for-mail
From: you.want...@ask.for.it (JWR)
Newsgroups: comp.sys.ibm.ps2.hardware
Subject: Re: clamAV reporting
Date: Mon, 8 Nov 2021 09:35:23 +0100
Organization: Aioe.org NNTP Server
Message-ID: <smangb$t8m$1@gioia.aioe.org>
References: <smalbn$1uas$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="29974"; posting-host="hLiL4GBfdIp9KEvckbZtRA.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
Content-Language: en-US
X-Notice: Filtered by postfilter v. 0.9.2
 by: JWR - Mon, 8 Nov 2021 08:35 UTC

On 08-11-2021 08:58, moussa wrote:
> ps-2.kev009.com/ncr3xxx/pcfiles/Machines/32xx/3262/AUDIO.EXE:
> Win.Worm.Viking-2528 FOUND
>
> ??
>
Hi Moussa,

Supposing Audio.exe was built a long, long, long time before this worm came into the world, a 'false positive' is likely.

But it can't do much harm for Kevin to compare the file with older backups to look for any changes i.e. infections.

--
Jelte,
Admirer of the letter of IBM with blue Ishiki

Re: clamAV reporting

<smf7eu$17qa$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=1271&group=comp.sys.ibm.ps2.hardware#1271

  copy link   Newsgroups: comp.sys.ibm.ps2.hardware
Path: i2pn2.org!i2pn.org!aioe.org!ndpt8ezVC4D4j2AAPzkBUg.user.46.165.242.75.POSTED!not-for-mail
From: devo...@hotmail.com (moussa)
Newsgroups: comp.sys.ibm.ps2.hardware
Subject: Re: clamAV reporting
Date: Wed, 10 Nov 2021 09:32:14 +0800
Organization: PS2moussa
Message-ID: <smf7eu$17qa$1@gioia.aioe.org>
References: <smalbn$1uas$1@gioia.aioe.org> <smangb$t8m$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="40778"; posting-host="ndpt8ezVC4D4j2AAPzkBUg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.14.0
Content-Language: en-AU
X-Notice: Filtered by postfilter v. 0.9.2
 by: moussa - Wed, 10 Nov 2021 01:32 UTC

On 8/11/21 4:35 pm, JWR wrote:
> On 08-11-2021 08:58, moussa wrote:
>> ps-2.kev009.com/ncr3xxx/pcfiles/Machines/32xx/3262/AUDIO.EXE:
>> Win.Worm.Viking-2528 FOUND
>>
>> ??
>>
> Hi Moussa,
>
> Supposing Audio.exe was built a long, long, long time before this worm
> came into the world, a 'false positive' is likely.
>
> But it can't do much harm for Kevin to compare the file with older
> backups to look for any changes i.e. infections.
>
>
i have no doubt

maybe a list and a note??

--
Moussa

"People alike with a similar circumstances, tend to find each
others across space and time, given enough time in life, no
matter distance, language, race, colour and believes" (c) MEK
*** Do Not Copy, Duplicate or Use without my Permission ***

Re: clamAV reporting

<smf7j7$17qa$2@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=1272&group=comp.sys.ibm.ps2.hardware#1272

  copy link   Newsgroups: comp.sys.ibm.ps2.hardware
Path: i2pn2.org!i2pn.org!aioe.org!ndpt8ezVC4D4j2AAPzkBUg.user.46.165.242.75.POSTED!not-for-mail
From: devo...@hotmail.com (moussa)
Newsgroups: comp.sys.ibm.ps2.hardware
Subject: Re: clamAV reporting
Date: Wed, 10 Nov 2021 09:34:31 +0800
Organization: PS2moussa
Message-ID: <smf7j7$17qa$2@gioia.aioe.org>
References: <smalbn$1uas$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="40778"; posting-host="ndpt8ezVC4D4j2AAPzkBUg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.14.0
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-AU
 by: moussa - Wed, 10 Nov 2021 01:34 UTC

