PER UTENTI

Chiudi

La mia libreria
La mia libreria

+ Aggiungi alla libreria

Ricerca
Ricerca

Supporto
Supporto 24/7 | Regole per contattare

Scrivi

Una richiesta attraverso il modulo

Chiama

+7 (495) 789-45-86

Forum

Richieste

Crea nuova richiesta

Chiama

+7 (495) 789-45-86

Profile

IT

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Chiudi
Servizi
Scanner
Dr.Web vxCube
Versione di prova
Perizia di incidenti informatici legati ai virus
Libreria dei virus
Base di conoscenza

Tecnologie

Termini

Formazione ed informazione

Falsi miti

Notizie

Trojan.KillProc2.25442

Aggiunto al database dei virus Dr.Web: 2025-07-10

La descrizione è stata aggiunta:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\black sperm yzw1afy epyxwn .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\zc8giv9 lpcu5ai3 tsomq34 l9hwcs7vvnphd9 .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\fac71w2 yzw1afy big glans young .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\w6csjja14n1 nom72kl uncut kfp2yqq .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\cum xakmpl hot (!) .zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\gzn4ud7e tsomq34 uncut ash .zip.exe
  • %ProgramFiles%\windows journal\templates\jxaglwti wep6b08 [milf] glans .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\asian bd1l5ir [free] cock .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\yzw1afy tsomq34 epyxwn .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\viaz50 8ok6yf h93bklf ihthd33 .mpg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\4h1e2a346 lpcu5ai3 beast nom72kl (sonja,sonja).mpeg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\f07qtt mzwpstr8n porn [free] jxqgtp .avi.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\f1i7cm nom72kl beast 7vepaqjm .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\z9z7rwe xxx girls feet ash .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\gay mnho9y54 7vepaqjm (hyo87il,rdl1tfkz).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\f07qtt nude hot (!) (sandy,liz).rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\gzn4ud7e xakmpl uncut ae2sd7u4xh .avi.exe
  • %ALLUSERSPROFILE%\templates\4h1e2a346 xxx ihthd33 (dxocjwba,c4w8hqa).avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\f1i7cm nom72kl mzwpstr8n ihthd33 lzxyhb7k (sonja).avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\jxaglwti 8ok6yf [free] .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\8r3baiec xakmpl hot (!) .mpeg.exe
  • %ALLUSERSPROFILE%\templates\wpjwijv lpcu5ai3 big girly .rar.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\7b6fhxi 7nd83wovj big 779mipj .mpg.exe
  • C:\users\default\appdata\local\temp\porn 8ok6yf l9hwcs7vvnphd9 6tl9zg0uqa .rar.exe
  • C:\users\default\appdata\local\<INETFILES>\jxaglwti cum apv53deiq9fw .avi.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\black mnho9y54 xxx uncut cock (dehod0,jenna).mpeg.exe
  • C:\users\default\templates\porn nom72kl ihthd33 titts .mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\z9z7rwe horse [free] legs .zip.exe
  • %TEMP%\4h1e2a346 porn vjq39c1gwy qx2j1b5 (36mho73,hyo87il).mpeg.exe
  • %LOCALAPPDATA%\<INETFILES>\asian w6csjja14n1 mzwpstr8n epyxwn hole hairy .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\z9z7rwe nude girls ol6p1tua (sarah).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\upfgetx gay [milf] nmibe2 (liz,jade).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\viaz50 beast 7vepaqjm .mpg.exe
  • %APPDATA%\microsoft\templates\ddqayq beast apv53deiq9fw legs gh5b6gd7wrv .avi.exe
  • %APPDATA%\microsoft\windows\templates\z1qxwcd nude wep6b08 ihthd33 young (36mho73).mpeg.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\f1i7cm lpcu5ai3 7nd83wovj [milf] jxqgtp sgoibhh .mpg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\eq7k2xcxt cum tsomq34 [free] .mpg.exe
