ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Android.Packed.18884

Added to the Dr.Web virus database: 2017-02-18

Virus description added:

Technical information

Malicious functions:
Executes code of the following detected threats:
  • Android.DownLoader.304.origin
  • Android.DownLoader.255.origin
Network activity:
Connecting to:
  • s####.####.com
  • t####.####.com
  • h####.####.com
  • 3####.####.com
  • logi####.####.com
  • google-####.com
  • p####.####.com
  • h####.####.cn
  • sta####.####.com
  • c####.####.com
  • d####.####.com
  • w####.####.com
  • y####.####.com
  • z####.####.com
  • a####.####.com
  • b####.####.com
HTTP GET requests:
  • h####.####.cn/assets/rev/m/style/reset.css
  • t####.####.com/it/u=2425009641,3191557754&fm=76
  • p####.####.com/pcym?di=####&dri=####&dis=####&dai=####&ps=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=####&tpr=####&ti=####&ari=####&dbv=###...
  • t####.####.com/it/u=537946476,1068739944&fm=76
  • p####.####.com/32/20160708/64/1467976002368_1_w190_h170_m.jpg
  • p####.####.com/32/20170216/94/1487215646302_1_w600_h441_m.jpg
  • h####.####.cn/assets/rev/m/style/common.css?v=####
  • c####.####.com/cm.gif?dspid=####
  • t####.####.com/it/u=213568722,2054775825&fm=76
  • t####.####.com/it/u=779741276,1518371341&fm=76
  • h####.####.cn/www/2015-11-05/4e626bce0afa02bbed94e960ff618b38.jpg
  • t####.####.com/it/u=312219462,4077368264&fm=76
  • google-####.com/ga.js
  • 3####.####.com/parenting/201702151602080.shtml
  • h####.####.cn/assets/rev/m/script/3gcontent.js?v=####
  • p####.####.com/32/20160114/71/1452773627207_1_w190_h170_m.jpg
  • 3####.####.com/bbs/api/misc.php?type=####&callback=####&callback=####&_=####
  • p####.####.com/32/20170216/30/1487215659550_1_w600_h441_m.jpg
  • s####.####.com/s.htm?cproid=####&t=####
  • p####.####.com/32/20170215/59/1487145788987_1_w500_h491_m.jpg
  • h####.####.cn/assets/rev/m/images/new_3glm_iconc.png
  • b####.####.com/version/update/resource/348cd48f8a714e598994f6af406de8cf.apk
  • p####.####.com/32/20170215/36/1487145767844_1_w500_h495_m.jpg
  • h####.####.cn/assets/rev/m/images/bg-box-user.png
  • p####.####.com/32/20160113/65/1452651790017_1_w190_h170_m.jpg
  • t####.####.com/it/u=959100585,1197998252&fm=76
  • p####.####.com/32/20170215/125/1487145943037_1_w500_h500_m.jpg
  • t####.####.com/it/u=1438893929,1168896239&fm=76
  • t####.####.com/it/u=1958432165,2641003344&fm=76
  • a####.####.com/afp/door/;ap=186206;ct=js;pu=4c451ece10ff899d0001;/?
  • google-####.com/__utm.gif?utmwv=####&utms=####&utmn=####&utmhn=####&utmcs=####&utmsr=####&utmvp=####&utmsc=####&utmul=####&utmje=####&utmfl=####&utmdt...
  • p####.####.com/32/20170217/29/1487298239389_1_w72_h50_o.jpg
  • t####.####.com/it/u=3662049917,176040656&fm=76
  • t####.####.com/it/u=441723191,3219285686&fm=76
  • p####.####.com/32/20160129/72/1454049498184_1_w190_h170_m.jpg
  • h####.####.cn/assets/rev/m/images/new_3glm_iconh.png
  • t####.####.com/it/u=3158533130,3667647107&fm=76
  • a####.####.com/afp/door/;ap=186216;ct=if;pu=4c451ece10ff899d0001;/?
