%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\live[1].asp
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\px4d5c4a4d.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\px445f434e.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\px44504341.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\px44514340.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\px445e434f.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\px47554044.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\px47564047.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\px47574046.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\px44564347.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\px44574346.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\px4c5d4b4c.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\px44554344.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\px44524343.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\px44534342.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\px44544345.blog[1]
Sets the 'hidden' attribute to the following files:
<Drive name for removable media>:\autorun.inf
C:\autorun.inf
Deletes the following files:
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\px47564047.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\px46574146.blog[1]
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\px41504641.blog[1]
%TEMP%\rasphones.exe
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\live[1].asp
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\px44554344.blog[1]
Network activity:
Connects to:
'px####4143.blog.com':80
'px####4142.blog.com':80
'px####4145.blog.com':80
'px####414e.blog.com':80
'px####4141.blog.com':80
'px####4140.blog.com':80
'px####404e.blog.com':80
'px####4041.blog.com':80
'px####4040.blog.com':80
'px####4144.blog.com':80
'px####4147.blog.com':80
'px####404f.blog.com':80
'px####414f.blog.com':80
'px####464f.blog.com':80
'px####464e.blog.com':80
'px####4640.blog.com':80
'px####4744.blog.com':80
'px####4747.blog.com':80
'px####4746.blog.com':80
'px####4644.blog.com':80
'px####4647.blog.com':80
'px####4646.blog.com':80
'px####4643.blog.com':80
'px####4642.blog.com':80
'px####4645.blog.com':80
'px####4542.blog.com':80
'px####4443.blog.com':80
'px####4740.blog.com':80
'px####4346.blog.com':80
'px####4b4c.blog.com':80
'px####4a4d.blog.com':80
'px####4344.blog.com':80
'www.tv###456789.com':80
'localhost':1036
'px####4641.blog.com':80
'px####4146.blog.com':80
'px####4047.blog.com':80
'px####4347.blog.com':80
'px####4044.blog.com':80
'px####4046.blog.com':80
'px####434f.blog.com':80
'px####4043.blog.com':80
'px####4042.blog.com':80
'px####4045.blog.com':80
'px####4343.blog.com':80
'px####4342.blog.com':80
'px####4345.blog.com':80
'px####434e.blog.com':80
'px####4341.blog.com':80
'px####4340.blog.com':80
TCP:
HTTP GET requests:
px####4140.blog.com/
px####4143.blog.com/
px####4142.blog.com/
px####414f.blog.com/
px####414e.blog.com/
px####4141.blog.com/
px####404f.blog.com/
px####404e.blog.com/
px####4041.blog.com/
px####4145.blog.com/
px####4144.blog.com/
px####4147.blog.com/
px####464f.blog.com/
px####464e.blog.com/
px####4640.blog.com/
px####4744.blog.com/
px####4747.blog.com/
px####4746.blog.com/
px####4644.blog.com/
px####4647.blog.com/
px####4646.blog.com/
px####4643.blog.com/
px####4642.blog.com/
px####4645.blog.com/
px####4040.blog.com/
px####4a4d.blog.com/
px####4542.blog.com/
px####4443.blog.com/
px####4347.blog.com/
px####4346.blog.com/
px####4b4c.blog.com/
px####4047.blog.com/
px####4344.blog.com/
www.tv###456789.com/live.asp
px####4740.blog.com/
px####4641.blog.com/
px####4146.blog.com/
px####4044.blog.com/
px####4046.blog.com/
px####434f.blog.com/
px####4043.blog.com/
px####4042.blog.com/
px####4045.blog.com/
px####4343.blog.com/
px####4342.blog.com/
px####4345.blog.com/
px####434e.blog.com/
px####4341.blog.com/
px####4340.blog.com/
UDP:
DNS ASK px####4143.blog.com
DNS ASK px####4142.blog.com
DNS ASK px####4145.blog.com
DNS ASK px####414e.blog.com
DNS ASK px####4141.blog.com
DNS ASK px####4140.blog.com
DNS ASK px####404e.blog.com
DNS ASK px####4041.blog.com
DNS ASK px####4040.blog.com
DNS ASK px####4144.blog.com
DNS ASK px####4147.blog.com
DNS ASK px####404f.blog.com
DNS ASK px####414f.blog.com
DNS ASK px####464f.blog.com
DNS ASK px####464e.blog.com
DNS ASK px####4640.blog.com
DNS ASK px####4744.blog.com
DNS ASK px####4747.blog.com
DNS ASK px####4746.blog.com
DNS ASK px####4644.blog.com
DNS ASK px####4647.blog.com
DNS ASK px####4646.blog.com
DNS ASK px####4643.blog.com
DNS ASK px####4642.blog.com
DNS ASK px####4645.blog.com
DNS ASK px####4542.blog.com
DNS ASK px####4443.blog.com
DNS ASK px####4740.blog.com
DNS ASK px####4346.blog.com
DNS ASK px####4b4c.blog.com
DNS ASK px####4a4d.blog.com
DNS ASK px####4344.blog.com
DNS ASK www.ba##u.com
DNS ASK www.tv###456789.com
DNS ASK px####4641.blog.com
DNS ASK px####4146.blog.com
DNS ASK px####4047.blog.com
DNS ASK px####4347.blog.com
DNS ASK px####4044.blog.com
DNS ASK px####4046.blog.com
DNS ASK px####434f.blog.com
DNS ASK px####4043.blog.com
DNS ASK px####4042.blog.com
DNS ASK px####4045.blog.com
DNS ASK px####4343.blog.com
DNS ASK px####4342.blog.com
DNS ASK px####4345.blog.com
DNS ASK px####434e.blog.com
DNS ASK px####4341.blog.com
DNS ASK px####4340.blog.com
Miscellaneous:
Searches for the following windows:
ClassName: 'GxWindowClass' WindowName: ''
ClassName: 'IEFrame' WindowName: ''
ClassName: '360se_Frame' WindowName: ''
ClassName: 'GxWindowClassD3d' WindowName: ''
ClassName: 'Shell_TrayWnd' WindowName: ''
ClassName: 'MS_AutodialMonitor' WindowName: ''
ClassName: 'MS_WebcheckMonitor' WindowName: ''
Scaricate Dr.Web per Android
Gratis per 3 mesi
Tutti i componenti di protezione
Rinnovo versione di prova tramite AppGallery/Google Pay
Continuando a utilizzare questo sito, l'utente acconsente al nostro utilizzo di file Cookie e di altre tecnologie per la raccolta di informazioni statistiche sui visitatori. Per maggiori informazioni