LibClamAV Warning: PNG: Unexpected early end-of-file.
ps-2.kev009.com/ncr3xxx/pcfiles/Machines/32xx/3262/AUDIO.EXE:
Win.Worm.Viking-2528 FOUND
ps-2.kev009.com/ohlandl/NIC/etmlan.zip: Win.Trojan.Bupt-2 FOUND
ps-2.kev009.com/ohlandl/3513/External_PCMCIA_HDD.exe:
Win.Trojan.Agent-530259 FOUND
ps-2.kev009.com/pccbbs/intellistation/e75z28us.exe:
Win.Trojan.Agent-1815490 FOUND
ps-2.kev009.com/pccbbs/intellistation/e22z13us.exe:
Win.Trojan.Agent-428481 FOUND
ps-2.kev009.com/pccbbs/intellistation/e78z14us.exe:
Win.Trojan.Agent-428481 FOUND
ps-2.kev009.com/pccbbs/intellistation/e23z02us.exe:
Win.Trojan.Agent-421915 FOUND
ps-2.kev009.com/pccbbs/intellistation/za3z49us.exe:
Win.Trojan.Agent-1862555 FOUND
ps-2.kev009.com/pccbbs/intellistation/e78z39us.exe:
Win.Trojan.Agent-421898 FOUND
ps-2.kev009.com/pccbbs/intellistation/e75z17us.exe:
Win.Trojan.Agent-421915 FOUND
ps-2.kev009.com/pccbbs/mobiles_pdf/7awv05ww.exe:
Win.Trojan.Agent-1460811 FOUND
ps-2.kev009.com/pccbbs/commercial_desktop/za3z49us.exe:
Win.Trojan.Agent-1862555 FOUND
ps-2.kev009.com/pccbbs/commercial_desktop/d65z03us.exe:
Win.Worm.Viking-2528 FOUND
ps-2.kev009.com/pccbbs/netvista_drivers/e7az21us.exe:
Win.Trojan.Agent-428820 FOUND
ps-2.kev009.com/pccbbs/netvista_drivers/e78z36us.exe:
Win.Trojan.Agent-428779 FOUND
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
ps-2.kev009.com/pccbbs/misc/integrtd.exe: Win.Trojan.HeyChris-1 FOUND
ps-2.kev009.com/pccbbs/pc_servers/26k9105w.exe: Win.Trojan.Cosmu-1095 FOUND
ps-2.kev009.com/pccbbs/pc_servers/26k9107w.exe: Win.Trojan.Cosmu-1095 FOUND
ps-2.kev009.com/pccbbs/pc_servers/26k9106w.exe: Win.Trojan.Cosmu-1095 FOUND
ps-2.kev009.com/pccbbs/pc_servers/e7az33usa.exe: Win.Trojan.Agent-424054
FOUND
ps-2.kev009.com/pccbbs/pc_servers/e7at30a.exe: Win.Trojan.Agent-424054 FOUND
ps-2.kev009.com/pccbbs/pc_servers/dsa101p.exe:
Win.Dropper.Gh0stRAT-9811469-0 FOUND
ps-2.kev009.com/pccbbs/pc_servers/dsa100p.exe:
Win.Dropper.Gh0stRAT-9811469-0 FOUND
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
ps-2.kev009.com/pccbbs/aptiva/aptie4us.exe: Win.Trojan.Peed-422 FOUND
ps-2.kev009.com/pccbbs/mobiles/7kcna4ww.exe: Win.Trojan.Agent-1460811 FOUND
ps-2.kev009.com/pccbbs/mobiles/68wk01ww.exe: Win.Trojan.Agent-1460811 FOUND
ps-2.kev009.com/pccbbs/mobiles/ltmd1gme.exe: Win.Trojan.Agent-5602801-0
FOUND
ps-2.kev009.com/pccbbs/mobiles/l1wln04us24.exe:
Win.Trojan.Agent-5467461-0 FOUND
ps-2.kev009.com/pccbbs/mobiles/tracpt2k.exe: Win.Trojan.Ramnit-6057 FOUND
ps-2.kev009.com/pccbbs/mobiles/vftpad8m.exe: Win.Trojan.Downloader-19951
FOUND
ps-2.kev009.com/pccbbs/mobiles/65au07ww.exe: Win.Trojan.Ramnit-6552 FOUND
ps-2.kev009.com/pccbbs/mobiles/ltmd1g98.exe: Win.Trojan.Agent-5602801-0
FOUND
ps-2.kev009.com/pccbbs/mobiles/ltmd1gnt.exe: Win.Trojan.Agent-5602801-0
FOUND
ps-2.kev009.com/pccbbs/mobiles/7avu21ww.exe: Win.Worm.Chir-916 FOUND
ps-2.kev009.com/pccbbs/mobiles/l1wln02us24.exe:
Win.Trojan.Agent-5467461-0 FOUND
ps-2.kev009.com/pccbbs/mobiles/7avu12ww.exe: Win.Worm.Chir-916 FOUND
ps-2.kev009.com/pccbbs/mobiles/78g405ww.exe: Win.Trojan.Ramnit-6056 FOUND
ps-2.kev009.com/pccbbs/mobiles/1yg407ww.exe: Win.Trojan.Ramnit-6057 FOUND
ps-2.kev009.com/pccbbs/mobiles/62wj05ww.exe: Win.Trojan.Agent-1460811 FOUND
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
ps-2.kev009.com/pccbbs/mobiles/1yg409ww.exe: Win.Trojan.Ramnit-6057 FOUND
ps-2.kev009.com/pccbbs/mobiles/63wj01ww.exe: Win.Trojan.Agent-1460811 FOUND
ps-2.kev009.com/pccbbs/mobiles/l1wln05us24.exe: Win.Trojan.Agent-1460811
FOUND
ps-2.kev009.com/pccbbs/mobiles/7avu23ww.exe: Win.Worm.Chir-916 FOUND
ps-2.kev009.com/pccbbs/mobiles/1yg411ww.exe: Win.Trojan.Ramnit-6057 FOUND
ps-2.kev009.com/pccbbs/mobiles/l1wln03us24.exe: Win.Trojan.Agent-1460811
FOUND
ps-2.kev009.com/pccbbs/mobiles/7avu43ww.exe: Win.Worm.Chir-916 FOUND
ps-2.kev009.com/pccbbs/mobiles/7awv05ww.exe: Win.Trojan.Agent-1460811 FOUND
ps-2.kev009.com/pccbbs/mobiles/l1wln09us24.exe: Win.Trojan.Agent-1460811
FOUND
ps-2.kev009.com/pccbbs/mobiles/ltmd1gxp.exe: Win.Trojan.Agent-5602801-0
FOUND
ps-2.kev009.com/pccbbs/mobiles/1rg408us.exe: Win.Trojan.Ramnit-6057 FOUND
ps-2.kev009.com/pccbbs/mobiles/75u702aw.exe: Win.Trojan.Agent-682923 FOUND
ps-2.kev009.com/pccbbs/mobiles/68wl01ww.exe: Win.Trojan.Agent-1460811 FOUND
ps-2.kev009.com/pccbbs/mobiles/7avu42ww.exe: Win.Worm.Chir-916 FOUND
ps-2.kev009.com/pccbbs/mobiles/65av08ww.exe: Win.Trojan.Ramnit-6552 FOUND
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
ps-2.kev009.com/pccbbs/options/pro_nt40.exe: Doc.Trojan.Wazzu-6 FOUND
ps-2.kev009.com/pccbbs/options/q3kyb01us13.zip: Win.Trojan.Agent-354826
FOUND
ps-2.kev009.com/pccbbs/options/recovertool1gb_v1030.exe:
Win.Trojan.Agent-1096954 FOUND
ps-2.kev009.com/pccbbs/options/q3kyb03us13.exe: Win.Trojan.Agent-354826
FOUND
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
ps-2.kev009.com/pccbbs/netvista/e75z28us.exe: Win.Trojan.Agent-1815490 FOUND
ps-2.kev009.com/pccbbs/netvista/e78z14us.exe: Win.Trojan.Agent-428481 FOUND
ps-2.kev009.com/pccbbs/netvista/e75z17us.exe: Win.Trojan.Agent-421915 FOUND
LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total

