PARA USUARIOS

Cerrar

Mi biblioteca
Mi biblioteca

+ Añadir a la biblioteca

Buscar
Buscar

Soporte
Soporte 24 horas | Normas de contactar

Escribir

una solicitud al rellenar un formulario

Llamar

+7 (495) 789-45-86

Foro

Sus solicitudes

Crear una nueva solicitud

Llamar

+7 (495) 789-45-86

Perfil

ES

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Cerrar
Servicios
Escáneres
Dr.Web vxCube
Demo
Biblioteca de virus
Base de conocimiento

Tecnologías

Términos

Formación y educación

Mitos

Noticias

Trojan.MulDrop12.63066

Added to the Dr.Web virus database: 2020-06-05

Virus description added:

Technical Information

To ensure autorun and distribution
Modifies the following registry keys
  • [<HKLM>\Software\Classes\jamak\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mp4\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m4v\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.k3g\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.3gp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.skm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dmskm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.lmp4\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.rm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.trp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dmb\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.rmvb\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ogv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.swf\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.flv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mov\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.DVD\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.MediaFile\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.svi\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wmp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mkv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ogm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ts\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.tp\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m2v\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\gomcmd\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" %1'
  • [<HKLM>\Software\Classes\avis\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\ogms\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\CLASSES\Gomplayer.Skinfile\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.divxa32' = 'msaud32_divx.acm'
  • [<HKLM>\Software\Classes\GomPlayer.gom\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.avi\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.divx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.asx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\gomlogo\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.asf\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wmv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wvx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wm\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mpg\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mpe\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mpeg\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.ifo\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.vob\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.m1v\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.wmx\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.dat\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
  • [<HKLM>\Software\Classes\GomPlayer.mqv\shell\open\command] '' = '"%ProgramFiles(x86)%\GRETECH\GomPlayer\GOM.exe" /open "%1"'
Modifies file system
Creates the following files
  • %TEMP%\rarsfx0\gomplayerensetup.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_right.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_left.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_info_right.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_info_mid.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_info_left.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_client.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_cp_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_caption_noact.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_caption_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_caption_act.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_main_range.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_leftframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_rightframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_eq_presets_save_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_eq_presets_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_eq_presets_del_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_static_sectionrpt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_sectionrpt_unset_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_sectionrpt_set_s_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_sectionrpt_set_e_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rate_dn_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rate_up_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_rate_default_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_bigrew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\con_btn_bigff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\time_font.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\static_state_ready.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_presets_list.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\main_rgn_rb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\lite.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_list_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_del_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_add_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\mainframe2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\list_slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\list_slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\list_bkgnd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_shuffle_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_shuffle.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_repeat_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\btn_repeat.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\logo\soundonly.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\infoline\infoline.html
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\infoline\background.png
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_st_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_sel_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_btn_sort_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_playlist_item_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\pl\pl_playlist_selitem_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_restore.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_maximize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_mainicon.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_fullscreen.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_sys_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_subfind_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_preference.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_playlist_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_open.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_mute_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_mute_off.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\btn_controlpanel_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\list.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_subb_eng.bmp
  • C:\users\public\desktop\gom player.lnk
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_use_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_repeat_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_repeat.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_playlistprev.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_playlistnext.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_main_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\slider_main_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\music\info_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\static_ad.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_bkgnd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\list_slider_main_knob.bmp
  • %PROGRAMDATA%\microsoft\windows\start menu\programs\gom player\uninstall.lnk
  • %PROGRAMDATA%\microsoft\windows\start menu\programs\gom player\homepage.url
  • %PROGRAMDATA%\microsoft\windows\start menu\programs\gom player\gom wizard.lnk
  • %PROGRAMDATA%\microsoft\windows\start menu\programs\gom player\gom player.lnk
  • %WINDIR%\syswow64\msaud32_divx.acm
  • %ProgramFiles(x86)%\gretech\gomplayer\uninstall.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\logos\smile.jpg
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_playlist_item_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_playlist_selitem_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_sort_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_sel_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_list_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_del_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\pl_btn_add_menu_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\mainframe_temp.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\pl\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_use.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\side.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\gom_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_dvd_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_control_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_control_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_audio_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_audio_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_sub_video.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_control_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\frame_audio.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_pan_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_pan_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_font_smallnum.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_sub_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_sub_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_video_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\main_video_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\btn_ad.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_st_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_line.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_ct_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_bt_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\eq_btn_presets_reset_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_subf_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_reset.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_pstoggle_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_langnext_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_cap_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\video_btn_cap2_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\sub_size_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\sub_pos_updn_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\cp\sub_pos_ltrt_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\gomremocon_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\default\logo\soundonly.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_sectionrpt_set_s_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_controlpanel.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\lang\controlidkor.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\lang\controlideng.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\lang\gomwizeng.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\lang\gomeng.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\jmdbhtml\noticebg.gif
