FÜR NUTZER

Schließen

Meine Bibliothek
Meine Bibliothek

+ Zur Bibliothek hinzufügen

Suche
Suche

Support
Support 24/7 | Regeln zur Anfragenübermittlung

Schreiben Sie uns

Online-Formular

Telefon

+49 (0) 170 488 40 28

Forum

Ihre Anfragen

Neue Anfrage

Rufen Sie uns an

+7 (495) 789-45-86

Profil

DE

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
Schließen
Services
Scanner
Dr.Web vxCube
Testversion
Analyse von virenabhängigen Vorfällen
Virenbibliothek
Wissensdatenbank

Technologies

Begriffe

Schulung und Training

Mythen

News

Trojan.KillProc2.25338

Added to the Dr.Web virus database: 2025-07-10

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\ [bangbus] js80j73 .mpg.exe
  • %ProgramFiles%\dvd maker\shared\z1qxwcd nude [bangbus] .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\f1i7cm yzw1afy horse girls jxqgtp (haj1oyikd).rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\horse sperm 7vepaqjm 40+ (hyo87il,gina).mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\asian sperm beast l9hwcs7vvnphd9 rv0y8n .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\zc8giv9 ddqayq horse uncut kfp2yqq eigt45 .mpg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\asian cum [milf] 8bgkvshe1 .mpg.exe
  • %ProgramFiles%\windows journal\templates\upfgetx horse [free] gh5b6gd7wrv .mpeg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\h93bklf wep6b08 ihthd33 .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\ddqayq lpcu5ai3 sgu4m7oc 8pfmdyy (sandy).mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\ddqayq 7vepaqjm gsva2xn .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\xakmpl bd1l5ir vjq39c1gwy 8bgkvshe1 (jade,rdl1tfkz).mpg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\ikdyfwhy cum porn uncut 779mipj .zip.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\s2fkave w6csjja14n1 xxx uncut zn3tvn .zip.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\z9z7rwe [free] titts .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\8r3baiec cum porn girls ash 779mipj (karin).avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black horse h93bklf [milf] nrb42wq .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\gay girls legs (sonja).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\z1qxwcd wep6b08 epyxwn zmc8ujp .mpeg.exe
  • %ALLUSERSPROFILE%\templates\asian mnho9y54 h93bklf vjq39c1gwy (36mho73,jenna).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black xxx big hairy .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\viaz50 xxx bq4kno glans lzxyhb7k (2hbt8wr).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f07qtt cum w6csjja14n1 [bangbus] ash (dxocjwba).rar.exe
  • %ALLUSERSPROFILE%\templates\7nd83wovj vjq39c1gwy latex .mpg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f1i7cm wep6b08 bq4kno young .avi.exe
  • C:\users\default\appdata\local\temp\horse girls .avi.exe
  • C:\users\default\appdata\local\<INETFILES>\nude uncut gh5b6gd7wrv .avi.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\porn xakmpl vjq39c1gwy cock .rar.exe
  • C:\users\default\templates\7nd83wovj big latex (sarah,rdl1tfkz).rar.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\eq7k2xcxt horse epyxwn .avi.exe
  • %TEMP%\black beast nom72kl jxqgtp qx2j1b5 (rdl1tfkz).rar.exe
  • %LOCALAPPDATA%\<INETFILES>\porn vjq39c1gwy 50+ .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\asian ddqayq bq4kno js80j73 .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\8ok6yf [free] fw58kpr41ob1w (dxocjwba,haj1oyikd).mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\7b6fhxi wep6b08 wep6b08 [milf] hole 50+ .mpeg.exe
  • %APPDATA%\microsoft\templates\eq7k2xcxt 8ok6yf [bangbus] (haj1oyikd).zip.exe
  • %APPDATA%\microsoft\windows\templates\beast girls girly .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\gzn4ud7e 8ok6yf [bangbus] feet .mpeg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\mnho9y54 ihthd33 qx2j1b5 (liz,sarah).zip.exe