----------- SCAN SUMMARY -----------
Known viruses: 8574078
Engine version: 0.103.3
Scanned directories: 4835
Scanned files: 173409
Infected files: 61
Data scanned: 260806.00 MB
Data read: 213651.94 MB (ratio 1.22:1)
Time: 109320.057 sec (1822 m 0 s)
Start Date: 2021:11:08 12:42:36
End Date: 2021:11:09 19:04:36

--
Moussa

"People alike with a similar circumstances, tend to find each
others across space and time, given enough time in life, no
matter distance, language, race, colour and believes" (c) MEK
*** Do Not Copy, Duplicate or Use without my Permission ***

Re: clamAV reporting

<smnd98$2ntk$1@842ffb22-07e1-11e5-a459-00266cf00584.csiph.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=1325&group=comp.sys.ibm.ps2.hardware#1325

  copy link   Newsgroups: comp.sys.ibm.ps2.hardware
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!csiph.com!.POSTED.208.72.53.131!not-for-mail
From: kevin.bo...@kev009.com (Kevin Bowling)
Newsgroups: comp.sys.ibm.ps2.hardware
Subject: Re: clamAV reporting
Date: Fri, 12 Nov 2021 21:00:39 -0700
Organization: csiph.com Internet News Service
Message-ID: <smnd98$2ntk$1@842ffb22-07e1-11e5-a459-00266cf00584.csiph.com>
References: <smalbn$1uas$1@gioia.aioe.org> <smf7j7$17qa$2@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 13 Nov 2021 04:00:41 -0000 (UTC)
Injection-Info: 842ffb22-07e1-11e5-a459-00266cf00584.csiph.com; posting-host="208.72.53.131";
logging-data="90036"; mail-complaints-to="admin@kev009.com"
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:91.0) Gecko/20100101
Thunderbird/91.3.0
Content-Language: en-US
In-Reply-To: <smf7j7$17qa$2@gioia.aioe.org>
 by: Kevin Bowling - Sat, 13 Nov 2021 04:00 UTC