  • p####.####.com/32/20170215/53/1487145788725_1_w500_h476_m.jpg
  • p####.####.com/32/20170216/45/1487215574701_1_w600_h441_m.jpg
  • p####.####.com/32/20170215/94/1487145942622_1_w500_h667_m.jpg
  • sta####.####.com/service/yaolan/yaolan_wap.js
  • p####.####.com/32/20170215/77/1487145907021_1_w500_h626_m.jpg
  • t####.####.com/it/u=536503128,3605702614&fm=76
  • h####.####.cn/assets/rev/m/images/icon-triangle.png
  • h####.####.cn/assets/rev/m/images/new_3glm_icond.png
  • t####.####.com/it/u=1830903277,2922600103&fm=76
  • h####.####.cn/assets/rev/m/script/img-scroll.js
  • sta####.####.com/api/2.0/bcore.min.js
  • d####.####.com/2.0/PageView.do?p_p=####&tma=####&tmc=####&tmd=####&rs=####&ja=####&oc=####&ln=####&lk=####&ep=####&ct=####&bt=####&ot=####&fv=####&coo...
  • 3####.####.com/images/bbs.gif
  • p####.####.com/32/20170214/9/1487038129289_1_w600_h290_o.jpg
  • d####.####.com/2.0/Pos.do?x=####&y=####&prs=####&ep=####&pageflag=####&fingerprint=####&fpduration=####&sid=####&cid=####&d_s=####&uid=####&p_t=####&g...
  • p####.####.com/32/20170215/106/1487145907434_1_w500_h375_m.jpg
  • d####.####.com/2.0/EndPageView.do?ep=####&pageflag=####&fingerprint=####&fpduration=####&sid=####&cid=####&d_s=####&uid=####&p_t=####&gid=####&tma=###...
  • p####.####.com/32/20170215/39/1487145906471_1_w500_h667_m.jpg
  • p####.####.com/32/20170215/87/1487145850455_1_w500_h295_m.jpg
  • p####.####.com/pcym?sz=####&rdid=####&dc=####&di=####&dri=####&dis=####&dai=####&ps=####&coa=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=###...
  • h####.####.cn/assets/images/health_xq_12.png
  • h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&ep=####&et=####&ja=####&ln=####&lo=####&lt=####&nv=####&rnd=####&si=####&st=####&v=####&lv=####
  • t####.####.com/it/u=2913491782,3756327935&fm=76
  • h####.####.cn/assets/rev/m/script/shenmago_download_app_1.js?v=####
  • p####.####.com/32/20161114/11/1479087516427_1_w115_h115_m.jpg
  • h####.####.cn/assets/rev/m/images/user-login.png
  • t####.####.com/it/u=660475056,3719746407&fm=76
  • p####.####.com/32/20170215/70/1487145890118_1_w500_h730_m.jpg
  • d####.####.com/2.0/StdID.do?bfdid=####
  • p####.####.com/32/20170217/49/1487298111921_1_w600_h290_o.jpg
  • p####.####.com/32/20170216/67/1487215549251_1_w600_h441_m.jpg
  • t####.####.com/it/u=388546872,2224260320&fm=76
  • c####.####.com/sync.htm?cproid=####
  • c####.####.com/youku?mzid=####
  • h####.####.cn/assets/images/health_expert_logo_1128.png
  • t####.####.com/it/u=3190789547,3183745240&fm=76
  • p####.####.com/32/20170215/98/1487145943650_1_w500_h375_m.jpg
  • z####.####.com/customer_search/api/ping?logid=####&version=####&prod_id=####&plate_url=####&referrer=####&time=####&page_id=####&source=####&site_id=#...
  • y####.####.com/ya2.gif?nvid=####&userid=####&cc=####&rr=####&nn=####&nh=####&nw=####&nt=####&nl=####&mt=####&ml=####&sw=####&sh=####&pr=####&ht=####&h...
