ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話

03-6550-8770

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話

03-6550-8770

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.MulDrop23.40758

Added to the Dr.Web virus database: 2023-09-09

Virus description added:

Technical Information

Malicious functions
Executes the following
  • '%WINDIR%\syswow64\taskkill.exe' -f -im StartDMS.exe
Modifies file system
Creates the following files
  • %TEMP%\_ir_sf_temp_0\irsetup.exe
  • C:\dta_client\dms_at\hooking_l_on.ico
  • C:\dta_client\dms_at\hkinfor.db3
  • C:\dta_client\dms_at\getcsidl.exe
  • C:\dta_client\dms_at\fsct.dll
  • C:\dta_client\dms_at\filev012.ocx
  • C:\dta_client\dms_at\extapp.exe
  • C:\dta_client\dms_at\extact.dll
  • C:\dta_client\dms_at\edms.lnk
  • C:\dta_client\dms_at\edmres.dll
  • C:\dta_client\dms_at\dtaweb.dll
  • C:\dta_client\dms_at\dmrc_string.dll
  • C:\dta_client\dms_at\dtautil.dll
  • C:\dta_client\dms_at\dtamaindrv.sys
  • C:\dta_client\dms_at\dtadrvmngr.dll
  • C:\dta_client\dms_at\dtaclient.ocx
  • C:\dta_client\dms_at\dta4attach.dll
  • C:\dta_client\dms_at\dta.dll
  • C:\dta_client\dms_at\dmwk.dll
  • C:\dta_client\dms_at\dms_sso_check.exe
  • C:\dta_client\dms_at\dms_sso_check.dll
  • C:\dta_client\dms_at\dms_at.exe
  • C:\dta_client\dms_at\dmsp.dll
  • C:\dta_client\dms_at\dtamt.exe
  • C:\dta_client\dms_at\dmsdoc.db3
  • C:\dta_client\dms_at\inidms.exe
  • C:\dta_client\dms_at\rc4fileprotect.sys
  • C:\dta_client\dms_at\restartexplorer.exe
  • C:\dta_client\dms_at\registerstartdms.exe
  • C:\dta_client\dms_at\rcloudotp.dll
  • C:\dta_client\dms_at\rc4vdisk.sys
  • C:\dta_client\dms_at\rc4regprotect64.sys
  • C:\dta_client\dms_at\rc4regprotect.sys
  • C:\dta_client\dms_at\rc4psprotect64.sys
  • C:\dta_client\dms_at\rc4psprotect.sys
  • C:\dta_client\dms_at\rc4lsprotect64.sys
  • C:\dta_client\dms_at\rc4lsprotect.sys
  • C:\dta_client\dms_at\installstartdms.exe
  • C:\dta_client\dms_at\inject4dta.dll
  • C:\dta_client\dms_at\rayfulcripto.dll
  • C:\dta_client\dms_at\nstartdmsat.exe
  • C:\dta_client\dms_at\ncstedm2.ocx
  • C:\dta_client\dms_at\lsp4svc.exe
  • C:\dta_client\dms_at\lsp4shell64.dll
  • C:\dta_client\dms_at\lsp4shell.dll
  • C:\dta_client\dms_at\lsp4dta.exe
  • C:\dta_client\dms_at\lotte_recycle_bin_64.exe
  • C:\dta_client\dms_at\lotte_recycle_bin.exe
  • C:\dta_client\dms_at\libcurl64.dll
  • C:\dta_client\dms_at\rc4fileprotect64.sys
  • C:\dta_client\dms_at\dmrc_icon.dll
  • C:\dta_client\dms_at\dmexternalwork.exe
  • C:\dta_client\dms_at\dmea.dll
  • C:\dta_client\dms_at\64\vcredist_x64.exe
  • C:\dta_client\dms_at\64\stringtable_kor.ini
  • C:\dta_client\dms_at\64\stringtable_jpn.ini
  • C:\dta_client\dms_at\64\stringtable_eng.ini
  • C:\dta_client\dms_at\64\stringtable_chn.ini
  • C:\dta_client\dms_at\64\stringtable.ini
  • C:\dta_client\dms_at\64\sqlite64.dll
  • C:\dta_client\dms_at\64\setup.s3db
  • C:\dta_client\dms_at\64\serverinfo.ini
  • C:\dta_client\dms_at\64\viewdoc64.exe
  • C:\dta_client\dms_at\64\searchroot.lnk
