FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
Support services
Scanners
Dr.Web vxCube
Trial
VCI investigations
Virus library
Knowledge base

Technologies

Terminology

Training and education

Myths

News

Trojan.DownLoader10.3480

Added to the Dr.Web virus database: 2013-08-14

Virus description added:

Technical Information

To ensure autorun and distribution:
Creates the following services:
  • [<HKLM>\SYSTEM\ControlSet001\Services\MSWindows] 'Start' = '00000002'
Malicious functions:
Creates and executes the following:
  • '<SYSTEM32>\urdvxc.exe' /service
  • '<SYSTEM32>\urdvxc.exe' /uninstallservice patch:<Full path to virus>
  • '<SYSTEM32>\urdvxc.exe' /installservice
  • '<SYSTEM32>\urdvxc.exe' /start
Executes the following:
  • '<SYSTEM32>\dumprep.exe' 1120 -dm 7 7 %TEMP%\WER2ebe.dir00\svchost.exe.mdmp 16325836412032124
Modifies file system :
Creates the following files:
  • %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\hltjtlne.exe
  • %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\cpow\ketssrzn.exe
  • %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\sjwzlskk.exe
  • %PROGRAM_FILES%\NetMeeting\rsewzjqn.exe
  • %PROGRAM_FILES%\FireFox\chrome\toolkit\res\lhbtcvlt.exe
  • %PROGRAM_FILES%\FireFox\chrome\toolkit\content\global\jjjthqtn.exe
  • %CommonProgramFiles%\Microsoft Shared\Stationery\vkjljzrn.exe
  • <SYSTEM32>\urdvxc.exe
  • %CommonProgramFiles%\Microsoft Shared\Stationery\bhrhnkht.exe
  • %CommonProgramFiles%\System\ado\tsektjkj.exe
  • %CommonProgramFiles%\Microsoft Shared\Stationery\xrljqjzn.exe
Deletes itself.
Network activity:
Connects to:
  • '13#.#42.26.113':139
  • '13#.#42.64.55':139
  • '13#.#42.24.149':445
  • '13#.#42.235.187':139
  • '13#.#42.217.182':139
  • '13#.#42.108.245':139
  • '13#.#42.19.197':139
  • '13#.#42.18.128':445
  • '13#.#42.165.208':445
  • '13#.#42.32.243':445
  • '13#.#42.25.68':445
  • '13#.#42.118.92':445
  • '13#.#42.226.8':445
  • '13#.#42.162.104':445
  • '13#.#42.238.234':445
  • '13#.#42.37.139':139
  • '13#.#42.136.30':139
  • '13#.#42.193.74':139
  • '13#.#42.219.173':445
  • '13#.#42.96.38':139
  • '13#.#42.45.96':139
  • '13#.#42.70.128':139
  • '13#.#42.108.7':139
  • '13#.#42.219.173':139
  • '13#.#42.97.216':139
  • '13#.#42.99.1':139
  • '13#.#42.33.38':139
  • '13#.#42.85.200':139
  • '13#.#42.136.123':139
  • '13#.#42.137.222':445
  • '13#.#42.137.222':139
  • '13#.#42.12.84':445
  • '13#.#42.165.208':139
  • '13#.#42.8.122':139
  • '13#.#42.119.54':139
  • '13#.#42.39.206':445
  • '13#.#42.238.234':139
  • '13#.#42.2.98':139
  • '13#.#42.118.92':139
  • '13#.#42.25.68':139
  • '13#.#42.101.202':445
  • '13#.#42.81.75':139
  • '13#.#42.60.128':139
  • '13#.#42.254.44':445
  • '13#.#42.32.243':139
  • '13#.#42.81.75':445
  • '13#.#42.12.84':139
  • '13#.#42.15.196':139
  • '13#.#42.134.116':445
  • '13#.#42.161.235':139
  • '13#.#42.24.149':139
  • '13#.#42.202.26':445
  • '13#.#42.60.128':445
  • '13#.#42.205.252':445
  • '13#.#42.57.58':445
  • '13#.#42.162.104':139
  • '13#.#42.84.163':139
  • '13#.#42.2.98':445
  • '13#.#42.176.146':445
  • '13#.#42.183.200':445
  • '13#.#42.226.8':139
  • '13#.#42.18.128':139
  • '13#.#42.84.163':445
  • '13#.#42.52.104':445
  • '13#.#42.23.122':445
  • '13#.#42.215.12':445
  • '13#.#42.11.152':445
  • '13#.#42.156.24':445
  • '13#.#42.24.189':445
  • '13#.#42.189.98':445