On 11/9/21 18:34, moussa wrote:
> LibClamAV Warning: PNG: Unexpected early end-of-file.
> ps-2.kev009.com/ncr3xxx/pcfiles/Machines/32xx/3262/AUDIO.EXE:
> Win.Worm.Viking-2528 FOUND
> ps-2.kev009.com/ohlandl/NIC/etmlan.zip: Win.Trojan.Bupt-2 FOUND
> ps-2.kev009.com/ohlandl/3513/External_PCMCIA_HDD.exe:
> Win.Trojan.Agent-530259 FOUND
> ps-2.kev009.com/pccbbs/intellistation/e75z28us.exe:
> Win.Trojan.Agent-1815490 FOUND
> ps-2.kev009.com/pccbbs/intellistation/e22z13us.exe:
> Win.Trojan.Agent-428481 FOUND
> ps-2.kev009.com/pccbbs/intellistation/e78z14us.exe:
> Win.Trojan.Agent-428481 FOUND
> ps-2.kev009.com/pccbbs/intellistation/e23z02us.exe:
> Win.Trojan.Agent-421915 FOUND
> ps-2.kev009.com/pccbbs/intellistation/za3z49us.exe:
> Win.Trojan.Agent-1862555 FOUND
> ps-2.kev009.com/pccbbs/intellistation/e78z39us.exe:
> Win.Trojan.Agent-421898 FOUND
> ps-2.kev009.com/pccbbs/intellistation/e75z17us.exe:
> Win.Trojan.Agent-421915 FOUND
> ps-2.kev009.com/pccbbs/mobiles_pdf/7awv05ww.exe:
> Win.Trojan.Agent-1460811 FOUND
> ps-2.kev009.com/pccbbs/commercial_desktop/za3z49us.exe:
> Win.Trojan.Agent-1862555 FOUND
> ps-2.kev009.com/pccbbs/commercial_desktop/d65z03us.exe:
> Win.Worm.Viking-2528 FOUND
> ps-2.kev009.com/pccbbs/netvista_drivers/e7az21us.exe:
> Win.Trojan.Agent-428820 FOUND
> ps-2.kev009.com/pccbbs/netvista_drivers/e78z36us.exe:
> Win.Trojan.Agent-428779 FOUND
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> ps-2.kev009.com/pccbbs/misc/integrtd.exe: Win.Trojan.HeyChris-1 FOUND
> ps-2.kev009.com/pccbbs/pc_servers/26k9105w.exe: Win.Trojan.Cosmu-1095 FOUND
> ps-2.kev009.com/pccbbs/pc_servers/26k9107w.exe: Win.Trojan.Cosmu-1095 FOUND
> ps-2.kev009.com/pccbbs/pc_servers/26k9106w.exe: Win.Trojan.Cosmu-1095 FOUND
> ps-2.kev009.com/pccbbs/pc_servers/e7az33usa.exe: Win.Trojan.Agent-424054
> FOUND
> ps-2.kev009.com/pccbbs/pc_servers/e7at30a.exe: Win.Trojan.Agent-424054 FOUND
> ps-2.kev009.com/pccbbs/pc_servers/dsa101p.exe:
> Win.Dropper.Gh0stRAT-9811469-0 FOUND
> ps-2.kev009.com/pccbbs/pc_servers/dsa100p.exe:
> Win.Dropper.Gh0stRAT-9811469-0 FOUND
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> ps-2.kev009.com/pccbbs/aptiva/aptie4us.exe: Win.Trojan.Peed-422 FOUND
> ps-2.kev009.com/pccbbs/mobiles/7kcna4ww.exe: Win.Trojan.Agent-1460811 FOUND
> ps-2.kev009.com/pccbbs/mobiles/68wk01ww.exe: Win.Trojan.Agent-1460811 FOUND
> ps-2.kev009.com/pccbbs/mobiles/ltmd1gme.exe: Win.Trojan.Agent-5602801-0
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/l1wln04us24.exe:
> Win.Trojan.Agent-5467461-0 FOUND
> ps-2.kev009.com/pccbbs/mobiles/tracpt2k.exe: Win.Trojan.Ramnit-6057 FOUND
> ps-2.kev009.com/pccbbs/mobiles/vftpad8m.exe: Win.Trojan.Downloader-19951
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/65au07ww.exe: Win.Trojan.Ramnit-6552 FOUND
> ps-2.kev009.com/pccbbs/mobiles/ltmd1g98.exe: Win.Trojan.Agent-5602801-0
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/ltmd1gnt.exe: Win.Trojan.Agent-5602801-0