  • C:\dta_client\dms_at\64\inidms64.exe
  • C:\dta_client\dms_at\64\hkinfor.db3
  • C:\dta_client\dms_at\64\fsct64.dll
  • C:\dta_client\dms_at\64\filev012.ocx
  • C:\dta_client\dms_at\64\extact64.dll
  • C:\dta_client\dms_at\64\edms64.lnk
  • C:\dta_client\dms_at\64\dtaweb64.dll
  • C:\dta_client\dms_at\64\dta64.dll
  • C:\dta_client\dms_at\64\dta4attach64.dll
  • C:\dta_client\dms_at\64\dmwk64.dll
  • C:\dta_client\dms_at\64\restartexplorer.exe
  • C:\dta_client\dms_at\64\workguide.db3
  • C:\dta_client\dms_at\64\vcredist_x64_2008.exe
  • C:\dta_client\dms_at\cfg\set\cfgdta.ini
  • C:\dta_client\dms_at\dmctmu.dll
  • C:\dta_client\dms_at\cfg\set\lsp4dta.ini
  • C:\dta_client\dms_at\dmcp_conn.exe
  • C:\dta_client\dms_at\dmcp.dll
  • C:\dta_client\dms_at\dmbc.dll
  • C:\dta_client\dms_at\diskutil_32.dll
  • C:\dta_client\dms_at\data.ini
  • C:\dta_client\dms_at\configure.ini
  • C:\dta_client\dms_at\analysis4dta.dll
  • C:\dta_client\dms_at\update\versioninfo.csv
  • C:\dta_client\dms_at\res\dta_tray.ico
  • C:\dta_client\dms_at\cfg\set\version.ini
  • C:\dta_client\dms_at\cfg\set\extapp_cfg.ini
  • C:\dta_client\dms_at\cfg\set\dhtmlwork.ini
  • C:\dta_client\dms_at\cfg\set\extact_str_kor.ini
  • C:\dta_client\dms_at\cfg\set\extact_str_jpn.ini
  • C:\dta_client\dms_at\cfg\set\extact_str_eng.ini
  • C:\dta_client\dms_at\cfg\set\extact_str_chn.ini
  • C:\dta_client\dms_at\cfg\set\extact_cfg.ini
  • C:\dta_client\dms_at\cfg\set\dmwk.ini
  • C:\dta_client\dms_at\cfg\set\dmexternal.ini
  • C:\dta_client\dms_at\cfg\set\dmea.ini
  • C:\dta_client\dms_at\cfg\set\dmctmu.ini
  • C:\dta_client\dms_at\cfg\set\dmbc.ini
  • C:\dta_client\dms_at\rfsdetour.dll
  • C:\dta_client\dms_at\rfsdetour64.dll
  • C:\dta_client\dms_at\rfsdetourex.dll
  • C:\dta_client\dms_at\rfsdetourex64.dll
  • %TEMP%\msi7e14.log
  • %CommonProgramFiles(x86)%\microsoft shared\vc\msdia80.dll
  • %WINDIR%\winsxs\installtemp\20230908192104571.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104571.0\8.0.50727.6195.policy
  • %WINDIR%\winsxs\installtemp\20230908192104551.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104551.0\8.0.50727.6195.policy
  • %WINDIR%\winsxs\installtemp\20230908192104541.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104541.0\8.0.50727.6195.policy
  • %WINDIR%\winsxs\installtemp\20230908192104521.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104521.0\8.0.50727.6195.policy
  • D:\1b4c006c78910cc1e0d39c12\vc_red.cab
  • %WINDIR%\winsxs\installtemp\20230908192104501.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104471.0\vcomp.dll
  • %WINDIR%\winsxs\installtemp\20230908192104471.0\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920.cat
  • %WINDIR%\winsxs\installtemp\20230908192104471.0\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920.manifest
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80kor.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80jpn.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80ita.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80fra.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80deu.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80enu.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80esp.dll
