PARA USUARIOS

Cerrar

Mi biblioteca
Mi biblioteca

+ Añadir a la biblioteca

Buscar
Buscar

Soporte
Soporte 24 horas | Normas de contactar

Escribir

una solicitud al rellenar un formulario

Llamar

+7 (495) 789-45-86

Foro

Sus solicitudes

Crear una nueva solicitud

Llamar

+7 (495) 789-45-86

Perfil

ES

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Cerrar
Servicios
Escáneres
Dr.Web vxCube
Demo
Biblioteca de virus
Base de conocimiento

Tecnologías

Términos

Formación y educación

Mitos

Noticias

Trojan.KillProc2.27958

Added to the Dr.Web virus database: 2025-07-16

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\f07qtt w6csjja14n1 beast uncut sgoibhh .mpeg.exe
  • %ProgramFiles%\dvd maker\shared\ big ash .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\mzwpstr8n uncut cock lzxyhb7k (y8oxsqa).rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\tsomq34 bq4kno hole .avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\upfgetx xakmpl tsomq34 [free] .zip.exe
  • %ProgramFiles%\microsoft office\templates\z9z7rwe ddqayq bq4kno (dxocjwba).rar.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\ apv53deiq9fw (y8oxsqa).mpg.exe
  • %ProgramFiles%\windows journal\templates\upfgetx horse mzwpstr8n nom72kl .zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\nom72kl [free] (g6u8n4r).zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\s2fkave ddqayq tsomq34 vjq39c1gwy titts boots (liz).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\fac71w2 cum beast l9hwcs7vvnphd9 .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\8r3baiec wep6b08 gay [free] hole ejn547rbxhd1 (jade).rar.exe
  • %CommonProgramFiles(x86)%\microsoft shared\horse uncut .avi.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\eq7k2xcxt wep6b08 mzwpstr8n hot (!) glans zn3tvn .mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\upfgetx 8ok6yf beast vjq39c1gwy .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\eq7k2xcxt w6csjja14n1 beast uncut .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\upfgetx w6csjja14n1 xxx [milf] .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\f1i7cm xakmpl mnho9y54 bq4kno b37oavmx289 (rdl1tfkz,liz).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f1i7cm w6csjja14n1 yzw1afy ihthd33 lzxyhb7k .rar.exe
  • %ALLUSERSPROFILE%\templates\upfgetx cum sperm nom72kl cock .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\ l9hwcs7vvnphd9 (dxocjwba).rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\lpcu5ai3 uncut qx2j1b5 .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z9z7rwe xakmpl mnho9y54 [bangbus] glans fishy .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\xxx ihthd33 feet .zip.exe
  • %ALLUSERSPROFILE%\templates\f07qtt xakmpl lpcu5ai3 nom72kl hole .avi.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\lpcu5ai3 bq4kno titts 779mipj (liz).zip.exe
  • C:\users\default\appdata\local\temp\f07qtt xakmpl [bangbus] 40+ .rar.exe
  • C:\users\default\appdata\local\<INETFILES>\s2fkave 7nd83wovj nom72kl vjq39c1gwy zmc8ujp .mpeg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\sperm big (jade).avi.exe
  • C:\users\default\templates\beast ihthd33 girly .avi.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\ [free] glans ash .mpeg.exe
  • %TEMP%\z9z7rwe 7nd83wovj nom72kl uncut cock ejn547rbxhd1 (2hbt8wr).mpg.exe
  • %LOCALAPPDATA%\<INETFILES>\gzn4ud7e 7nd83wovj mzwpstr8n uncut .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\sperm l9hwcs7vvnphd9 feet (dehod0,liz).mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\xxx sgu4m7oc hole qx2j1b5 (liz).zip.exe
  • %APPDATA%\microsoft\templates\0287zh nom72kl bq4kno feet .mpeg.exe
  • %APPDATA%\microsoft\windows\templates\gzn4ud7e w6csjja14n1 yzw1afy sgu4m7oc (jade).mpeg.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\gzn4ud7e 8ok6yf yzw1afy sgu4m7oc gsva2xn .mpg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\f07qtt porn nom72kl [free] glans .mpeg.exe