  • '13#.#42.221.147':445
  • '13#.#42.59.133':445
  • '13#.#42.173.56':445
  • '13#.#42.45.96':445
  • '13#.#42.211.97':445
  • '13#.#42.62.215':445
  • '13#.#42.23.25':445
  • '13#.142.8.4':445
  • '13#.#42.3.216':445
  • '13#.#42.60.177':139
  • '13#.#42.73.41':139
  • '13#.#42.60.22':139
  • '13#.#42.73.41':445
  • '13#.#42.38.151':139
  • '13#.#42.139.187':139
  • '13#.#42.29.60':139
  • '13#.#42.21.116':139
  • '13#.#42.154.22':139
  • '13#.#42.116.63':139
  • '13#.#42.181.48':139
  • '13#.#42.98.10':139
  • '13#.#42.105.238':139
  • '13#.#42.41.115':139
  • '13#.#42.98.10':445
  • '13#.#42.169.93':445
  • '13#.#42.221.147':139
  • '13#.#42.52.104':139
  • '13#.#42.62.215':139
  • '13#.#42.23.122':139
  • '13#.#42.99.48':445
  • '13#.#42.11.152':139
  • '13#.#42.215.12':139
  • '13#.#42.23.25':139
  • '13#.#42.59.133':139
  • '13#.#42.173.56':139
  • '13#.#42.169.93':139
  • '13#.#42.77.75':139
  • '13#.142.8.4':139
  • '13#.#42.211.97':139
  • '13#.#42.77.75':445
  • '13#.#42.189.98':139
  • '13#.#42.85.200':445
  • '13#.#42.193.74':445
  • '13#.#42.97.216':445
  • '13#.#42.136.30':445
  • '13#.#42.70.128':445
  • '13#.#42.108.7':445
  • '13#.#42.96.38':445
  • '13#.#42.99.1':445
  • '13#.#42.3.216':139
  • '13#.#42.156.24':139
  • '13#.#42.24.189':139
  • '13#.#42.64.55':445
  • '13#.#42.33.38':445
  • '13#.#42.217.182':445
  • '13#.#42.26.113':445
  • '13#.#42.75.2':445
  • '13#.#42.34.166':445
  • '13#.#42.1.241':445
  • '13#.#42.1.188':445
  • '13#.#42.142.36':445
  • '13#.#42.52.188':445
  • '13#.#42.93.64':445
  • '13#.#42.53.231':445
  • '13#.#42.10.193':445
  • '13#.#42.151.65':445
  • '13#.#42.217.205':445
  • '13#.#42.114.58':445
  • '13#.#42.221.49':445
  • '13#.#42.35.192':445
  • '13#.#42.35.83':445
  • '13#.#42.131.138':445
  • '13#.#42.12.10':445
  • '13#.#42.12.10':139
  • '13#.#42.85.237':139
  • '13#.#42.77.220':139
  • '13#.#42.223.106':139
  • '13#.#42.147.228':139
  • '13#.#42.1.79':139
  • '13#.#42.90.196':139
  • '13#.#42.81.83':445
  • '13#.#42.55.0':445
  • '13#.#42.79.123':445
  • '13#.#42.137.158':445
  • '13#.#42.155.151':445
  • '13#.#42.54.77':445
  • '13#.#42.136.92':445
  • '13#.#42.155.151':139
  • '13#.#42.53.231':139
  • '13#.#42.221.49':139
  • '13#.#42.35.192':139
  • '13#.#42.1.241':139
  • '13#.#42.44.75':139
  • '13#.#42.75.2':139
  • '13#.#42.34.166':139
  • '13#.#42.35.83':139
  • '13#.#42.193.52':139
  • '13#.#42.217.205':139
  • '13#.#42.2.77':445
  • '13#.#42.10.193':139
  • '13#.#42.114.58':139
  • '13#.#42.58.151':139
  • '13#.#42.151.65':139
  • '13#.#42.184.174':139
  • '13#.#42.137.158':139
  • '13#.#42.81.83':139
  • '13#.#42.55.0':139
  • '13#.#42.136.92':139
  • '13#.#42.28.45':139
  • '13#.#42.84.217':139
  • '13#.#42.54.77':139
  • '13#.#42.159.68':139
  • '13#.#42.93.64':139
  • '13#.#42.52.188':139
  • '13#.#42.1.188':139
  • '13#.#42.142.36':139
  • '13#.#42.79.123':139
  • '13#.#42.131.138':139
  • '13#.#42.156.127':139
  • '13#.#42.62.20':445
  • '13#.#42.19.33':445
  • '13#.#42.250.250':445
  • '13#.#42.91.237':445
  • '13#.#42.142.50':445
  • '13#.#42.118.54':445
  • '13#.#42.66.236':445
  • '13#.#42.162.109':445
  • '13#.#42.147.228':445
  • '13#.#42.1.79':445
  • '13#.#42.90.196':445
  • '13#.#42.223.106':445
  • '13#.#42.110.41':445
  • '13#.#42.10.41':445
  • '13#.#42.15.179':445
  • '13#.#42.142.141':445
  • '13#.#42.57.58':139