  • %HOMEPATH%\templates\ddqayq w6csjja14n1 l9hwcs7vvnphd9 legs zn3tvn .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\viaz50 beast mzwpstr8n girls .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\4h1e2a346 w6csjja14n1 epyxwn (c4w8hqa).mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\wpjwijv tsomq34 h93bklf uncut b37oavmx289 (rdl1tfkz).avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\fac71w2 h93bklf sgu4m7oc legs .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\asian tsomq34 7vepaqjm .zip.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\horse girls qq6w54yfhtqrbwcslg .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\wpjwijv porn tsomq34 l9hwcs7vvnphd9 .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\eq7k2xcxt nom72kl gay sgu4m7oc (hyo87il,haj1oyikd).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\w6csjja14n1 wep6b08 7vepaqjm boobs .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\7b6fhxi 7nd83wovj sperm uncut .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\wpjwijv beast yzw1afy vjq39c1gwy cock mg9fvb2xk9 (karin,sarah).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\ mzwpstr8n epyxwn hole girly (haj1oyikd).rar.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\fac71w2 bd1l5ir sgu4m7oc fishy .zip.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\8r3baiec cum mnho9y54 bq4kno .zip.exe
  • %WINDIR%\assembly\temp\xakmpl yzw1afy [milf] jxqgtp .zip.exe
  • %WINDIR%\assembly\tmp\black sperm girls feet hotel .mpg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\xxx hot (!) 50+ (c4w8hqa,cy4xpd).mpeg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\0287zh horse xakmpl bq4kno gsva2xn .mpg.exe
  • %WINDIR%\pla\templates\fac71w2 beast l9hwcs7vvnphd9 .rar.exe
  • %WINDIR%\security\templates\s2fkave 7nd83wovj sperm 7vepaqjm (haj1oyikd,c4w8hqa).mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt beast [milf] eigt45 .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\wpjwijv w6csjja14n1 [free] legs zmc8ujp (sonja).rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\jxaglwti tsomq34 cum big .mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\7b6fhxi bd1l5ir bq4kno feet ejn547rbxhd1 .mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\8r3baiec h93bklf uncut titts .mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\z9z7rwe xakmpl uncut qx2j1b5 (jenna).mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\mnho9y54 w6csjja14n1 ihthd33 (hyo87il,haj1oyikd).mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\nom72kl h93bklf apv53deiq9fw (sonja).mpeg.exe
  • %WINDIR%\syswow64\fxstmp\ddqayq uncut sweet (sandy).mpg.exe
  • %WINDIR%\syswow64\ime\shared\w6csjja14n1 vjq39c1gwy kfp2yqq .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\8r3baiec bd1l5ir nom72kl ash .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\nude tsomq34 l9hwcs7vvnphd9 jxqgtp fishy .rar.exe
  • %WINDIR%\syswow64\fxstmp\sperm yzw1afy 7vepaqjm .zip.exe
  • %WINDIR%\syswow64\ime\shared\xakmpl 8ok6yf ihthd33 .mpg.exe
  • %WINDIR%\temp\ikdyfwhy xakmpl horse girls mg9fvb2xk9 .zip.exe
  • %WINDIR%\winsxs\installtemp\wep6b08 big .mpeg.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\f1i7cm xakmpl gay [milf] 6tl9zg0uqa (y8oxsqa,gina).rar.exe
  • %ProgramFiles%\dvd maker\shared\cum 8ok6yf [bangbus] glans .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\upfgetx ihthd33 .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\nom72kl nude hot (!) gsva2xn .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\bd1l5ir horse epyxwn kfp2yqq nrb42wq .zip.exe
  • %ProgramFiles%\microsoft office\templates\4h1e2a346 horse bd1l5ir uncut feet gsva2xn .zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\z9z7rwe w6csjja14n1 big rv0y8n (dehod0).zip.exe
  • %ProgramFiles%\windows journal\templates\mzwpstr8n [bangbus] kfp2yqq .zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\wpjwijv porn h93bklf [bangbus] ol6p1tua .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\0287zh mzwpstr8n apv53deiq9fw feet 50+ .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\bd1l5ir beast vjq39c1gwy mg9fvb2xk9 .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\black wep6b08 girls hole .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\xxx [free] kfp2yqq js80j73 .mpeg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\wep6b08 big cock nrb42wq .avi.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\jxaglwti horse nom72kl epyxwn gsva2xn .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\tsomq34 xakmpl hot (!) .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\w6csjja14n1 sgu4m7oc ash ae2sd7u4xh (sonja).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\horse cum hot (!) ol6p1tua .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\wpjwijv horse 7vepaqjm sweet .rar.exe
  • %ALLUSERSPROFILE%\templates\upfgetx mnho9y54 bd1l5ir vjq39c1gwy (liz).avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\ikdyfwhy cum hot (!) feet .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\tsomq34 uncut feet fishy .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\eq7k2xcxt gay hot (!) 40+ (sandy,sonja).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\8r3baiec 8ok6yf xxx big .mpeg.exe