  • %HOMEPATH%\templates\black porn bq4kno hole .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\eq7k2xcxt xakmpl gay hot (!) .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\horse 7vepaqjm 40+ (dehod0,c4w8hqa).mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\beast hot (!) titts .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\f1i7cm cum xxx uncut hole ol6p1tua (karin).rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\f1i7cm 7nd83wovj big boots (rdl1tfkz,y8oxsqa).rar.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\f07qtt cum sperm nom72kl cock ash .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\gay nom72kl ejn547rbxhd1 .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\s2fkave xakmpl horse big (karin).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\eq7k2xcxt horse horse sgu4m7oc titts (sonja,y8oxsqa).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\yzw1afy uncut ol6p1tua (36mho73,liz).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\f1i7cm wep6b08 nom72kl ihthd33 50+ .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\z9z7rwe ddqayq sperm [bangbus] hole gh5b6gd7wrv .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\fac71w2 xakmpl gay 7vepaqjm glans rv0y8n .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\lpcu5ai3 7vepaqjm cock .mpeg.exe
  • %WINDIR%\assembly\tmp\eq7k2xcxt bd1l5ir xxx uncut (g6u8n4r).zip.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\nom72kl vjq39c1gwy titts (jenna,liz).rar.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\upfgetx xakmpl lpcu5ai3 big zn3tvn .avi.exe
  • %WINDIR%\pla\templates\f1i7cm w6csjja14n1 xxx [free] eigt45 .mpeg.exe
  • %WINDIR%\security\templates\beast sgu4m7oc hole ol6p1tua .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\mnho9y54 7vepaqjm .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\lpcu5ai3 [milf] wifey .zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\f07qtt nude beast [milf] titts ash .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\black 8ok6yf beast hot (!) .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\beast apv53deiq9fw (2hbt8wr).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\gay nom72kl feet hairy (jade).zip.exe
  • %WINDIR%\syswow64\config\systemprofile\8r3baiec nude xxx bq4kno boots .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\8r3baiec wep6b08 beast ihthd33 titts ejn547rbxhd1 .rar.exe
  • %WINDIR%\syswow64\fxstmp\eq7k2xcxt wep6b08 gay big glans nrb42wq .zip.exe
  • %WINDIR%\syswow64\ime\shared\f07qtt h93bklf gay vjq39c1gwy feet boots .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\f07qtt 7nd83wovj gay [free] .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt 7nd83wovj yzw1afy apv53deiq9fw hole rv0y8n (cy4xpd).mpg.exe
  • %WINDIR%\syswow64\fxstmp\f07qtt nude hot (!) .avi.exe
  • %WINDIR%\syswow64\ime\shared\xxx uncut feet (gina,cy4xpd).avi.exe
  • %WINDIR%\temp\f1i7cm bd1l5ir yzw1afy nom72kl fw58kpr41ob1w .avi.exe
  • %WINDIR%\winsxs\installtemp\f1i7cm ddqayq lpcu5ai3 girls wifey .rar.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\lpcu5ai3 ihthd33 .mpeg.exe
  • %ProgramFiles%\dvd maker\shared\8r3baiec 7nd83wovj bq4kno (sarah).avi.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\8r3baiec 7nd83wovj mnho9y54 hot (!) 8bgkvshe1 .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\sperm [bangbus] hole balls .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\fac71w2 xakmpl horse sgu4m7oc cock .zip.exe
  • %ProgramFiles%\microsoft office\templates\f1i7cm bd1l5ir nom72kl l9hwcs7vvnphd9 feet .mpg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\yzw1afy hot (!) (jade).zip.exe
  • %ProgramFiles%\windows journal\templates\sperm uncut ejn547rbxhd1 (gina,jade).mpg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\lpcu5ai3 uncut glans .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\8r3baiec porn xxx [free] nmibe2 .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\eq7k2xcxt 8ok6yf xxx hot (!) .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\ uncut (g6u8n4r).mpg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\gzn4ud7e h93bklf mnho9y54 apv53deiq9fw (jade).avi.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\f07qtt bd1l5ir xxx nom72kl (liz).mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\ [bangbus] titts gsva2xn (y8oxsqa).avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\lpcu5ai3 uncut gh5b6gd7wrv .avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\xxx 7vepaqjm fw58kpr41ob1w (jenna,g6u8n4r).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\nude bq4kno hole b37oavmx289 .mpeg.exe
  • %ALLUSERSPROFILE%\templates\fac71w2 8ok6yf mnho9y54 ihthd33 50+ .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\z9z7rwe porn beast uncut .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\horse ihthd33 cock 8pfmdyy .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\sperm ihthd33 eigt45 .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\horse sgu4m7oc .rar.exe
  • %ALLUSERSPROFILE%\templates\f07qtt 7nd83wovj mzwpstr8n [free] glans rv0y8n .zip.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\upfgetx w6csjja14n1 mzwpstr8n 7vepaqjm (dxocjwba).rar.exe
  • C:\users\default\appdata\local\temp\gzn4ud7e cum mnho9y54 l9hwcs7vvnphd9 .rar.exe
  • C:\users\default\appdata\local\<INETFILES>\gay ihthd33 ejn547rbxhd1 (rdl1tfkz,karin).mpg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\upfgetx cum yzw1afy hot (!) glans shoes .avi.exe
  • C:\users\default\templates\beast epyxwn glans .avi.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\f07qtt horse sperm [milf] (c4w8hqa).avi.exe
  • %TEMP%\z9z7rwe cum mzwpstr8n 7vepaqjm .avi.exe
  • %LOCALAPPDATA%\<INETFILES>\yzw1afy vjq39c1gwy titts hairy .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\lpcu5ai3 [free] hole .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\f1i7cm w6csjja14n1 [bangbus] .zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\black w6csjja14n1 mnho9y54 vjq39c1gwy (g6u8n4r).avi.exe
  • %APPDATA%\microsoft\templates\lpcu5ai3 nom72kl .mpg.exe
  • %APPDATA%\microsoft\windows\templates\mnho9y54 [free] glans .zip.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\eq7k2xcxt bd1l5ir sperm [free] .zip.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\ l9hwcs7vvnphd9 titts latex .rar.exe
  • %HOMEPATH%\templates\gay bq4kno (c4w8hqa).mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\beast apv53deiq9fw (2hbt8wr).mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\black w6csjja14n1 beast nom72kl .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\f07qtt 7nd83wovj mnho9y54 7vepaqjm .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\nom72kl 7vepaqjm (y8oxsqa).mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\eq7k2xcxt xakmpl horse girls (dxocjwba).mpeg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\eq7k2xcxt 7nd83wovj mzwpstr8n ihthd33 hole wifey .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\black cum sperm [free] 8pfmdyy (sonja,c4w8hqa).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\8r3baiec horse mzwpstr8n apv53deiq9fw qq6w54yfhtqrbwcslg .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\tsomq34 uncut sm .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\upfgetx cum uncut zmc8ujp .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\8r3baiec h93bklf lpcu5ai3 bq4kno (y8oxsqa).avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\lpcu5ai3 girls .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\horse bq4kno hole qx2j1b5 .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\tsomq34 [free] cock girly .mpeg.exe
  • %WINDIR%\assembly\temp\ sgu4m7oc glans .rar.exe
  • %WINDIR%\assembly\tmp\eq7k2xcxt nude beast vjq39c1gwy glans lzxyhb7k (liz).rar.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\f1i7cm horse lpcu5ai3 apv53deiq9fw sgoibhh (sonja,karin).avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\beast nom72kl hotel .mpg.exe
  • %WINDIR%\pla\templates\gzn4ud7e cum horse sgu4m7oc sweet .mpeg.exe
  • %WINDIR%\security\templates\f1i7cm porn tsomq34 l9hwcs7vvnphd9 cock sm (cy4xpd).mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\gzn4ud7e 7nd83wovj beast bq4kno hole (sandy,liz).rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\black w6csjja14n1 beast girls hole .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\tsomq34 sgu4m7oc (cy4xpd).avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\gzn4ud7e w6csjja14n1 xxx hot (!) 8bgkvshe1 (rdl1tfkz,g6u8n4r).mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\f07qtt horse tsomq34 apv53deiq9fw gsva2xn .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\f1i7cm 7nd83wovj mnho9y54 hot (!) gh5b6gd7wrv .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\8r3baiec w6csjja14n1 mzwpstr8n [milf] .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\horse [bangbus] b37oavmx289 .mpg.exe
  • %WINDIR%\syswow64\fxstmp\z1qxwcd sperm [milf] shoes (rdl1tfkz,sarah).zip.exe
  • %WINDIR%\syswow64\ime\shared\f1i7cm cum xxx [free] cock .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\horse bq4kno b37oavmx289 (haj1oyikd,jade).zip.exe
  • %WINDIR%\syswow64\fxstmp\ikdyfwhy bq4kno cock ash .mpg.exe
  • %WINDIR%\syswow64\ime\shared\s2fkave horse tsomq34 [bangbus] zn3tvn .avi.exe
  • %WINDIR%\temp\upfgetx h93bklf horse 7vepaqjm (dxocjwba).rar.exe
  • %WINDIR%\winsxs\installtemp\ikdyfwhy beast [milf] (cy4xpd).avi.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play