  • %WINDIR%\winsxs\installtemp\20230908192104501.0\8.0.50727.6195.policy
  • D:\1b4c006c78910cc1e0d39c12\vc_red.msi
  • D:\1b4c006c78910cc1e0d39c12\install.exe
  • D:\1b4c006c78910cc1e0d39c12\install.res.1033.dll
  • D:\1b4c006c78910cc1e0d39c12\$shtdwn$.req
  • D:\1b4c006c78910cc1e0d39c12\vcredist.bmp
  • D:\1b4c006c78910cc1e0d39c12\install.ini
  • D:\1b4c006c78910cc1e0d39c12\globdata.ini
  • D:\1b4c006c78910cc1e0d39c12\eula.2052.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1028.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1031.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.3082.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1036.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1040.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1049.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1041.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1042.txt
  • D:\1b4c006c78910cc1e0d39c12\eula.1033.txt
  • D:\1b4c006c78910cc1e0d39c12\install.res.2052.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1028.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1031.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.3082.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1036.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1040.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1049.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1041.dll
  • D:\1b4c006c78910cc1e0d39c12\install.res.1042.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80cht.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789.cat
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80chs.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789.manifest
  • C:\dta_client\dms_at\workguide.db3
  • C:\dta_client\dms_at\viewdoc.ini
  • C:\dta_client\dms_at\viewdoc.exe
  • C:\dta_client\dms_at\verifyfiletype.dll
  • C:\dta_client\dms_at\verifyfile4dta.dll
  • C:\dta_client\dms_at\vdiskalarm.exe
  • C:\dta_client\dms_at\vcredist_x86_2008.exe
  • C:\dta_client\dms_at\vcredist_x86.exe
  • C:\dta_client\dms_at\tskill.exe
  • C:\dta_client\dms_at\stringtable_kor.ini
  • %WINDIR%\syswow64\dtautil.dll
  • C:\dta_client\dms_at\stringtable_jpn.ini
  • C:\dta_client\dms_at\stringtable_chn.ini
  • C:\dta_client\dms_at\stringtable.ini
  • C:\dta_client\dms_at\startdms.exe
  • C:\dta_client\dms_at\sqlite3.dll
  • C:\dta_client\dms_at\setup.s3db
  • C:\dta_client\dms_at\serverinfo.ini
  • C:\dta_client\dms_at\searchroot.lnk
  • C:\dta_client\dms_at\rfstring.dll
  • C:\dta_client\dms_at\rfsfiltermanager64.dll
  • C:\dta_client\dms_at\rfsfiltermanager.dll
  • C:\dta_client\dms_at\stringtable_eng.ini
  • %WINDIR%\syswow64\edmscontrol_install.exe
  • %WINDIR%\syswow64\edmsinterface.dll