  • %ProgramFiles(x86)%\gretech\gomplayer\jmdbhtml\close_on_btn.gif
  • %ProgramFiles(x86)%\gretech\gomplayer\jmdbhtml\close_off_btn.gif
  • %ProgramFiles(x86)%\gretech\gomplayer\text.eng\shortcut.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\text.eng\jmdbnotice.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\text.eng\history.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\text.eng\copyright.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\top.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\horiz.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\desc2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_mute_off.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_mute_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_open.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_rb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_lt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_lb.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\list.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_restore.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_minimize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_maximize.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_mainicon.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_fullscreen.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_sys_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_subfind_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_srch.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_preference_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_playlist.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\btn_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\main_rgn_rt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\desc.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\btn_detail2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\btn_detail.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\grlauncher.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\grlauncher.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gomwiz.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gom.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gomweb3.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\gomx.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\gvc.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\killgom.exe
  • %TEMP%\gomencdninstaller.exe
  • %TEMP%\nsispromotion.dll
  • %TEMP%\nsispromotion.ini
  • %TEMP%\nsbfb8f.tmp\skinkidslock.ini
  • %TEMP%\nslfb7e.tmp
  • %TEMP%\f459.tmp\run.cmd
  • %TEMP%\rarsfx0\run.exe
  • %TEMP%\rarsfx0\untitled_0000.ico
  • %TEMP%\rarsfx0\ar.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\language.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\setting.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\icon.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\gom.ini
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\btn_close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\settingskin\buttonframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\settingskin\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\urls\default.asx
  • %ProgramFiles(x86)%\gretech\gomplayer\gaf.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\gnf.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\gsfu.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\msvcr71.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\gvf.ax
  • %ProgramFiles(x86)%\gretech\gomplayer\vsutil.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\shellregister.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\gomplayer.com.ico
  • %ProgramFiles(x86)%\gretech\gomplayer\qscl.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\dodge.dll
  • %ProgramFiles(x86)%\gretech\gomplayer\srt2smi.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\rtparser.exe
  • %ProgramFiles(x86)%\gretech\gomplayer\lgpl.txt
  • %ProgramFiles(x86)%\gretech\gomplayer\codecfindskin.eng\btn_codec.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_stop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_ct_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_sub_video.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_control_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\frame_audio.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_pan_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_pan_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_slider_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_use_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_use.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_presets_reset_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_presets_list.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_eq_presets_save_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\eq_btn_eq_presets_del_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_static_sectionrpt.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_sectionrpt_unset_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\mainframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_audio_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_audio_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_control_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_bt_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_subf_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_subb_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_reset.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_pstoggle_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_langnext_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_cap_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_btn_cap2_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\sub_pos_updn_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\sub_size_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\sub_pos_ltrt_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_video_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_video_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_sub_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_sub_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_dvd_on.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_dvd.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\main_control_on_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\video_line.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_sectionrpt_set_e_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_leftframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_leftbottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_right.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_left.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_info2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_info.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_cp_client.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_channel_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_caption_noact.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_caption_frame.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_caption_act.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_knob.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_fill.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_volume_empty.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main_range.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\slider_main_knob_hot.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_leftframe_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_lefttop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_bg.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_bg2.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rate_dn_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rate_default_eng.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_ff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_bigrew.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_bigff.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\close.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\time_font.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_logo.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\skin.xml
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_main_border.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_ready.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_play.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_state_pause.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_slider_bg.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_righttop.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_rightframe_bottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_rightframe.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\static_rightbottom.bmp
  • %ProgramFiles(x86)%\gretech\gomplayer\skins\basic\cp\con_btn_rate_up_eng.bmp
  • %APPDATA%\microsoft\internet explorer\quick launch\gom player.lnk
Deletes the following files
  • %TEMP%\nsbfb8f.tmp\skinkidslock.ini
  • %TEMP%\f459.tmp\run.cmd
  • %TEMP%\rarsfx0\ar.exe
  • %TEMP%\rarsfx0\gomplayerensetup.exe
  • %TEMP%\rarsfx0\run.exe
  • %TEMP%\rarsfx0\untitled_0000.ico
Miscellaneous
Searches for the following windows
  • ClassName: 'EDIT' WindowName: ''
  • ClassName: 'GomPlayer1.x' WindowName: ''
  • ClassName: 'GomMgr1.x' WindowName: ''
  • ClassName: 'GomWiz1.x' WindowName: ''
Creates and executes the following
  • '%TEMP%\rarsfx0\run.exe'
  • '%TEMP%\rarsfx0\gomplayerensetup.exe' /S
  • '%ProgramFiles(x86)%\gretech\gomplayer\killgom.exe' GOM.EXE
  • '%ProgramFiles(x86)%\gretech\gomplayer\shellregister.exe'
  • '%ProgramFiles(x86)%\gretech\gomplayer\gom.exe' /RegServer
  • '%ProgramFiles(x86)%\gretech\gomplayer\gom.exe' /regassocdef
  • '%ProgramFiles(x86)%\gretech\gomplayer\gom.exe' /regassoc
  • '%TEMP%\rarsfx0\ar.exe'
Executes the following
  • '%WINDIR%\syswow64\cmd.exe' /c ""%TEMP%\F459.tmp\run.cmd""

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play