  • %HOMEPATH%\templates\4h1e2a346 7nd83wovj apv53deiq9fw glans (rdl1tfkz,gina).avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\z1qxwcd cum ddqayq l9hwcs7vvnphd9 ol6p1tua .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\z1qxwcd gay sgu4m7oc .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\ddqayq w6csjja14n1 ihthd33 .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\f07qtt mnho9y54 big hole .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\z1qxwcd beast nom72kl hot (!) lady .zip.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\8r3baiec h93bklf porn apv53deiq9fw .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\z1qxwcd xakmpl nom72kl [bangbus] ae2sd7u4xh .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\ikdyfwhy horse tsomq34 girls 50+ (haj1oyikd).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\sperm wep6b08 [milf] ash nrb42wq .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\0287zh 8ok6yf sgu4m7oc ash sgoibhh .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\f07qtt lpcu5ai3 uncut zmc8ujp (sarah,c4w8hqa).avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\tsomq34 l9hwcs7vvnphd9 kfp2yqq (sandy,sonja).avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\7nd83wovj girls 8bgkvshe1 .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\bd1l5ir gay uncut sm .rar.exe
  • %WINDIR%\assembly\temp\7nd83wovj hot (!) jxqgtp ae2sd7u4xh (gina,liz).mpeg.exe
  • %WINDIR%\assembly\tmp\viaz50 tsomq34 beast epyxwn ejn547rbxhd1 .zip.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\ddqayq nom72kl .rar.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\wpjwijv lpcu5ai3 7vepaqjm ash girly .mpeg.exe
  • %WINDIR%\pla\templates\f07qtt porn mzwpstr8n girls b37oavmx289 (2hbt8wr).rar.exe
  • %WINDIR%\security\templates\mzwpstr8n vjq39c1gwy .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\sperm uncut legs .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\wpjwijv nude l9hwcs7vvnphd9 .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\asian porn ihthd33 50+ (haj1oyikd).mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\s2fkave 8ok6yf 7nd83wovj vjq39c1gwy titts b37oavmx289 (jade,hyo87il).mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\h93bklf bq4kno eigt45 .mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\f1i7cm xakmpl hot (!) hole .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\viaz50 yzw1afy hot (!) kfp2yqq js80j73 .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\viaz50 mnho9y54 nom72kl .avi.exe
  • %WINDIR%\syswow64\fxstmp\8ok6yf l9hwcs7vvnphd9 young .rar.exe
  • %WINDIR%\syswow64\ime\shared\wpjwijv xakmpl epyxwn sgoibhh .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\mnho9y54 7nd83wovj nom72kl .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\fac71w2 cum [free] nrb42wq (hyo87il,jade).rar.exe
  • %WINDIR%\syswow64\fxstmp\black xxx lpcu5ai3 ihthd33 ol6p1tua .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\0287zh 8ok6yf uncut zn3tvn (sonja).zip.exe
  • %WINDIR%\temp\mzwpstr8n beast epyxwn js80j73 .avi.exe
  • %WINDIR%\winsxs\installtemp\h93bklf xakmpl uncut feet ae2sd7u4xh .mpg.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\bd1l5ir tsomq34 uncut hairy .mpeg.exe
  • %ProgramFiles%\dvd maker\shared\mnho9y54 apv53deiq9fw 40+ .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\0287zh 8ok6yf ihthd33 .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\f1i7cm lpcu5ai3 w6csjja14n1 l9hwcs7vvnphd9 50+ .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\jxaglwti yzw1afy yzw1afy ihthd33 qq6w54yfhtqrbwcslg .rar.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\f1i7cm mzwpstr8n porn epyxwn nrb42wq .avi.exe
  • %ProgramFiles%\windows journal\templates\7b6fhxi lpcu5ai3 [milf] .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\asian 7nd83wovj girls boobs 6tl9zg0uqa .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\ikdyfwhy wep6b08 apv53deiq9fw wifey .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\upfgetx [free] 779mipj (dxocjwba,gina).zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\tsomq34 sgu4m7oc girly (hyo87il).rar.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\4h1e2a346 w6csjja14n1 ihthd33 qq6w54yfhtqrbwcslg .mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\asian ddqayq lpcu5ai3 7vepaqjm ejn547rbxhd1 (sandy,sarah).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\8ok6yf ihthd33 feet .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\z9z7rwe mnho9y54 vjq39c1gwy 779mipj .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\f07qtt lpcu5ai3 uncut eigt45 (dxocjwba).avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\gay nom72kl nom72kl titts (haj1oyikd).mpeg.exe
  • %ALLUSERSPROFILE%\templates\z1qxwcd porn porn girls .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\horse 7nd83wovj ihthd33 hole (g6u8n4r).zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\f1i7cm mzwpstr8n horse hot (!) legs qq6w54yfhtqrbwcslg .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\f1i7cm cum uncut ae2sd7u4xh (36mho73,sonja).rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\ikdyfwhy 7nd83wovj yzw1afy uncut glans .mpg.exe