  • %WINDIR%\syswow64\edmsinterface64.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfcm80u.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfc80.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfc80u.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfcm80.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b.cat
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b.manifest
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\msvcm80.dll
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\msvcp80.dll
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\msvcr80.dll
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_msvcp80.dll.98cb24ad_52fb_db5f_ff1f_c8b3b9a1e18e
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_msvcm80.dll.98cb24ad_52fb_db5f_ff1f_c8b3b9a1e18e
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_msvcr80.dll.98cb24ad_52fb_db5f_ff1f_c8b3b9a1e18e
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86.cat
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86.manifest
  • %WINDIR%\winsxs\installtemp\20230908192103917.0\atl80.dll
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_atl80.dll.97f81af1_0e47_dc99_ff1f_c8b3b9a1e18e
  • %WINDIR%\winsxs\installtemp\20230908192103917.0\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa.cat
  • %WINDIR%\winsxs\installtemp\20230908192103917.0\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa.manifest
  • %TEMP%\ixp001.tmp\vcredist.msi
  • %TEMP%\ixp001.tmp\vcredis1.cab
  • %TEMP%\ixp000.tmp\vcredist.msi
  • %TEMP%\ixp000.tmp\vcredis1.cab
  • %WINDIR%\syswow64\libcurl.dll
  • %TEMP%\dd_vcredistui39f4.txt
  • C:\dta_client\dms_at\64\dms_sso_check.exe
  • C:\dta_client\dms_at\64\dms_sso_check.dll
  • C:\dta_client\dms_at\64\dms_at64.exe
  • C:\temp\dta_client\vcredist_x86.exe
  • C:\temp\dta_client\tskill.exe
  • C:\temp\dta_client\stringtable.ini
  • C:\temp\dta_client\startdms.exe
  • C:\temp\dta_client\sqlite3.dll
  • C:\temp\dta_client\setup.s3db
  • C:\temp\dta_client\serverinfo.ini
  • C:\temp\dta_client\searchroot.lnk
  • C:\temp\dta_client\rfstring.dll
  • C:\temp\dta_client\rfsdetourex64.dll
  • C:\temp\dta_client\lsp4shell64.dll
  • C:\temp\dta_client\rfsdetourex.dll
  • C:\temp\dta_client\restartexplorer.exe
  • C:\temp\dta_client\removedta.exe
  • C:\temp\dta_client\registerstartdms.exe
  • C:\temp\dta_client\rc4vdisk.sys
  • C:\temp\dta_client\rc4psprotect64.sys
  • C:\temp\dta_client\rc4psprotect.sys
  • C:\temp\dta_client\rc4lsprotect64.sys
  • C:\temp\dta_client\rc4lsprotect.sys
  • C:\temp\dta_client\nstartdmsat.exe
  • C:\temp\dta_client\ncstedm2.ocx
  • C:\temp\dta_client\rfsdetour.dll
  • C:\temp\dta_client\lsp4svc.exe
  • C:\temp\dta_client\vcredist_x86_2008.exe
  • C:\temp\dta_client\64\dmsdoc.db3
  • C:\temp\dta_client\64\hkinfor.db3
  • C:\temp\dta_client\64\fsct64.dll
  • C:\temp\dta_client\64\extact64.dll
  • C:\temp\dta_client\64\edms64.lnk
  • C:\temp\dta_client\64\dtaweb64.dll
  • C:\temp\dta_client\64\dta64.dll
  • C:\temp\dta_client\64\dmwk64.dll
  • C:\temp\dta_client\64\dms_sso_check.exe
  • C:\temp\dta_client\64\dms_sso_check.dll
  • C:\temp\dta_client\64\dms_at64.exe
  • C:\temp\dta_client\viewdoc.exe