  • '13#.#42.10.52':445
  • '13#.#42.88.127':445
  • '13#.#42.134.116':139
  • '13#.#42.101.202':139
  • '13#.#42.202.26':139
  • '13#.#42.205.252':139
  • '13#.#42.165.188':445
  • '13#.#42.213.110':445
  • '13#.#42.35.199':445
  • '13#.#42.66.133':445
  • '13#.#42.46.28':445
  • '13#.#42.41.154':445
  • '13#.#42.228.104':445
  • '13#.#42.93.23':445
  • '13#.#42.85.237':445
  • '13#.#42.2.92':139
  • '13#.#42.118.54':139
  • '13#.#42.66.236':139
  • '13#.#42.2.92':445
  • '13#.#42.162.53':139
  • '13#.#42.142.141':139
  • '13#.#42.142.50':139
  • '13#.#42.91.237':139
  • '13#.#42.110.41':139
  • '13#.#42.10.41':139
  • '13#.#42.15.179':139
  • '13#.#42.162.109':139
  • '13#.#42.62.20':139
  • '13#.#42.250.250':139
  • '13#.#42.19.33':139
  • '13#.#42.162.53':445
  • '13#.#42.177.138':139
  • '13#.#42.165.188':139
  • '13#.#42.213.110':139
  • '13#.#42.88.127':139
  • '13#.#42.10.52':139
  • '13#.#42.221.87':445
  • '13#.#42.221.87':139
  • '13#.#42.41.154':139
  • '13#.#42.66.133':139
  • '13#.#42.238.52':445
  • '13#.#42.238.52':139
  • '13#.#42.35.199':139
  • '13#.#42.228.104':139
  • '13#.#42.93.23':139
  • '13#.#42.46.28':139
  • '13#.#42.62.38':139
  • '13#.#42.161.191':139
  • '13#.#42.109.31':445
  • '13#.#42.109.31':139
  • '13#.#42.196.161':139
  • '13#.#42.194.150':139
  • '13#.#42.150.123':139
  • '13#.#42.123.142':139
  • '13#.#42.181.186':139
  • '13#.#42.11.147':139
  • '13#.#42.93.78':139
  • '13#.#42.12.225':139
  • '13#.#42.19.39':139
  • '13#.#42.125.27':139
  • '13#.#42.0.28':139
  • '13#.#42.0.50':139
  • '13#.#42.121.148':139
  • '13#.#42.87.31':139
  • '13#.#42.2.118':139
  • '13#.#42.117.243':139
  • '13#.#42.177.195':139
  • '13#.#42.96.215':139
  • '13#.#42.215.169':139
  • '13#.#42.170.162':139
  • '13#.#42.179.33':139
  • '13#.#42.228.232':139
  • '13#.#42.60.167':139
  • '13#.#42.65.228':139
  • '13#.#42.142.229':139
  • '13#.#42.165.181':139
  • '13#.#42.251.160':139
  • '13#.#42.236.142':139
  • '13#.#42.181.44':139
  • '13#.#42.122.249':445
  • '13#.#42.10.167':445
  • '13#.#42.149.218':445
  • '13#.#42.115.35':445
  • '13#.#42.144.55':445
  • '13#.#42.75.6':445
  • '13#.#42.4.77':445
  • '13#.#42.77.181':139
  • '13#.#42.66.189':139
  • '13#.#42.189.153':139
  • '13#.#42.25.235':139
  • '13#.#42.90.66':139
  • '13#.#42.42.127':139
  • '13#.#42.255.1':139
  • '13#.#42.2.90':139
  • '13#.#42.18.163':445
  • '13#.#42.141.160':139
  • '13#.#42.3.21':139
  • '13#.#42.77.181':445
  • '13#.#42.71.99':139
  • '13#.#42.77.92':139
  • '13#.#42.150.8':139
  • '13#.#42.118.141':139
  • '13#.#42.2.90':445
  • '13#.#42.206.202':445
  • '13#.#42.77.11':445
  • '13#.#42.189.153':445
  • '13#.#42.91.193':445
  • '13#.#42.90.66':445
  • '13#.#42.25.235':445
  • '13#.#42.72.152':445
  • '13#.#42.101.245':139
  • '13#.#42.123.167':139
  • '13#.#42.161.243':445
  • '13#.#42.183.80':139
  • '13#.#42.7.164':139
  • '13#.#42.164.166':139
  • '13#.#42.55.42':139
  • '13#.#42.161.243':139
  • '13#.#42.101.98':139
  • '13#.#42.129.117':139
  • '13#.#42.109.241':445
  • '13#.#42.101.98':445
  • '13#.#42.183.185':139
  • '13#.#42.23.184':139
  • '13#.#42.29.215':139
  • '13#.#42.166.7':139
  • '13#.#42.209.228':139
  • '13#.#42.86.44':445
  • '13#.#42.30.95':139
  • '13#.#42.44.24':139
  • '13#.#42.77.239':139
  • '13#.#42.24.101':139
  • '13#.#42.20.8':139
  • '13#.#42.86.44':139
  • '13#.#42.193.139':139
