Need help? Ask the community or hire an expert.
Go to Avira Answers
??:TR/Agent.286049
????:13/12/2012
??:??
????:?
????????????
??/?????????
?? / ?????????
????:?
????:131.072 ??
MD5 ???:07FB56F72F4F50D93B7886D853B9C31D
VDF ??:7.11.53.216 - 2012년 12월 13일 목요일
IVDF ??:7.11.53.216 - 2012년 12월 13일 목요일

 ???? ????:
    ??????Autorun??
   • ????
    Messenger


??:
   •  Kaspersky: Trojan.Win32.Scar.egqm
     Avast: Win32:Downloader-IMU [Trj]


??/????:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows 7


???:
   • ?????
   • ??????????
   • ????
   • ?????
   • ????

 ?? ???????????:
   • %APPDATA%\%?????%.exe



???????????????

 ??? ???????????????????????:

  [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "%?????%"="%APPDATA%\%?????%.exe"

 Messenger ???? Messenger ???? ?????????:

Windows Live Messenger
 Yahoo Messenger

 IRC ????????????????????? IRC ???:

???: **********themarketbaby.com
??: %??%
??: %?????%

???: **********marketallone.com
??: %??%
??: %?????%

???: **********lighthousez11.com
??: %??%
??: %?????%



 ??????????????????:
    • ????
    • ???
    • Windows ??????


 ????????????:
     ??? IRC ???
     ?? DDoS SYN ????
     ?? DDoS UDP ????
     ? IRC ???????
    • ????
    • ?? IRC ??
    • ?? IRC ??
    • ?? DDoS ??
    • ??????
     ??????

 ?? ??????????:
 ?????????????

??? URL ??????????????????????????:
   • .moneybookers.; 1and1.com; 4shared.com; alertpay.com; aol.;
      bcointernacional; bigstring.; depositfiles.; dotster.com; dyndns;
      enom.com; facebook.; fastmail.; fileserv.com; filesonic.com;
      freakshare.com; gmx.; godaddy.com; google.; hackforums.; hotfile.com;
      letitbit.net; login.live.; login.yahoo.; mediafire.com; megaupload.;
      members*.iknowthatgirl; members.brazzers.com; moniker.com;
      namecheap.com; netflix.com; netload.in; no-ip; officebanking.cl;
      oron.com; paypal.; runescape; screenname.aol.; secure.logmein.;
      sendspace.com; signin.ebay; sms4file.com; speedyshare.com;
      steampowered; thepiratebay.org; torrentleech.org; twitter.com;
      uploaded.to; uploading.com; vip-file.com; webnames.ru; what.cd; whcms;
      youporn.

 ????:
     ????

 ????  ?????????????????

    ??????:
   • alg.exe; chrome.exe; csrss.exe; explorer.exe; firefox.exe; flock.exe;
      ieuser.exe; iexplore.exe; msmsgs.exe; msnmsgr.exe; opera.exe;
      pidgin.exe; services.exe; smss.exe; spoolsv.exe; svchost.exe;
      winlogon.exe; wlcomm.exe; wuauclt.exe; %????%



??:
?????????????:
   • *avast.*; *avira.*; *bitdefender.*; *bullguard.*; *clamav.*;
      *comodo.*; *emsisoft.*; *eset.*; *f-secure.*; *fortinet.*;
      *garyshood.*; *gdatasoftware.*; *heck.tc*; *iseclab.*; *jotti.*;
      *kaspersky.*; *lavasoft.*; *malwarebytes.*; *mcafee.*; *norman.*;
      *norton.*; *novirusthanks.*; *onecare.live.*; *onlinemalwarescanner.*;
      *pandasecurity.*; *precisesecurity.*; *sophos.*; *sunbeltsoftware.*;
      *symantec*; *threatexpert.*; *trendmicro.*; *virscan.*; *virus.*;
      *virusbuster.nprotect.*; *viruschief.*; *virustotal.*; *webroot.*


 ?? ?? Internet ???
   • api.wipmania.com

 ?????? ????:
????????? MS Visual C++ ????

설명 삽입자 Andrei Ilie   2011년 9월 29일 목요일
설명 업데이트 Andrei Ilie   2011년 9월 30일 금요일

뒤로 . . . .
https:// 이 창은 보안을 위해 암호화되었습니다.