  • C:\temp\dta_client\verifyfiletype.dll
  • C:\temp\dta_client\64\dmrc_string64.dll
  • C:\temp\dta_client\64\dmrc_icon64.dll
  • C:\temp\dta_client\64\dmea64.dll
  • C:\temp\dta_client\64\dmctmu64.dll
  • C:\temp\dta_client\64\dmcp_conn64.exe
  • C:\temp\dta_client\64\dmcp64.dll
  • C:\temp\dta_client\64\dmbc64.dll
  • C:\temp\dta_client\64\diskutil_64.dll
  • C:\temp\dta_client\64\data.ini
  • C:\temp\dta_client\workguide.db3
  • C:\temp\dta_client\64\dmsp64.dll
  • C:\temp\dta_client\lsp4shell.dll
  • C:\temp\dta_client\lsp4dta.exe
  • C:\temp\dta_client\installstartdms.exe
  • C:\temp\dta_client\dmctmu.dll
  • C:\temp\dta_client\dmcp_conn.exe
  • C:\temp\dta_client\dmcp.dll
  • C:\temp\dta_client\dmbc.dll
  • C:\temp\dta_client\diskutil_32.dll
  • C:\temp\dta_client\data.ini
  • C:\temp\dta_client\configure.ini
  • C:\temp\dta_client\analysis4dta.dll
  • C:\temp\setuplog.txt
  • C:\temp\dta_client\dmexternalwork.exe
  • %TEMP%\_ir_sf_temp_1\irsetup.dat
  • C:\temp\winformmessagebox.exe
  • C:\temp\pccontrol_setup_silent.exe
  • C:\temp\vcredist_x64_2008.exe
  • C:\temp\vcredist_x86_2008.exe
  • C:\dta_client\dms_at\64\tskill.exe
  • C:\dta_client\dms_at\64\removedta64.exe
  • C:\dta_client\dms_at\removedta.exe
  • C:\temp\tskill.exe
  • %WINDIR%\syswow64\dms_at_setuplog.txt
  • %TEMP%\_ir_sf_temp_0\irsetup.dat
  • %TEMP%\_ir_sf_temp_1\irsetup.exe
  • C:\temp\dta_client\dmrc_icon.dll
  • C:\temp\dta_client\dmea.dll
  • C:\temp\dta_client\dmrc_string.dll
  • C:\temp\dta_client\inject4dta.dll
  • C:\temp\dta_client\dtautil.dll
  • C:\temp\dta_client\inidms.exe
  • C:\temp\dta_client\hooking_l_on.ico
  • C:\temp\dta_client\hkinfor.db3
  • C:\temp\dta_client\getcsidl.exe
  • C:\temp\dta_client\fsct.dll
  • C:\temp\dta_client\extapp.exe
  • C:\temp\dta_client\extact.dll
  • C:\temp\dta_client\edms.lnk
  • C:\temp\dta_client\edmres.dll
  • C:\temp\dta_client\dtaweb.dll
  • C:\temp\dta_client\dtamt.exe
  • C:\temp\dta_client\dmsdoc.db3
  • C:\temp\dta_client\dtamaindrv.sys
  • C:\temp\dta_client\dtadrvmngr.dll
  • C:\temp\dta_client\dtaclient.ocx
  • C:\temp\dta_client\dta4attach.dll
  • C:\temp\dta_client\dta.dll
  • C:\temp\dta_client\dmwk.dll
  • C:\temp\dta_client\dms_sso_check.exe
  • C:\temp\dta_client\dms_sso_check.dll
  • C:\temp\dta_client\dms_at.exe
  • C:\temp\dta_client\dmsp.dll
  • C:\temp\dta_client\64\inidms64.exe
  • C:\temp\dta_client\64\removedta64.exe
  • C:\temp\dta_client\64\restartexplorer.exe
  • C:\temp\dta_client\64\searchroot.lnk
  • C:\temp\websock\smartdiskagent_setup.exe
  • C:\temp\p_workroom\èþáöåë\èþáöåë µµ¿ò¸».txt
  • C:\temp\dta_client\vdiskalarm.exe
  • C:\temp\dta_client\rfsdetour64.dll
  • C:\temp\dta_client\rc4regprotect64.sys
  • C:\temp\dta_client\rc4regprotect.sys
  • C:\temp\dta_client\rc4fileprotect64.sys
  • C:\temp\dta_client\rc4fileprotect.sys
  • C:\temp\dta_client\rfsfiltermanager64.dll
  • C:\temp\dta_client\rfsfiltermanager.dll
  • C:\p_workroom\èþáöåë\èþáöåë µµ¿ò¸».txt
  • C:\temp\dta_client\viewdoc.ini
  • C:\temp\dta_client\lotte_recycle_bin_64.exe