  • '13#.#42.182.83':139
  • '13#.#42.38.131':139
  • '13#.#42.193.139':445
  • '13#.#42.133.39':139
  • '13#.#42.15.145':139
  • '13#.#42.190.55':139
  • '13#.#42.218.247':445
  • '13#.#42.0.50':445
  • '13#.#42.19.39':445
  • '13#.#42.71.99':445
  • '13#.#42.0.28':445
  • '13#.#42.181.186':445
  • '13#.#42.196.161':445
  • '13#.#42.125.27':445
  • '13#.#42.150.8':445
  • '13#.#42.93.78':445
  • '13#.#42.3.21':445
  • '13#.#42.218.247':139
  • '13#.#42.77.92':445
  • '13#.#42.118.141':445
  • '13#.#42.181.44':445
  • '13#.#42.12.225':445
  • '13#.#42.161.191':445
  • '13#.#42.251.160':445
  • '13#.#42.179.33':445
  • '13#.#42.236.142':445
  • '13#.#42.87.31':445
  • '13#.#42.215.169':445
  • '13#.#42.170.162':445
  • '13#.#42.177.195':445
  • '13#.#42.142.229':445
  • '13#.#42.194.150':445
  • '13#.#42.150.123':445
  • '13#.#42.123.142':445
  • '13#.#42.65.228':445
  • '13#.#42.60.167':445
  • '13#.#42.228.232':445
  • '13#.#42.121.148':445
  • '13#.#42.245.177':139
  • '13#.#42.37.108':139
  • '13#.#42.172.52':139
  • '13#.#42.44.97':139
  • '13#.#42.119.175':139
  • '13#.#42.181.109':139
  • '13#.#42.48.1':139
  • '13#.#42.10.127':139
  • '13#.#42.56.110':445
  • '13#.#42.202.8':445
  • '13#.#42.22.173':445
  • '13#.#42.170.16':445
  • '13#.#42.10.229':445
  • '13#.#42.75.127':445
  • '13#.#42.67.104':445
  • '13#.#42.55.5':139
  • '13#.#42.30.237':139
  • '13#.#42.23.199':139
  • '13#.#42.232.19':445
  • '13#.#42.132.58':139
  • '13#.#42.8.25':139
  • '13#.#42.57.83':139
  • '13#.#42.137.253':139
  • '13#.#42.250.97':139
  • '13#.#42.0.44':139
  • '13#.#42.155.141':445
  • '13#.#42.155.141':139
  • '13#.#42.168.35':139
  • '13#.#42.58.47':139
  • '13#.#42.241.167':139
  • '13#.#42.0.44':445
  • '13#.#42.69.141':445
  • '13#.#42.148.31':139
  • '13#.#42.22.173':139
  • '13#.#42.202.8':139
  • '13#.#42.148.31':445
  • '13#.#42.67.104':139
  • '13#.#42.170.16':139
  • '13#.#42.56.110':139
  • '13#.#42.69.141':139
  • '13#.#42.128.83':139
  • '13#.#42.112.206':139
  • '13#.#42.185.62':445
  • '13#.#42.131.96':139
  • '13#.#42.151.131':445
  • '13#.#42.151.131':139
  • '13#.#42.112.206':445
  • '13#.#42.75.127':139
  • '13#.#42.38.151':445
  • '13#.#42.139.187':445
  • '13#.#42.60.177':445
  • '13#.#42.29.60':445
  • '13#.#42.131.96':445
  • '13#.#42.128.83':445
  • '13#.#42.62.38':445
  • '13#.#42.60.22':445
  • '13#.#42.154.22':445
  • '13#.#42.181.48':445
  • '13#.#42.10.229':139
  • '13#.#42.116.63':445
  • '13#.#42.21.116':445
  • '13#.#42.105.238':445
  • '13#.#42.41.115':445
  • '13#.#42.198.224':139
  • '13#.#42.190.83':139
  • '13#.#42.10.167':139
  • '13#.#42.239.45':139
  • '13#.#42.200.196':139
  • '13#.#42.183.49':139
  • '13#.#42.62.105':139
  • '13#.#42.115.35':139
  • '13#.#42.149.218':139
  • '13#.#42.173.115':445
  • '13#.#42.61.169':445
  • '13#.#42.122.249':139
  • '13#.#42.73.181':139
  • '13#.#42.22.154':139
  • '13#.#42.34.157':139
  • '13#.#42.176.22':139
  • '13#.#42.72.152':139
  • '13#.#42.18.163':139
  • '13#.#42.144.55':139
  • '13#.#42.91.193':139
  • '13#.#42.206.202':139
  • '13#.#42.201.226':139
  • '13#.#42.77.11':139
  • '13#.#42.75.6':139
  • '13#.#42.200.196':445
  • '13#.#42.160.34':139
  • '13#.#42.18.52':139
  • '13#.#42.176.22':445
  • '13#.#42.146.71':139
  • '13#.#42.4.77':139
  • '13#.#42.77.160':139
  • '13#.#42.15.233':445
  • '13#.#42.61.169':139
  • '13#.#42.209.107':445