  • %ALLUSERSPROFILE%\templates\7b6fhxi w6csjja14n1 hot (!) titts sm .mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\7nd83wovj ddqayq 7vepaqjm titts sm (sonja).rar.exe
  • C:\users\default\appdata\local\temp\4h1e2a346 porn girls glans .mpeg.exe
  • C:\users\default\appdata\local\<INETFILES>\upfgetx horse uncut js80j73 .zip.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\4h1e2a346 gay ddqayq ihthd33 ash qq6w54yfhtqrbwcslg .rar.exe
  • C:\users\default\templates\lpcu5ai3 sgu4m7oc .rar.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\z9z7rwe tsomq34 epyxwn titts (sandy,2hbt8wr).rar.exe
  • %TEMP%\gay ihthd33 glans js80j73 .mpg.exe
  • %LOCALAPPDATA%\<INETFILES>\8ok6yf nom72kl l9hwcs7vvnphd9 .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\nude nom72kl hot (!) boobs girly .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\jxaglwti horse gay [free] nmibe2 (gina).rar.exe
  • %APPDATA%\microsoft\templates\wep6b08 vjq39c1gwy ash sweet (sarah,liz).mpg.exe
  • %APPDATA%\microsoft\windows\templates\ sperm ihthd33 .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\cum h93bklf epyxwn ash gh5b6gd7wrv .mpg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\8ok6yf 7vepaqjm glans lady (liz,sarah).mpg.exe
  • %HOMEPATH%\templates\wpjwijv yzw1afy h93bklf big 8bgkvshe1 .zip.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\wep6b08 apv53deiq9fw nrb42wq .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\upfgetx gay mnho9y54 [free] shoes .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\fac71w2 horse 7vepaqjm gsva2xn (2hbt8wr,liz).mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\gay tsomq34 big js80j73 .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\wpjwijv bd1l5ir apv53deiq9fw hole shoes .rar.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\f07qtt xakmpl 8ok6yf 7vepaqjm .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\xxx nom72kl jxqgtp 8pfmdyy (dxocjwba,sarah).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\cum girls legs (karin,liz).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\asian xakmpl uncut cock ejn547rbxhd1 (karin,dehod0).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\beast nude big (sonja).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\gay tsomq34 vjq39c1gwy .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\f1i7cm 7nd83wovj bq4kno ol6p1tua (liz).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\fac71w2 xxx apv53deiq9fw (sandy,y8oxsqa).zip.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\fac71w2 nom72kl porn epyxwn hole balls .rar.exe
  • %WINDIR%\assembly\temp\gay girls ash b37oavmx289 .zip.exe
  • %WINDIR%\assembly\tmp\f1i7cm tsomq34 sgu4m7oc 8bgkvshe1 .mpeg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\zc8giv9 nude l9hwcs7vvnphd9 b37oavmx289 (g6u8n4r,g6u8n4r).mpeg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\asian xakmpl hot (!) cock (rdl1tfkz,dehod0).rar.exe
  • %WINDIR%\pla\templates\z1qxwcd wep6b08 apv53deiq9fw 8pfmdyy .zip.exe
  • %WINDIR%\security\templates\xxx xxx apv53deiq9fw legs boots .zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\wep6b08 bq4kno boobs hairy .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\7b6fhxi sperm yzw1afy [free] .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\zc8giv9 bd1l5ir [free] rv0y8n .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\beast nude l9hwcs7vvnphd9 shoes .mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\w6csjja14n1 big .mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\z1qxwcd mzwpstr8n tsomq34 girls nrb42wq .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\0287zh tsomq34 gay hot (!) 8bgkvshe1 (hyo87il).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\4h1e2a346 porn mnho9y54 epyxwn glans .mpg.exe
  • %WINDIR%\syswow64\fxstmp\ sgu4m7oc cock mg9fvb2xk9 .rar.exe
  • %WINDIR%\syswow64\ime\shared\wpjwijv wep6b08 girls lzxyhb7k .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\zc8giv9 8ok6yf 7nd83wovj apv53deiq9fw hole .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\yzw1afy wep6b08 hot (!) ash .mpeg.exe
  • %WINDIR%\syswow64\fxstmp\ddqayq sperm big kfp2yqq fw58kpr41ob1w .rar.exe
  • %WINDIR%\syswow64\ime\shared\4h1e2a346 7nd83wovj [bangbus] ash shoes (dxocjwba,rdl1tfkz).zip.exe
  • %WINDIR%\temp\wpjwijv gay w6csjja14n1 vjq39c1gwy kfp2yqq .avi.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play