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/7avu21ww.exe: Win.Worm.Chir-916 FOUND
> ps-2.kev009.com/pccbbs/mobiles/l1wln02us24.exe:
> Win.Trojan.Agent-5467461-0 FOUND
> ps-2.kev009.com/pccbbs/mobiles/7avu12ww.exe: Win.Worm.Chir-916 FOUND
> ps-2.kev009.com/pccbbs/mobiles/78g405ww.exe: Win.Trojan.Ramnit-6056 FOUND
> ps-2.kev009.com/pccbbs/mobiles/1yg407ww.exe: Win.Trojan.Ramnit-6057 FOUND
> ps-2.kev009.com/pccbbs/mobiles/62wj05ww.exe: Win.Trojan.Agent-1460811 FOUND
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> ps-2.kev009.com/pccbbs/mobiles/1yg409ww.exe: Win.Trojan.Ramnit-6057 FOUND
> ps-2.kev009.com/pccbbs/mobiles/63wj01ww.exe: Win.Trojan.Agent-1460811 FOUND
> ps-2.kev009.com/pccbbs/mobiles/l1wln05us24.exe: Win.Trojan.Agent-1460811
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/7avu23ww.exe: Win.Worm.Chir-916 FOUND
> ps-2.kev009.com/pccbbs/mobiles/1yg411ww.exe: Win.Trojan.Ramnit-6057 FOUND
> ps-2.kev009.com/pccbbs/mobiles/l1wln03us24.exe: Win.Trojan.Agent-1460811
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/7avu43ww.exe: Win.Worm.Chir-916 FOUND
> ps-2.kev009.com/pccbbs/mobiles/7awv05ww.exe: Win.Trojan.Agent-1460811 FOUND
> ps-2.kev009.com/pccbbs/mobiles/l1wln09us24.exe: Win.Trojan.Agent-1460811
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/ltmd1gxp.exe: Win.Trojan.Agent-5602801-0
> FOUND
> ps-2.kev009.com/pccbbs/mobiles/1rg408us.exe: Win.Trojan.Ramnit-6057 FOUND
> ps-2.kev009.com/pccbbs/mobiles/75u702aw.exe: Win.Trojan.Agent-682923 FOUND
> ps-2.kev009.com/pccbbs/mobiles/68wl01ww.exe: Win.Trojan.Agent-1460811 FOUND
> ps-2.kev009.com/pccbbs/mobiles/7avu42ww.exe: Win.Worm.Chir-916 FOUND
> ps-2.kev009.com/pccbbs/mobiles/65av08ww.exe: Win.Trojan.Ramnit-6552 FOUND
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> ps-2.kev009.com/pccbbs/options/pro_nt40.exe: Doc.Trojan.Wazzu-6 FOUND
> ps-2.kev009.com/pccbbs/options/q3kyb01us13.zip: Win.Trojan.Agent-354826
> FOUND
> ps-2.kev009.com/pccbbs/options/recovertool1gb_v1030.exe:
> Win.Trojan.Agent-1096954 FOUND
> ps-2.kev009.com/pccbbs/options/q3kyb03us13.exe: Win.Trojan.Agent-354826
> FOUND
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
> ps-2.kev009.com/pccbbs/netvista/e75z28us.exe: Win.Trojan.Agent-1815490 FOUND
> ps-2.kev009.com/pccbbs/netvista/e78z14us.exe: Win.Trojan.Agent-428481 FOUND
> ps-2.kev009.com/pccbbs/netvista/e75z17us.exe: Win.Trojan.Agent-421915 FOUND
> LibClamAV Warning: cli_scanicon: found 4 invalid icon entries of 4 total
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 8574078
> Engine version: 0.103.3
> Scanned directories: 4835
> Scanned files: 173409
> Infected files: 61
> Data scanned: 260806.00 MB
> Data read: 213651.94 MB (ratio 1.22:1)
> Time: 109320.057 sec (1822 m 0 s)
> Start Date: 2021:11:08 12:42:36
> End Date: 2021:11:09 19:04:36
>

I don't have the inclination to do some binary analysis but that's what
would need to be done. Signature based scans like this have little
relevance then or now.

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor