Need help? Ask the community or hire an expert.
Go to Avira Answers
??:WORM/Dorkbot.A.99
????:13/12/2012
??:??
????:?
????????????
??/?????????
?? / ?????????
????:?
????:152.064 ??
MD5 ???:6346BB5BA8101E349560348E7649E43C
VDF ??:7.11.53.216 - donderdag 13 december 2012
IVDF ??:7.11.53.216 - donderdag 13 december 2012

 ???? ????:
    ??????Autorun??
   • ????
    Messenger


??:
   •  TrendMicro: TROJ_SPNR.02F711
   •  Sophos: Mal/Behav-103
     Microsoft: Worm:Win32/Dorkbot


??/????:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows 7


???:
   • ?????
   • ??????????
   • ????
   • ?????
   • ????

 ?? ???????????:
   • %APPDATA%\%?????%.exe



???????????????

 ??? ???????????????????????:

  [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "%?????%"="%APPDATA%\%?????%.exe"

 Messenger ???? Messenger ???? ?????????:

Windows Live Messenger
 Yahoo Messenger

 IRC ????????????????????? IRC ???:

???: **********.a7aneek.net
??: 3212
??: %?????%



 ??????????????????:
    • ????
    • ???
    • Windows ??????


 ????????????:
     ??? IRC ???
     ?? DDoS SYN ????
     ?? DDoS UDP ????
     ? IRC ???????
    • ????
    • ?? IRC ??
    • ?? IRC ??
    • ?? DDoS ??
    • ??????
     ??????

 ?? ??????????:
 ?????????????

??? URL ??????????????????????????:
   • .moneybookers.; 1and1.com; 4shared.com; alertpay.com; aol.;
      bcointernacional; bigstring.; depositfiles.; dotster.com; dyndns;
      enom.com; facebook.; fastmail.; fileserv.com; filesonic.com;
      freakshare.com; gmx.; godaddy.com; google.; hackforums.; hotfile.com;
      letitbit.net; login.live.; login.yahoo.; mediafire.com; megaupload.;
      members*.iknowthatgirl; members.brazzers.com; moniker.com;
      namecheap.com; netflix.com; netload.in; no-ip; officebanking.cl;
      oron.com; paypal.; runescape; screenname.aol.; secure.logmein.;
      sendspace.com; signin.ebay; sms4file.com; speedyshare.com;
      steampowered; thepiratebay.org; torrentleech.org; twitter.com;
      uploaded.to; uploading.com; vip-file.com; webnames.ru; what.cd; whcms;
      youporn.

 ????:
     ????

 ????  ?????????????????

    ??????:
   • alg.exe; chrome.exe; csrss.exe; explorer.exe; firefox.exe; flock.exe;
      ieuser.exe; iexplore.exe; msmsgs.exe; msnmsgr.exe; opera.exe;
      pidgin.exe; services.exe; smss.exe; spoolsv.exe; svchost.exe;
      winlogon.exe; wlcomm.exe; wuauclt.exe; %????%



??:
?????????????:
   • *avast.*; *avira.*; *bitdefender.*; *bullguard.*; *clamav.*;
      *comodo.*; *emsisoft.*; *eset.*; *f-secure.*; *fortinet.*;
      *garyshood.*; *gdatasoftware.*; *heck.tc*; *iseclab.*; *jotti.*;
      *kaspersky.*; *lavasoft.*; *malwarebytes.*; *mcafee.*; *norman.*;
      *norton.*; *novirusthanks.*; *onecare.live.*; *onlinemalwarescanner.*;
      *pandasecurity.*; *precisesecurity.*; *sophos.*; *sunbeltsoftware.*;
      *symantec*; *threatexpert.*; *trendmicro.*; *virscan.*; *virus.*;
      *virusbuster.nprotect.*; *viruschief.*; *virustotal.*; *webroot.*


 ?? ?? Internet ???
   • api.wipmania.com


Mutex:
?????? Mutex:
   • FvLQ49IlzIyLjj6m

Beschrijving ingevoegd door Andrei Ilie op donderdag 22 september 2011
Beschrijving bijgewerkt door Andrei Ilie op vrijdag 23 september 2011

Terug . . . .
https:// Dit venster is voor uw veiligheid gecodeerd.