  • h####.####.cn/assets/rev/m/images/bg-to-top.png
  • h####.####.cn/ya/yl.js?d=####
  • h####.####.cn/assets/rev/m/images/new_3glm_icona.png
  • p####.####.com/32/20170215/78/1487145849678_1_w500_h295_m.jpg
  • t####.####.com/it/u=273440354,625088683&fm=76
  • h####.####.cn/assets/rev/m/images/icon-check.png
  • h####.####.cn/assets/rev/m/script/md5.js
  • h####.####.cn/assets/rev/m/images/app_down_yy.png
  • 3####.####.com/parenting/201702161125114.shtml
  • h####.####.cn/assets/app/lib/ovgap.js
  • 3####.####.com/api/relation/collect/check_many_type?userId=####&typeIdList=####&objId=####&callback=####&_=####
  • h####.####.cn/assets/rev/m/images/down_yy.png
  • y####.####.com/ylk.ad.mini.js
  • t####.####.com/it/u=380370064,3127531297&fm=76
  • h####.####.cn/assets/rev/m/script/jquery.min.js
  • h####.####.cn/assets/rev/m/images/new_3glm_iconf.png
  • t####.####.com/it/u=721075149,896812345&fm=76
  • p####.####.com/32/20170215/107/1487145850731_1_w500_h295_m.jpg
  • p####.####.com/ccwm?di=####&dri=####&dis=####&dai=####&ps=####&coa=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=####&tpr=####&ti=####&ari=###...
  • y####.####.com/mpids.mini.js
  • t####.####.com/it/u=1387459619,1326904128&fm=76
  • p####.####.com/32/20170215/71/1487145809095_1_w500_h287_m.jpg
  • p####.####.com/32/20170216/95/1487211037023_1_w600_h290_o.jpg
  • google-####.com/r/__utm.gif?utmwv=####&utms=####&utmn=####&utmhn=####&utmcs=####&utmsr=####&utmvp=####&utmsc=####&utmul=####&utmje=####&utmfl=####&utm...
  • d####.####.com/js/om.js
  • h####.####.cn/assets/rev/m/script/3g-login.js?v=####
  • h####.####.cn/assets/rev/m/images/new_3glm_top.png
  • p####.####.com/32/20170210/49/1486692405041_1_w600_h290_o.jpg
  • t####.####.com/it/u=202033670,1529745165&fm=76
  • h####.####.cn/assets/images/health_opacity_p.png
  • h####.####.cn/assets/app/lib/config3.js
  • h####.####.cn/assets/rev/m/script/fn-index.js?v=####
  • t####.####.com/it/u=2758238868,1236188348&fm=76
  • y####.####.com/ya1.jpg?&_nvid=####&userid=####&title=####&curl=####&from=####&ref=####&d=####&cc=####&
  • p####.####.com/32/20170215/37/1487145889701_1_w500_h355_m.jpg
  • p####.####.com/32/20170215/68/1487145788356_1_w500_h454_m.jpg
  • p####.####.com/32/20170217/58/1487298279994_1_w72_h50_o.jpg
  • p####.####.com/32/20170215/120/1487145825656_1_w500_h288_m.jpg
  • h####.####.cn/assets/rev/m/images/new_3glm_icong.png
  • p####.####.com/32/20170216/98/1487215561058_1_w600_h441_m.jpg
  • h####.####.cn/assets/rev/m/images/close.png
  • p####.####.com/32/20170213/21/1486950335381_1_w600_h290_o.jpg
  • d####.####.com/2.0/StdID.do?bfdid=####&gid=####
  • p####.####.com/32/20170215/16/1487145907728_1_w500_h333_m.jpg
  • p####.####.com/32/20170215/114/1487145874162_1_w500_h295_m.jpg
  • p####.####.com/sync_pos.htm?cproid=####&t=####
  • y####.####.com/ylk.mini.js
  • t####.####.com/it/u=459219245,635003017&fm=76
  • h####.####.cn/assets/rev/m/images/icon-ability.png
  • h####.####.cn/assets/rev/lib/final/3gfinalpage.js
  • h####.####.cn/assets/rev/m/images/new_3glm_iconb.png
  • h####.####.cn/assets/rev/m/images/icon-triangle-down.png
  • z####.####.com/customer_search/api/js?sid=####&plate_url=####&t=####
  • h####.####.cn/assets/rev/m/script/iScroll.js
  • p####.####.com/32/20170215/57/1487145767225_1_w500_h492_m.jpg
  • h####.####.cn/assets/rev/m/images/icon-login-01.png
  • sta####.####.com/service/bcore/clientData.html
  • t####.####.com/it/u=726313884,4095522171&fm=76
  • a####.####.com/afp/door/;ap=186208;ct=js;pu=4c451ece10ff899d0001;/?
