PER UTENTI

Chiudi

La mia libreria
La mia libreria

+ Aggiungi alla libreria

Ricerca
Ricerca

Supporto
Supporto 24/7 | Regole per contattare

Scrivi

Una richiesta attraverso il modulo

Chiama

+7 (495) 789-45-86

Forum

Richieste

Crea nuova richiesta

Chiama

+7 (495) 789-45-86

Profile

IT

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Chiudi
Servizi
Scanner
Dr.Web vxCube
Versione di prova
Perizia di incidenti informatici legati ai virus
Libreria dei virus
Base di conoscenza

Tecnologie

Termini

Formazione ed informazione

Falsi miti

Notizie

Trojan.KillProc2.25401

Aggiunto al database dei virus Dr.Web: 2025-07-10

La descrizione è stata aggiunta:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\viaz50 wep6b08 girls cock lady .avi.exe
  • %ProgramFiles%\dvd maker\shared\z9z7rwe beast lpcu5ai3 [milf] 40+ .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\gzn4ud7e beast yzw1afy girls balls .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\8r3baiec gay horse girls rv0y8n .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\mnho9y54 big .rar.exe
  • %ProgramFiles%\microsoft office\templates\xakmpl uncut fw58kpr41ob1w .mpg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\lpcu5ai3 7nd83wovj [milf] ash (y8oxsqa,hyo87il).zip.exe
  • %ProgramFiles%\windows journal\templates\horse epyxwn .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\ddqayq l9hwcs7vvnphd9 nmibe2 (jenna,sarah).mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\wep6b08 horse bq4kno 8bgkvshe1 .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\nude nom72kl sgu4m7oc (2hbt8wr).zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\jxaglwti nom72kl uncut .avi.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\z9z7rwe nom72kl xxx [milf] sgoibhh .mpg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\f07qtt w6csjja14n1 mnho9y54 apv53deiq9fw titts girly (haj1oyikd).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\f1i7cm mnho9y54 xxx nom72kl mg9fvb2xk9 .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\viaz50 sperm xxx vjq39c1gwy boots .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\nude [free] sgoibhh (karin).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\7b6fhxi beast big kfp2yqq fishy .mpeg.exe
  • %ALLUSERSPROFILE%\templates\s2fkave wep6b08 uncut .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\xxx xxx epyxwn .rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\7nd83wovj [milf] .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\nom72kl ihthd33 .avi.exe
  • %ALLUSERSPROFILE%\templates\7nd83wovj sgu4m7oc jxqgtp lzxyhb7k .zip.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\0287zh beast h93bklf big js80j73 .mpg.exe
  • C:\users\default\appdata\local\temp\nom72kl [free] cock (hyo87il,dxocjwba).avi.exe
  • C:\users\default\appdata\local\<INETFILES>\xakmpl vjq39c1gwy .rar.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\xxx l9hwcs7vvnphd9 (jade).rar.exe
  • C:\users\default\templates\f1i7cm porn yzw1afy 7vepaqjm boobs (c4w8hqa,gina).mpeg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\8r3baiec xxx 7vepaqjm (dxocjwba).zip.exe
  • %TEMP%\asian wep6b08 gay bq4kno hole (g6u8n4r).avi.exe
  • %LOCALAPPDATA%\<INETFILES>\4h1e2a346 7nd83wovj beast uncut .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\jxaglwti 8ok6yf nom72kl jxqgtp nmibe2 (haj1oyikd).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\porn sperm [bangbus] cock young .zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\zc8giv9 beast 7vepaqjm mg9fvb2xk9 (c4w8hqa,dxocjwba).mpeg.exe
  • %APPDATA%\microsoft\templates\tsomq34 uncut .mpg.exe
  • %APPDATA%\microsoft\windows\templates\horse uncut .rar.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\f07qtt bd1l5ir uncut ash .mpg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\zc8giv9 7nd83wovj big legs .avi.exe
  • %HOMEPATH%\templates\upfgetx lpcu5ai3 7vepaqjm (sonja,c4w8hqa).mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\wpjwijv w6csjja14n1 l9hwcs7vvnphd9 eigt45 .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\ 7vepaqjm balls .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\s2fkave beast nom72kl epyxwn hole hairy (rdl1tfkz).mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\w6csjja14n1 nom72kl big gsva2xn (g6u8n4r).zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\ddqayq mzwpstr8n epyxwn .zip.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\8ok6yf vjq39c1gwy 779mipj .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\wpjwijv sperm h93bklf sgu4m7oc 40+ .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\4h1e2a346 nude sperm girls .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\z1qxwcd [bangbus] shoes .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\eq7k2xcxt wep6b08 uncut boots (karin,hyo87il).zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\f1i7cm cum sgu4m7oc (hyo87il,gina).avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\z9z7rwe sperm beast l9hwcs7vvnphd9 feet js80j73 .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\7nd83wovj mnho9y54 [free] qq6w54yfhtqrbwcslg (36mho73,haj1oyikd).mpeg.exe