  • %ALLUSERSPROFILE%\templates\z9z7rwe horse wep6b08 big .zip.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\asian xxx wep6b08 girls lzxyhb7k .zip.exe
  • C:\users\default\appdata\local\temp\eq7k2xcxt horse uncut gh5b6gd7wrv (c4w8hqa).mpg.exe
  • C:\users\default\appdata\local\<INETFILES>\ikdyfwhy 7vepaqjm glans ae2sd7u4xh .rar.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\h93bklf nude uncut hole .zip.exe
  • C:\users\default\templates\f07qtt nude 7vepaqjm .avi.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\8ok6yf epyxwn 50+ (haj1oyikd).rar.exe
  • %TEMP%\7b6fhxi nom72kl horse sgu4m7oc hairy .avi.exe
  • %LOCALAPPDATA%\<INETFILES>\gzn4ud7e lpcu5ai3 ihthd33 fw58kpr41ob1w .zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\upfgetx uncut feet zn3tvn (liz,sandy).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\viaz50 gay yzw1afy epyxwn .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\cum cum 7vepaqjm cock js80j73 (cy4xpd,karin).zip.exe
  • %APPDATA%\microsoft\templates\h93bklf [milf] .mpeg.exe
  • %APPDATA%\microsoft\windows\templates\7b6fhxi cum l9hwcs7vvnphd9 glans .mpeg.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\gzn4ud7e beast yzw1afy bq4kno nmibe2 (c4w8hqa,gina).mpeg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\8ok6yf [free] gh5b6gd7wrv .rar.exe
  • %HOMEPATH%\templates\7nd83wovj nude girls gsva2xn .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\ porn epyxwn .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\z1qxwcd bd1l5ir sperm ihthd33 .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\gzn4ud7e tsomq34 7nd83wovj [milf] .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\eq7k2xcxt bd1l5ir l9hwcs7vvnphd9 jxqgtp (sarah,karin).avi.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\mzwpstr8n bd1l5ir [bangbus] 779mipj .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\nom72kl xakmpl uncut boobs .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\z9z7rwe lpcu5ai3 vjq39c1gwy hole girly .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\upfgetx mnho9y54 [milf] 40+ .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\zc8giv9 ddqayq girls legs (jade).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\jxaglwti porn [free] gh5b6gd7wrv (36mho73).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\gzn4ud7e nude apv53deiq9fw ol6p1tua (dxocjwba).zip.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\mzwpstr8n lpcu5ai3 bq4kno ash .mpg.exe
  • %WINDIR%\assembly\temp\horse horse [bangbus] (liz,haj1oyikd).rar.exe
  • %WINDIR%\assembly\tmp\black mnho9y54 bq4kno lady .mpg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\yzw1afy vjq39c1gwy zmc8ujp .avi.exe
  • %WINDIR%\pla\templates\zc8giv9 bd1l5ir 7vepaqjm 40+ .zip.exe
  • %WINDIR%\security\templates\nom72kl tsomq34 girls cock (sarah).rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\4h1e2a346 xakmpl uncut ejn547rbxhd1 (haj1oyikd,sarah).rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\mzwpstr8n apv53deiq9fw mg9fvb2xk9 .zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\wpjwijv porn ddqayq nom72kl titts (rdl1tfkz,karin).mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\jxaglwti porn [bangbus] 40+ .rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\sperm wep6b08 sgu4m7oc cock (g6u8n4r,karin).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\asian xakmpl uncut hairy .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\horse apv53deiq9fw jxqgtp qx2j1b5 .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\z9z7rwe beast w6csjja14n1 [bangbus] (dxocjwba,sonja).rar.exe
  • %WINDIR%\syswow64\fxstmp\f07qtt w6csjja14n1 big kfp2yqq 779mipj .mpg.exe
  • %WINDIR%\syswow64\ime\shared\tsomq34 beast [free] lady (c4w8hqa).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\xxx lpcu5ai3 hot (!) glans (sandy,sandy).avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\wpjwijv ddqayq [milf] ae2sd7u4xh .rar.exe
  • %WINDIR%\syswow64\fxstmp\fac71w2 nude l9hwcs7vvnphd9 nrb42wq .avi.exe
  • %WINDIR%\syswow64\ime\shared\z1qxwcd ddqayq uncut .avi.exe
  • %WINDIR%\temp\f1i7cm horse yzw1afy uncut hairy .avi.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play