  • p####.####.com/32/20170215/101/1487145808869_1_w500_h288_m.jpg
  • h####.####.cn/assets/rev/m/images/icon-share.png
  • h####.####.cn/www/js/jquery.1.9.1.min.js
  • p####.####.com/ccwm?sz=####&rdid=####&dc=####&di=####&dri=####&dis=####&dai=####&ps=####&coa=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=###...
  • a####.####.com/afp/door/;ap=186207;ct=js;pu=4c451ece10ff899d0001;/?
  • h####.####.cn/assets/rev/m/images/logo.png
  • t####.####.com/it/u=78041141,1486761205&fm=76
  • y####.####.com/ya.jpg?&_nvid=####&userid=####&babybirth=####&username=####&_nurl=####&_ntit=####&_keywords=####&_nref=####&_d=####&cc=####&_yl_ft=####...
  • p####.####.com/32/20170215/113/1487145825905_1_w500_h290_m.jpg
  • h####.####.cn/assets/rev/m/images/new_3glm_icone.png?
  • p####.####.com/32/20161114/7/1479087516295_1_w48_h48_m.jpg
  • h####.####.cn/assets/rev/m/images/new_3glm_icon.png
  • h####.####.cn/assets/rev/m/style/module-index.css?v=####
  • 3####.####.com/3g/comment_health/behavior.js?v=####
  • p####.####.com/ccwm?di=####&dri=####&dis=####&dai=####&ps=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=####&tpr=####&ti=####&ari=####&dbv=###...
  • t####.####.com/it/u=939115985,4036494681&fm=76
  • 3####.####.com/ask/phpapi/essence/index?callback=####&_=####
  • p####.####.com/32/20170216/49/1487215630641_1_w600_h441_m.jpg
  • h####.####.cn/assets/rev/m/images/icon-star.png
  • h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&ep=####&et=####&ja=####&ln=####&lo=####&lt=####&nv=####&rnd=####&si=####&st=####&v=####&lv=####&...
  • p####.####.com/32/20170217/30/1487298328606_1_w72_h50_o.jpg
  • p####.####.com/32/20170215/100/1487145849956_1_w500_h295_m.jpg
  • h####.####.cn/assets/images/health_video_icon_1128.png
  • p####.####.com/pcym?di=####&dri=####&dis=####&dai=####&ps=####&coa=####&dcb=####&dtm=####&dvi=####&dci=####&dpt=####&tsr=####&tpr=####&ti=####&ari=###...
  • h####.####.com/hm.js?0b90b86####
  • p####.####.com/32/20170215/36/1487145985700_1_w500_h671_m.jpg
  • p####.####.com/32/20170215/18/1487145967634_1_w500_h667_m.jpg
  • p####.####.com/sync_pos.htm?cproid=####
  • t####.####.com/it/u=1949466444,2583208290&fm=76
  • d####.####.com/2.0/StdID.do?bfdid=####&setcookie=####&is_newgid=####
  • t####.####.com/it/u=2195457806,928786945&fm=76
  • p####.####.com/32/20170215/21/1487124903829_1_w600_h290_o.jpg
  • h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&et=####&ja=####&ln=####&lo=####&lt=####&nv=####&rnd=####&si=####&st=####&v=####&lv=####&tt=####
  • c####.####.com/cpro/ui/noexpire/img/2.0.1/bd-logo4.png
  • p####.####.com/32/20170216/44/1487215536684_1_w600_h339_m.jpg
  • w####.####.com/adx.php?c=####
  • 3####.####.com/index/global/loadmore.js
  • p####.####.com/32/20170215/89/1487145943385_1_w500_h500_m.jpg
  • t####.####.com/it/u=3000725098,2818790837&fm=76
  • logi####.####.com/getuserinfo.ashx?isnew=####
  • h####.####.cn/assets/images/health_vide_bg_1128.png
  • t####.####.com/it/u=406982088,1975561641&fm=76
  • 3####.####.com/jk/image/plug_a.png
  • h####.####.cn/assets/rev/m/script/public-module.js?v=####
  • t####.####.com/it/u=3240583149,3642188730&fm=76
  • h####.####.cn/assets/rev/m/script/fastclick.js
  • c####.####.com/cpro/ui/cm.js
  • t####.####.com/it/u=1965882921,2451652402&fm=76
  • t####.####.com/it/u=2525566214,3482417084&fm=76
  • 3####.####.com/
  • h####.####.cn/assets/rev/m/images/icon-search2.png
  • h####.####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&et=####&ja=####&ln=####&lo=####&nv=####&rnd=####&si=####&st=####&v=####&lv=####&tt=####
  • p####.####.com/32/20170215/94/1487145850206_1_w500_h277_m.jpg
  • p####.####.com/32/20170215/3/1487145874435_1_w500_h295_m.jpg
  • a####.####.com/afp/door/;ap=186204;ct=if;pu=4c451ece10ff899d0001;/?