  • %WINDIR%\assembly\temp\lpcu5ai3 tsomq34 7vepaqjm ol6p1tua (karin).mpeg.exe
  • %WINDIR%\assembly\tmp\sperm 7vepaqjm zn3tvn (rdl1tfkz).mpg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\horse vjq39c1gwy 8pfmdyy (2hbt8wr).zip.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\gay horse vjq39c1gwy mg9fvb2xk9 (liz).avi.exe
  • %WINDIR%\pla\templates\ddqayq mnho9y54 vjq39c1gwy (hyo87il,sandy).mpeg.exe
  • %WINDIR%\security\templates\cum mzwpstr8n [free] 50+ .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\7nd83wovj [bangbus] (haj1oyikd,36mho73).mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\ddqayq mzwpstr8n ihthd33 legs zmc8ujp (2hbt8wr).zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\black gay big lady .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\jxaglwti wep6b08 nom72kl .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\8ok6yf uncut (karin,sonja).mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\upfgetx xxx [free] feet zn3tvn (y8oxsqa,jenna).mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\h93bklf apv53deiq9fw .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\7b6fhxi horse horse uncut ash .mpg.exe
  • %WINDIR%\syswow64\fxstmp\7b6fhxi wep6b08 nom72kl qq6w54yfhtqrbwcslg .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\7b6fhxi ddqayq tsomq34 uncut shoes .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\ epyxwn rv0y8n .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\ikdyfwhy h93bklf yzw1afy l9hwcs7vvnphd9 b37oavmx289 (y8oxsqa).avi.exe
  • %WINDIR%\syswow64\fxstmp\0287zh xakmpl apv53deiq9fw .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\black lpcu5ai3 [milf] lzxyhb7k (dehod0).rar.exe
  • %WINDIR%\temp\upfgetx cum [free] hole 779mipj .rar.exe
  • %WINDIR%\winsxs\installtemp\black bd1l5ir big rv0y8n .mpg.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\xxx bq4kno titts 50+ .zip.exe
  • %ProgramFiles%\dvd maker\shared\gay girls zn3tvn .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\f1i7cm ddqayq tsomq34 uncut cock .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\f07qtt 7nd83wovj sperm [bangbus] .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\f1i7cm 7nd83wovj mnho9y54 uncut glans fishy (c4w8hqa).mpg.exe
  • %ProgramFiles%\microsoft office\templates\black wep6b08 nom72kl sgu4m7oc hole latex .rar.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\gzn4ud7e bd1l5ir mzwpstr8n epyxwn hole zmc8ujp .avi.exe
  • %ProgramFiles%\windows journal\templates\black porn gay big hole lzxyhb7k .mpeg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\yzw1afy 7vepaqjm hole .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\f1i7cm bd1l5ir tsomq34 [bangbus] feet .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\sperm [milf] glans .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\xxx ihthd33 qx2j1b5 .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\ ihthd33 .mpg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\gzn4ud7e ddqayq vjq39c1gwy (jade).mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\mnho9y54 [bangbus] hairy .avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\f07qtt w6csjja14n1 beast big .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\fac71w2 bd1l5ir yzw1afy uncut titts .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\fac71w2 8ok6yf lpcu5ai3 [bangbus] balls .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\sperm [milf] glans gsva2xn (karin).avi.exe
  • %ALLUSERSPROFILE%\templates\z9z7rwe horse mzwpstr8n l9hwcs7vvnphd9 glans lady .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\black 7nd83wovj mzwpstr8n uncut glans .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\gay nom72kl 779mipj .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\eq7k2xcxt porn sperm apv53deiq9fw titts eigt45 (c4w8hqa).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\mnho9y54 l9hwcs7vvnphd9 titts .rar.exe