  • '13#.#42.209.107':139
  • '13#.#42.173.115':139
  • '13#.#42.172.52':445
  • '13#.#42.10.127':445
  • '13#.#42.37.108':445
  • '13#.#42.107.213':445
  • '13#.#42.249.142':139
  • '13#.#42.72.153':139
  • '13#.#42.153.8':139
  • '13#.#42.73.182':139
  • '13#.#42.107.213':139
  • '13#.#42.15.233':139
  • '13#.#42.70.26':139
  • '13#.#42.48.1':445
  • '13#.#42.153.8':445
  • '13#.#42.137.253':445
  • '13#.#42.8.25':445
  • '13#.#42.57.83':445
  • '13#.#42.73.182':445
  • '13#.#42.249.142':445
  • '13#.#42.72.153':445
  • '13#.#42.132.58':445
  • '13#.#42.58.47':445
  • '13#.#42.55.5':445
  • '13#.#42.119.175':445
  • '13#.#42.241.167':445
  • '13#.#42.30.237':445
  • '13#.#42.23.199':445
  • '13#.#42.168.35':445
  • '13#.#42.224.228':445
  • '13#.#42.81.71':445
  • '13#.#42.244.164':445
  • '13#.#42.112.37':445
  • '13#.#42.126.48':445
  • '13#.#42.23.245':445
  • '13#.#42.34.39':445
  • '13#.#42.194.146':445
  • '13#.#42.16.56':139
  • '13#.#42.102.165':139
  • '13#.#42.164.159':139
  • '13#.#42.69.168':139
  • '13#.#42.75.253':445
  • '13#.#42.253.135':445
  • '13#.#42.46.34':139
  • '13#.#42.136.75':445
  • '13#.#42.17.74':139
  • '13#.#42.180.228':139
  • '13#.#42.5.100':139
  • '13#.#42.147.30':139
  • '13#.#42.196.33':139
  • '13#.#42.65.41':139
  • '13#.#42.125.178':139
  • '13#.#42.69.168':445
  • '13#.#42.159.154':445
  • '13#.#42.143.105':445
  • '13#.#42.194.88':445
  • '13#.#42.16.56':445
  • '13#.#42.164.159':445
  • '13#.#42.102.165':445
  • '13#.#42.46.34':445
  • '13#.#42.159.154':139
  • '13#.#42.189.224':9988
  • '13#.#42.106.194':9988
  • '13#.#42.23.249':9988
  • '13#.#42.214.155':9988
  • '13#.#42.253.135':139
  • '13#.#42.68.68':139
  • '13#.#42.76.100':9988
  • '13#.#42.169.218':9988
  • '13#.#42.33.226':9988
  • '13#.#42.233.45':9988
  • '13#.#42.133.182':139
  • '13#.#42.55.48':9988
  • '13#.#42.47.139':9988
  • '13#.#42.226.241':9988
  • '13#.#42.143.238':9988
  • '13#.#42.75.253':139
  • '13#.#42.48.217':139
  • '13#.#42.23.245':139
  • '13#.#42.73.99':139
  • '13#.#42.126.48':139
  • '13#.#42.136.75':139
  • '13#.#42.194.88':139
  • '13#.#42.143.105':139
  • '13#.#42.244.164':139
  • '13#.#42.194.146':139
  • '13#.#42.34.39':139
  • '13#.#42.112.37':139
  • '13#.#42.174.241':139
  • '13#.#42.81.71':139
  • '13#.#42.118.68':139
  • '13#.#42.224.228':139
  • '13#.#42.73.88':445
  • '13#.#42.153.233':445
  • '13#.#42.125.178':445
  • '13#.#42.70.5':445
  • '13#.#42.222.242':445
  • '13#.#42.238.208':445
  • '13#.#42.12.13':445
  • '13#.#42.24.112':445
  • '13#.#42.196.33':445
  • '13#.#42.180.228':445
  • '13#.#42.107.105':445
  • '13#.#42.65.41':445
  • '13#.#42.147.30':445
  • '13#.#42.12.8':445
  • '13#.#42.17.74':445
  • '13#.#42.18.90':445
  • '13#.#42.203.23':445
  • '13#.#42.169.91':445
  • '13#.142.7.0':445
  • '13#.#42.49.186':445
  • '13#.#42.192.126':445
  • '13#.#42.78.113':445
  • '13#.#42.146.240':445
  • '13#.#42.104.18':445
  • '13#.#42.176.109':445
  • '13#.#42.11.173':445
  • '13#.#42.172.215':445
  • '13#.#42.155.51':445
  • '13#.#42.188.165':445
  • '13#.#42.175.200':445
  • '13#.#42.131.167':445
  • '13#.#42.5.100':445
  • '13#.#42.222.242':139
  • '13#.#42.238.208':139
  • '13#.#42.12.13':139
  • '13#.#42.18.90':139
  • '13#.#42.176.109':139
  • '13#.#42.11.173':139
  • '13#.#42.172.215':139
  • '13#.#42.70.5':139
  • '13#.#42.107.105':139