  • t####.####.com/it/u=128618696,1912514879&fm=76
  • 3####.####.com/api/relation/collect/count?typeId=####&objId=####&isReal=####&callback=####&_=####
  • d####.####.com/2.0/LinkClick.do?pth=####&lt=####&tp=####&ep=####&ln=####&pageflag=####&fingerprint=####&fpduration=####&sid=####&cid=####&d_s=####&uid...
  • p####.####.com/32/20170215/79/1487145767503_1_w500_h495_m.jpg
HTTP POST requests:
  • a####.####.com/getads.mob
  • a####.####.com/patmob.mob
  • a####.####.com/xxrrpp.mob
  • a####.####.com/shupwxm.mob
  • a####.####.com/init.mob
Modified file system:
Creates the following files:
  • /data/data/####/cache/webviewCacheChromium/f_00002f
  • /data/data/####/cache/webviewCacheChromium/f_00002e
  • /data/data/####/cache/webviewCacheChromium/f_00002d
  • /data/data/####/cache/webviewCacheChromium/f_00002c
  • /data/data/####/cache/webviewCacheChromium/f_00002b
  • /data/data/####/cache/webviewCacheChromium/f_00002a
  • /data/data/####/cache/webviewCacheChromium/data_3
  • /data/data/####/cache/webviewCacheChromium/data_2
  • /data/data/####/cache/webviewCacheChromium/data_1
  • /data/data/####/cache/webviewCacheChromium/data_0
  • /data/data/####/databases/webviewCookiesChromium.db-journal
  • /sdcard/610dac5495365a7a1adf6c9cc2bef234.jar
  • /data/data/####/app_ieup/.1d14a69806b3ece7ffb86d4b24341888.jar
  • /data/data/####/databases/webview.db-journal
  • /data/data/####/cache/webviewCacheChromium/f_000026
  • /data/data/####/cache/webviewCacheChromium/f_000025
  • /data/data/####/cache/webviewCacheChromium/f_000024
  • /data/data/####/cache/webviewCacheChromium/f_000023
  • /data/data/####/cache/webviewCacheChromium/f_000022
  • /data/data/####/cache/webviewCacheChromium/f_000021
  • /data/data/####/cache/webviewCacheChromium/f_000020
  • /data/data/####/cache/webviewCacheChromium/f_000029
  • /data/data/####/cache/webviewCacheChromium/f_000028
  • /data/data/####/shared_prefs/.xt_epg_uxath.xml
  • /data/data/####/shared_prefs/.xt_epg_uxath.xml.bak
  • /data/data/####/databases/COMLETANGGAMEAZP-journal
  • /data/data/####/cache/webviewCacheChromium/index
  • /sdcard/Android/data/.529556641da81be7fcf36818391342c9
  • /data/data/####/cache/webviewCacheChromium/f_00000a
  • /data/data/####/cache/webviewCacheChromium/f_00000c
  • /data/data/####/cache/webviewCacheChromium/f_00000b
  • /data/data/####/cache/webviewCacheChromium/f_00000e
  • /data/data/####/cache/webviewCacheChromium/f_00000d
  • /data/data/####/app_baidu_ad_sdk/__xadsdk__remote__final__builtin__.jar
  • /data/data/####/cache/webviewCacheChromium/f_000034
  • /data/data/####/cache/webviewCacheChromium/f_000035
  • /data/data/####/cache/webviewCacheChromium/f_000036
  • /data/data/####/cache/webviewCacheChromium/f_000037
  • /data/data/####/cache/webviewCacheChromium/f_000030
  • /data/data/####/cache/webviewCacheChromium/f_000031
  • /data/data/####/cache/webviewCacheChromium/f_000032
  • /data/data/####/cache/webviewCacheChromium/f_000033
  • /data/data/####/cache/webviewCacheChromium/f_000038
  • /data/data/####/cache/webviewCacheChromium/f_000039
  • /data/data/####/cache/webviewCacheChromium/f_00003d