  • %ALLUSERSPROFILE%\templates\f07qtt xakmpl mnho9y54 uncut .avi.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f1i7cm ddqayq sperm big (sarah).mpeg.exe
  • C:\users\default\appdata\local\temp\xxx nom72kl titts shoes .mpg.exe
  • C:\users\default\appdata\local\<INETFILES>\eq7k2xcxt horse mnho9y54 ihthd33 .zip.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\horse 7vepaqjm js80j73 .mpg.exe
  • C:\users\default\templates\beast hot (!) sgoibhh .mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\lpcu5ai3 epyxwn titts gsva2xn .zip.exe
  • %TEMP%\z9z7rwe bd1l5ir beast l9hwcs7vvnphd9 .avi.exe
  • %LOCALAPPDATA%\<INETFILES>\eq7k2xcxt xakmpl beast [milf] qq6w54yfhtqrbwcslg .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\mnho9y54 nom72kl rv0y8n (sonja,dxocjwba).avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\f1i7cm 7nd83wovj mnho9y54 vjq39c1gwy girly .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\f07qtt w6csjja14n1 horse bq4kno cock gsva2xn (karin).mpeg.exe
  • %APPDATA%\microsoft\templates\sperm apv53deiq9fw hole young (c4w8hqa).zip.exe
  • %APPDATA%\microsoft\windows\templates\mzwpstr8n sgu4m7oc .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\8r3baiec xakmpl 7vepaqjm titts eigt45 (jade).avi.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\gzn4ud7e bd1l5ir lpcu5ai3 epyxwn rv0y8n .mpeg.exe
  • %HOMEPATH%\templates\f07qtt h93bklf lpcu5ai3 l9hwcs7vvnphd9 cock 8pfmdyy .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\8r3baiec xakmpl lpcu5ai3 sgu4m7oc qq6w54yfhtqrbwcslg .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\z9z7rwe nude bq4kno feet .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\f07qtt ddqayq nom72kl vjq39c1gwy glans .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\f1i7cm ddqayq mnho9y54 apv53deiq9fw .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\tsomq34 uncut titts .avi.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\nom72kl sgu4m7oc glans .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\sperm epyxwn (dxocjwba).zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\gay l9hwcs7vvnphd9 779mipj .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\z9z7rwe bd1l5ir mzwpstr8n [milf] titts .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\gzn4ud7e bd1l5ir horse 7vepaqjm feet eigt45 .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\gay hot (!) titts .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\black cum sperm sgu4m7oc titts .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\z9z7rwe h93bklf nom72kl [free] feet zmc8ujp .rar.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\eq7k2xcxt 7nd83wovj yzw1afy bq4kno sgoibhh (haj1oyikd,karin).zip.exe
  • %WINDIR%\assembly\temp\horse nom72kl .mpeg.exe
  • %WINDIR%\assembly\tmp\upfgetx 7nd83wovj yzw1afy [free] cock balls .avi.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\upfgetx porn [free] .rar.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\sperm [bangbus] rv0y8n .mpeg.exe
  • %WINDIR%\pla\templates\black h93bklf mnho9y54 [bangbus] 8pfmdyy .mpg.exe
  • %WINDIR%\security\templates\s2fkave cum sperm girls glans boots .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt w6csjja14n1 apv53deiq9fw hotel (jenna,dxocjwba).zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\eq7k2xcxt w6csjja14n1 xxx uncut sweet .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\black xakmpl lpcu5ai3 [free] shoes (36mho73,dxocjwba).avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\yzw1afy l9hwcs7vvnphd9 feet zmc8ujp .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\yzw1afy nom72kl .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\ 7vepaqjm (cy4xpd).avi.exe
  • %WINDIR%\syswow64\config\systemprofile\upfgetx horse mnho9y54 big (liz).mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\sperm uncut 6tl9zg0uqa .avi.exe
  • %WINDIR%\syswow64\fxstmp\s2fkave 7nd83wovj lpcu5ai3 uncut .mpg.exe
  • %WINDIR%\syswow64\ime\shared\upfgetx nude gay epyxwn hotel (rdl1tfkz,y8oxsqa).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\xxx [free] hole girly .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\upfgetx 7nd83wovj yzw1afy [free] titts (rdl1tfkz,dxocjwba).mpeg.exe
  • %WINDIR%\syswow64\fxstmp\8r3baiec 8ok6yf nom72kl epyxwn titts .rar.exe
  • %WINDIR%\syswow64\ime\shared\8r3baiec 8ok6yf yzw1afy big (c4w8hqa).zip.exe
  • %WINDIR%\temp\f1i7cm porn horse hot (!) gh5b6gd7wrv .mpg.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play