  • '13#.#42.237.160':139
  • '13#.#42.24.112':139
  • '13#.#42.12.8':139
  • '13#.#42.237.160':445
  • '13#.#42.153.233':139
  • '13#.#42.73.88':139
  • '13#.#42.155.51':139
  • '13#.#42.203.23':139
  • '13#.#42.146.240':139
  • '13#.#42.74.214':445
  • '13#.#42.192.126':139
  • '13#.#42.12.176':139
  • '13#.#42.49.186':139
  • '13#.#42.78.113':139
  • '13#.#42.169.91':139
  • '13#.#42.188.165':139
  • '13#.#42.175.200':139
  • '13#.#42.131.167':139
  • '13#.#42.104.18':139
  • '13#.#42.74.214':139
  • '13#.142.7.0':139
  • '13#.#42.1.62':139
  • '13#.#42.104.135':139
  • '13#.#42.233.45':139
  • '13#.#42.50.170':139
  • '13#.#42.88.82':139
  • '13#.#42.106.194':139
  • '13#.#42.18.124':139
  • '13#.#42.19.135':139
  • '13#.#42.176.189':139
  • '13#.#42.226.241':139
  • '13#.#42.65.226':139
  • '13#.#42.7.111':139
  • '13#.#42.11.90':139
  • '13#.#42.251.83':139
  • '13#.#42.7.74':139
  • '13#.#42.8.83':139
  • '13#.#42.62.181':139
  • '13#.#42.56.95':445
  • '13#.#42.62.73':445
  • '13#.#42.36.159':445
  • '13#.#42.76.100':445
  • '13#.#42.237.50':445
  • '13#.#42.50.58':445
  • '13#.#42.15.32':445
  • '13#.#42.159.47':445
  • '13#.#42.107.43':139
  • '13#.#42.39.22':139
  • '13#.#42.167.175':139
  • '13#.#42.97.126':445
  • '13#.#42.69.97':445
  • '13#.#42.21.134':445
  • '13#.#42.198.68':445
  • '13#.#42.31.72':139
  • '13#.#42.50.58':139
  • '13#.#42.15.32':139
  • '13#.#42.76.100':139
  • '13#.#42.237.50':139
  • '13#.#42.249.178':139
  • '13#.#42.179.177':139
  • '13#.#42.55.187':139
  • '13#.#42.56.95':139
  • '13#.#42.198.68':139
  • '13#.#42.97.126':139
  • '13#.#42.69.97':139
  • '13#.#42.21.134':139
  • '13#.#42.62.73':139
  • '13#.#42.36.159':139
  • '13#.#42.159.47':139
  • '13#.#42.23.249':139
  • '13#.#42.143.238':139
  • '13#.#42.138.34':139
  • '13#.#42.224.178':139
  • '13#.#42.25.29':139
  • '13#.#42.213.92':139
  • '13#.#42.169.218':139
  • '13#.#42.189.224':139
  • '13#.#42.47.139':139
  • '13#.#42.228.174':139
  • '13#.#42.33.226':139
  • '13#.#42.24.58':139
  • '13#.#42.193.157':139
  • '13#.#42.19.13':139
  • '13#.#42.55.48':139
  • '13#.#42.214.155':139
  • '13#.#42.198.68':9988
  • '13#.#42.97.126':9988
  • '13#.#42.21.134':9988
  • '13#.#42.159.47':9988
  • '13#.#42.62.73':9988
  • '13#.#42.55.187':9988
  • '13#.#42.69.97':9988
  • '13#.#42.179.177':9988
  • '13#.#42.62.181':445
  • '13#.#42.251.83':445
  • '13#.#42.18.124':445
  • '13#.#42.106.194':445
  • '13#.#42.107.43':445
  • '13#.#42.39.22':445
  • '13#.#42.167.175':445
  • '13#.#42.50.58':9988
  • '13#.#42.79.135':445
  • '13#.#42.150.194':445
  • '13#.#42.24.140':139
  • '13#.#42.253.46':445
  • '13#.#42.24.140':445
  • '13#.#42.139.231':445
  • '13#.#42.231.78':445
  • '13#.#42.139.231':139
  • '13#.#42.6.195':139
  • '13#.#42.18.124':9988
  • '13#.#42.176.189':9988
  • '13#.#42.150.194':139
  • '13#.#42.231.78':139
  • '13#.#42.79.135':139
  • '13#.#42.253.46':139
  • '13#.#42.88.82':445
  • '13#.#42.138.34':445
  • '13#.#42.25.29':445
  • '13#.#42.214.155':445
  • '13#.#42.47.139':445
  • '13#.#42.224.178':445
  • '13#.#42.55.48':445
  • '13#.#42.189.224':445
  • '13#.#42.33.226':445
  • '13#.#42.249.178':445
  • '13#.#42.179.177':445
  • '13#.#42.55.187':445
  • '13#.#42.24.58':445
  • '13#.#42.228.174':445
  • '13#.#42.193.157':445
  • '13#.#42.23.249':445
  • '13#.#42.143.238':445
  • '13#.#42.50.170':445
  • '13#.#42.233.45':445