  • /data/data/####/cache/webviewCacheChromium/f_00003e
  • /data/data/####/cache/webviewCacheChromium/f_00003f
  • /data/data/####/cache/webviewCacheChromium/f_00003a
  • /data/data/####/cache/webviewCacheChromium/f_00003b
  • /data/data/####/cache/webviewCacheChromium/f_00003c
  • /data/data/####/cache/webviewCacheChromium/f_000009
  • /data/data/####/cache/webviewCacheChromium/f_000008
  • /data/data/####/cache/webviewCacheChromium/f_000001
  • /data/data/####/cache/webviewCacheChromium/f_000003
  • /data/data/####/cache/webviewCacheChromium/f_000002
  • /data/data/####/cache/webviewCacheChromium/f_000005
  • /data/data/####/cache/webviewCacheChromium/f_000004
  • /data/data/####/cache/webviewCacheChromium/f_000007
  • /data/data/####/cache/webviewCacheChromium/f_000006
  • /data/data/####/cache/webviewCacheChromium/f_000018
  • /data/data/####/cache/webviewCacheChromium/f_000019
  • /data/data/####/cache/webviewCacheChromium/f_000016
  • /data/data/####/cache/webviewCacheChromium/f_000017
  • /data/data/####/cache/webviewCacheChromium/f_000014
  • /data/data/####/cache/webviewCacheChromium/f_000015
  • /data/data/####/cache/webviewCacheChromium/f_000012
  • /data/data/####/cache/webviewCacheChromium/f_000013
  • /data/data/####/cache/webviewCacheChromium/f_000010
  • /data/data/####/cache/webviewCacheChromium/f_000011
  • /sdcard/Android/data/.infofo
  • /data/data/####/cache/webviewCacheChromium/f_00001f
  • /data/data/####/cache/webviewCacheChromium/f_00001d
  • /data/data/####/cache/webviewCacheChromium/f_00001e
  • /data/data/####/cache/webviewCacheChromium/f_00001b
  • /data/data/####/cache/webviewCacheChromium/f_00001c
  • /data/data/####/cache/webviewCacheChromium/f_00001a
  • /data/data/####/cache/webviewCacheChromium/f_00000f
  • /sdcard/.x
  • /data/data/####/shared_prefs/.hdyihmen.xml
  • /data/data/####/shared_prefs/.hdyihmen.xml.bak
  • /data/data/####/cache/webviewCacheChromium/f_000049
  • /data/data/####/cache/webviewCacheChromium/f_000048
  • /data/data/####/cache/webviewCacheChromium/f_000045
  • /data/data/####/cache/webviewCacheChromium/f_000044
  • /data/data/####/cache/webviewCacheChromium/f_000047
  • /data/data/####/cache/webviewCacheChromium/f_000046
  • /data/data/####/cache/webviewCacheChromium/f_000041
  • /data/data/####/cache/webviewCacheChromium/f_000040
  • /data/data/####/cache/webviewCacheChromium/f_000043
  • /data/data/####/cache/webviewCacheChromium/f_000042
  • /data/data/####/cache/webviewCacheChromium/f_000027
Miscellaneous:
Executes next shell scripts:
  • /data/data/####/app_bin/daemon -p #### -s com.id.yn.e.a -t 300
  • /data/data/####/files/qhad/update/qh_ad_backs.jpg -p #### -r am start --user 0 -n ####/sfk.sfiuf.cmk.lcks -h https://www.qihoo.com -m -i 2104
  • chmod 777 /data/data/####/files/qhad/update/qh_ad_backs.jpg
Contains functionality to send SMS messages automatically.

Curing recommendations

Android

  1. If the mobile device is operating normally, download and install Dr.Web for Android Light. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web для Android Light onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play