Need help? Ask the community or hire an expert.
Go to Avira Answers
??:WORM/Dorkbot.A.95
????:13/12/2012
??:??
????:?
????????????
??/?????????
?? / ?????????
????:?
????:122.880 ??
MD5 ???:41F1696FD0BAAC14B4FBCA8C9DAA60C6
VDF ??:7.11.53.216 - 13 Aralık 2012 Perşembe
IVDF ??:7.11.53.216 - 13 Aralık 2012 Perşembe

 ???? ????:
    ??????Autorun??
   • ????
    Messenger


??:
   •  Kaspersky: Backdoor.Win32.Ruskill.aat
   •  TrendMicro: BKDR_RUSKILL.AA
AhnLab: Win-Trojan/Injector.122880.DV


??/????:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows 7


???:
   • ?????
   • ??????????
   • ????
   • ?????
   • ????

 ?? ???????????:
   • %APPDATA%\%?????%.exe



???????????????

 ??? ???????????????????????:

  [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
   • "%?????%"="%APPDATA%\%?????%.exe"

 Messenger ???? Messenger ???? ?????????:

Windows Live Messenger
 Yahoo Messenger

 IRC ????????????????????? IRC ???:

???: **********rketallone.com
??: 3800
??: %?????%

???: **********ghthousez11.com
??: 3800
??: %?????%



 ??????????????????:
    • ????
    • ???
    • Windows ??????


 ????????????:
     ??? IRC ???
     ?? DDoS SYN ????
     ?? DDoS UDP ????
     ? IRC ???????
    • ????
    • ?? IRC ??
    • ?? IRC ??
    • ?? DDoS ??
    • ??????
     ??????

 ?? ??????????:
 ?????????????

??? URL ??????????????????????????:
   • .moneybookers.; 1and1.com; 4shared.com; alertpay.com; aol.;
      bcointernacional; bigstring.; depositfiles.; dotster.com; dyndns;
      enom.com; facebook.; fastmail.; fileserv.com; filesonic.com;
      freakshare.com; gmx.; godaddy.com; google.; hackforums.; hotfile.com;
      letitbit.net; login.live.; login.yahoo.; mediafire.com; megaupload.;
      members*.iknowthatgirl; members.brazzers.com; moniker.com;
      namecheap.com; netflix.com; netload.in; no-ip; officebanking.cl;
      oron.com; paypal.; runescape; screenname.aol.; secure.logmein.;
      sendspace.com; signin.ebay; sms4file.com; speedyshare.com;
      steampowered; thepiratebay.org; torrentleech.org; twitter.com;
      uploaded.to; uploading.com; vip-file.com; webnames.ru; what.cd; whcms;
      youporn.

 ????:
     ????

 ????  ?????????????????

    ??????:
   • alg.exe; chrome.exe; csrss.exe; explorer.exe; firefox.exe; flock.exe;
      ieuser.exe; iexplore.exe; msmsgs.exe; msnmsgr.exe; opera.exe;
      pidgin.exe; services.exe; smss.exe; spoolsv.exe; svchost.exe;
      winlogon.exe; wlcomm.exe; wuauclt.exe; %????%



??:
?????????????:
   • *avast.*; *avira.*; *bitdefender.*; *bullguard.*; *clamav.*;
      *comodo.*; *emsisoft.*; *eset.*; *f-secure.*; *fortinet.*;
      *garyshood.*; *gdatasoftware.*; *heck.tc*; *iseclab.*; *jotti.*;
      *kaspersky.*; *lavasoft.*; *malwarebytes.*; *mcafee.*; *norman.*;
      *norton.*; *novirusthanks.*; *onecare.live.*; *onlinemalwarescanner.*;
      *pandasecurity.*; *precisesecurity.*; *sophos.*; *sunbeltsoftware.*;
      *symantec*; *threatexpert.*; *trendmicro.*; *virscan.*; *virus.*;
      *virusbuster.nprotect.*; *viruschief.*; *virustotal.*; *webroot.*


 ?? ?? Internet ???
   • api.wipmania.com

 ?????? ????:
????????? MS Visual C++ ????

Açıklamayı yerleştiren Andrei Ilie tarihinde 3 Ekim 2011 Pazartesi
Açıklamayı güncelleyen: Andrei Ilie tarihinde 4 Ekim 2011 Salı

Geri . . . .
https:// Bu pencere güvenlik amacıyla şifrelenmiştir.