  • '13#.#42.213.92':445
  • '13#.#42.104.135':445
  • '13#.#42.19.135':445
  • '13#.#42.176.189':445
  • '13#.#42.7.74':445
  • '13#.#42.19.13':445
  • '13#.#42.226.241':445
  • '13#.#42.65.226':445
  • '13#.#42.169.218':445
  • '13#.#42.7.111':445
  • '13#.#42.31.72':445
  • '13#.#42.8.83':445
  • '13#.#42.11.90':445
  • '13#.#42.12.176':445
  • '13#.#42.37.140':139
  • '13#.#42.46.217':139
  • '13#.#42.66.183':139
  • '13#.#42.64.42':139
  • '13#.#42.69.170':139
  • '13#.#42.125.187':139
  • '13#.#42.124.4':139
  • '13#.#42.146.17':139
  • '13#.#42.51.190':139
  • '13#.#42.80.42':139
  • '13#.#42.16.174':139
  • '13#.#42.146.127':139
  • '13#.#42.97.123':139
  • '13#.#42.53.106':139
  • '13#.#42.106.112':139
  • '13#.#42.84.31':139
  • '13#.#42.55.188':445
  • '13#.#42.24.204':445
  • '13#.#42.103.109':445
  • '13#.#42.172.115':445
  • '13#.#42.247.144':445
  • '13#.#42.80.42':445
  • '13#.#42.221.222':445
  • '13#.#42.95.136':445
  • '13#.#42.102.28':445
  • '13#.#42.156.26':445
  • '13#.#42.32.149':445
  • '13#.#42.149.147':445
  • '13#.#42.89.179':445
  • '13#.#42.40.81':445
  • '13#.#42.174.31':445
  • '13#.#42.150.217':139
  • '13#.#42.5.118':445
  • '13#.#42.52.97':445
  • '13#.#42.173.156':445
  • '13#.#42.145.4':445
  • '13#.#42.166.114':445
  • '13#.#42.63.166':445
  • '13#.#42.115.86':445
  • '13#.#42.166.162':445
  • '13#.#42.123.43':445
  • '13#.#42.222.91':445
  • '13#.#42.133.20':445
  • '13#.#42.2.237':445
  • '13#.#42.97.117':445
  • '13#.#42.67.187':445
  • '13#.#42.154.114':445
  • '13#.#42.120.217':445
  • '13#.#42.24.204':139
  • '13#.#42.137.77':139
  • '13#.#42.103.109':139
  • '13#.#42.172.115':139
  • '13#.#42.247.144':139
  • '13#.#42.221.222':139
  • '13#.#42.55.188':139
  • '13#.#42.40.81':139
  • '13#.#42.149.147':139
  • '13#.#42.156.26':139
  • '13#.#42.102.28':139
  • '13#.#42.32.149':139
  • '13#.#42.95.136':139
  • '13#.#42.89.179':139
  • '13#.#42.174.31':139
  • '13#.#42.123.116':445
  • '13#.#42.2.77':139
  • '13#.#42.76.223':139
  • '13#.#42.19.185':445
  • '13#.#42.89.90':445
  • '13#.#42.108.241':445
  • '13#.#42.90.109':445
  • '13#.#42.61.75':139
  • '13#.#42.6.105':139
  • '13#.#42.57.67':139
  • '13#.#42.101.10':139
  • '13#.#42.36.100':139
  • '13#.#42.77.10':139
  • '13#.#42.59.238':139
  • '13#.#42.40.117':139
  • '13#.#42.134.89':445
  • '13#.#42.40.117':445
  • '13#.#42.59.238':445
  • '13#.#42.6.105':445
  • '13#.#42.10.30':445
  • '13#.#42.76.223':445
  • '13#.#42.61.75':445
  • '13#.#42.77.10':445
  • '13#.#42.57.67':445
  • '13#.#42.30.167':445
  • '13#.#42.31.138':445
  • '13#.#42.138.208':445
  • '13#.#42.101.10':445
  • '13#.#42.111.195':445
  • '13#.#42.60.119':445
  • '13#.#42.36.100':445
  • '13#.#42.60.119':139
  • '13#.#42.37.140':445
  • '13#.#42.64.42':445
  • '13#.#42.146.17':445
  • '13#.#42.124.4':445
  • '13#.#42.69.170':445
  • '13#.#42.84.31':445
  • '13#.#42.125.187':445
  • '13#.#42.46.217':445
  • '13#.#42.146.127':445
  • '13#.#42.97.123':445
  • '13#.#42.16.174':445
  • '13#.#42.150.217':445
  • '13#.#42.106.112':445
  • '13#.#42.51.190':445
  • '13#.#42.53.106':445
  • '13#.#42.123.116':139
  • '13#.#42.138.208':139
  • '13#.#42.91.105':445
  • '13#.#42.91.105':139
  • '13#.#42.31.138':139
  • '13#.#42.10.30':139
  • '13#.#42.111.195':139
  • '13#.#42.30.167':139
  • '13#.#42.79.86':445
  • '13#.#42.108.241':139
  • '13#.#42.19.185':139
  • '13#.#42.223.219':139
  • '13#.#42.90.109':139
  • '13#.#42.134.89':139
  • '13#.#42.79.86':139
  • '13#.#42.89.90':139
  • '13#.#42.100.96':139
  • '13#.#42.42.142':139
  • '13#.#42.185.172':139
  • '13#.#42.204.222':139
  • '13#.#42.94.222':139
  • '13#.#42.25.102':139
  • '13#.#42.242.248':139
  • '13#.#42.79.196':445
  • '13#.#42.235.35':445
  • '13#.#42.234.176':445
  • '13#.#42.177.120':445
  • '13#.#42.96.234':445
  • '13#.#42.121.87':445
  • '13#.#42.168.121':445
  • '13#.#42.120.242':445
  • '13#.#42.45.121':139
  • '13#.#42.210.120':139
  • '13#.#42.53.39':139
  • '13#.#42.218.120':139
  • '13#.#42.117.54':139
  • '13#.#42.189.160':139
  • '13#.#42.20.142':139
  • '13#.#42.57.228':139
  • '13#.#42.186.10':139
  • '13#.#42.55.183':139
  • '13#.#42.42.22':139
  • '13#.#42.117.145':139
  • '13#.#42.207.217':139
  • '13#.#42.100.208':139
  • '13#.#42.127.166':139
  • '13#.#42.79.57':139
  • '13#.#42.154.138':445
  • '13#.#42.35.171':139
  • '13#.#42.24.11':139
  • '13#.#42.54.228':139
  • '13#.#42.235.35':139
  • '13#.#42.177.120':139
  • '13#.#42.154.138':139
  • '13#.#42.82.235':139
  • '13#.#42.228.70':139
  • '13#.#42.101.72':139
  • '13#.#42.199.129':139
  • '13#.#42.130.77':139
  • '13#.#42.24.126':139
  • '13#.#42.101.72':445
  • '13#.#42.31.16':139
  • '13#.#42.211.157':139
  • '13#.#42.234.176':139
  • '13#.#42.24.126':445
  • '13#.#42.228.70':445
  • '13#.#42.31.16':445
  • '13#.#42.54.228':445
  • '13#.#42.82.235':445
  • '13#.#42.35.171':445
  • '13#.#42.24.11':445
  • '13#.#42.211.157':445
  • '13#.#42.79.196':139
  • '13#.#42.120.242':139
  • '13#.#42.96.234':139
  • '13#.#42.121.87':139
  • '13#.#42.199.129':445
  • '13#.#42.130.77':445
  • '13#.#42.168.121':139
  • '13#.#42.87.75':139
  • '13#.#42.75.161':139
  • '13#.#42.160.241':445
  • '13#.#42.222.91':139
  • '13#.#42.154.114':139
  • '13#.#42.100.33':139
  • '13#.#42.133.20':139
  • '13#.#42.241.98':445
  • '13#.#42.92.170':445
  • '13#.#42.127.8':445
  • '13#.#42.189.160':445
  • '13#.#42.45.104':445
  • '13#.#42.118.198':445
  • '13#.#42.11.205':445
  • '13#.#42.149.80':445
  • '13#.#42.123.43':139
  • '13#.#42.166.114':139
  • '13#.#42.115.86':139
  • '13#.#42.120.217':139
  • '13#.#42.63.166':139
  • '13#.#42.100.33':445
  • '13#.#42.87.75':445
  • '13#.#42.75.161':445
  • '13#.#42.145.4':139
  • '13#.#42.166.162':139
  • '13#.#42.67.187':139
  • '13#.#42.2.237':139
  • '13#.#42.97.117':139
  • '13#.#42.5.118':139
  • '13#.#42.52.97':139
  • '13#.#42.173.156':139
  • '13#.#42.117.54':445
  • '13#.#42.42.142':445
  • '13#.#42.185.172':445
  • '13#.#42.160.241':139
  • '13#.#42.100.96':445
  • '13#.#42.25.102':445
  • '13#.#42.204.222':445
  • '13#.#42.242.248':445
  • '13#.#42.241.98':139
  • '13#.#42.92.170':139
  • '13#.#42.127.8':139
  • '13#.#42.54.167':139
  • '13#.#42.45.104':139
  • '13#.#42.118.198':139
  • '13#.#42.149.80':139
  • '13#.#42.11.205':139
  • '13#.#42.94.222':445
  • '13#.#42.53.39':445
  • '13#.#42.186.10':445
  • '13#.#42.218.120':445
  • '13#.#42.210.120':445
  • '13#.#42.20.142':445
  • '13#.#42.54.167':445
  • '13#.#42.57.228':445
  • '13#.#42.127.166':445
  • '13#.#42.42.22':445
  • '13#.#42.117.145':445
  • '13#.#42.45.121':445
  • '13#.#42.55.183':445
  • '13#.#42.100.208':445
  • '13#.#42.79.57':445
  • '13#.#42.207.217':445

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play