  • C:\temp\dta_client\64\res\dta_tray.ico
  • C:\temp\dta_client\res\dta_tray.ico
  • C:\temp\dta_client\64\dta4attach64.dll
  • C:\temp\dta_client\rayfulcripto.dll
  • C:\temp\system\edmsinterface64.dll
  • C:\temp\system\edmsinterface.dll
  • C:\temp\system\edmscontrol_install.exe
  • C:\temp\system\dtautil.dll
  • C:\temp\dta_client\verifyfile4dta.dll
  • C:\temp\dta_client\lotte_recycle_bin.exe
  • C:\dta_client\dms_at\64\cfg\set\cfgdta.ini
  • C:\dta_client\dms_at\64\cfg\set\dhtmlwork.ini
  • C:\dta_client\dms_at\64\cfg\set\dmbc.ini
  • C:\dta_client\dms_at\64\dmsdoc.db3
  • C:\dta_client\dms_at\64\dmrc_string64.dll
  • C:\dta_client\dms_at\64\dmrc_icon64.dll
  • C:\dta_client\dms_at\64\dmea64.dll
  • C:\dta_client\dms_at\64\dmctmu64.dll
  • C:\dta_client\dms_at\64\dmcp_conn64.exe
  • C:\dta_client\dms_at\64\dmcp64.dll
  • C:\dta_client\dms_at\64\dmbc64.dll
  • C:\dta_client\dms_at\64\diskutil_64.dll
  • C:\dta_client\dms_at\64\data.ini
  • C:\dta_client\dms_at\64\res\dta_tray.ico
  • C:\dta_client\dms_at\64\cfg\set\version.ini
  • C:\dta_client\dms_at\64\cfg\set\lsp4dta.ini
  • C:\dta_client\dms_at\64\cfg\set\extapp_cfg.ini
  • C:\dta_client\dms_at\64\cfg\set\extact_str_kor.ini
  • C:\dta_client\dms_at\64\cfg\set\extact_str_jpn.ini
  • C:\dta_client\dms_at\64\cfg\set\extact_str_eng.ini
  • C:\dta_client\dms_at\64\cfg\set\extact_str_chn.ini
  • C:\dta_client\dms_at\64\cfg\set\extact_cfg.ini
  • C:\dta_client\dms_at\64\cfg\set\dmwk.ini
  • C:\dta_client\dms_at\64\cfg\set\dmexternal.ini
  • C:\dta_client\dms_at\64\cfg\set\dmea.ini
  • C:\dta_client\dms_at\64\cfg\set\dmctmu.ini
  • C:\temp\dta_client\64\filev012.ocx
  • C:\temp\dta_client\libcurl64.dll
  • C:\temp\dta_client\filev012.ocx
  • C:\temp\system\libcurl.dll
  • C:\temp\dta_client\cfg\set\dhtmlwork.ini
  • C:\temp\dta_client\cfg\set\cfgdta.ini
  • C:\temp\dta_client\64\cfg\set\version.ini
  • C:\temp\dta_client\64\cfg\set\lsp4dta.ini
  • C:\temp\dta_client\64\cfg\set\extapp_cfg.ini
  • C:\temp\dta_client\64\cfg\set\extact_str_kor.ini
  • C:\temp\dta_client\64\cfg\set\extact_cfg.ini
  • C:\temp\dta_client\64\cfg\set\dmwk.ini
  • C:\temp\dta_client\64\cfg\set\dmexternal.ini
  • C:\temp\dta_client\64\cfg\set\dmea.ini
  • C:\temp\dta_client\cfg\set\dmbc.ini
  • C:\temp\dta_client\64\cfg\set\dmctmu.ini
  • C:\temp\dta_client\64\cfg\set\dhtmlwork.ini
  • C:\temp\dta_client\64\cfg\set\cfgdta.ini
  • C:\temp\dta_client\64\workguide.db3
  • C:\temp\dta_client\64\vcredist_x64_2008.exe
  • C:\temp\dta_client\64\vcredist_x64.exe
  • C:\temp\dta_client\64\tskill.exe
  • C:\temp\dta_client\64\stringtable.ini
  • C:\temp\dta_client\64\sqlite64.dll
  • C:\temp\dta_client\64\setup.s3db
  • C:\temp\dta_client\64\serverinfo.ini
  • C:\temp\dta_client\64\cfg\set\dmbc.ini
  • C:\temp\dta_client\cfg\set\dmctmu.ini
  • C:\temp\dta_client\cfg\set\dmea.ini
  • C:\temp\dta_client\cfg\set\dmexternal.ini
  • C:\temp\dta_client\stringtable_eng.ini
  • C:\temp\dta_client\stringtable_kor.ini
  • C:\temp\dta_client\64\stringtable_kor.ini
  • C:\temp\dta_client\64\stringtable_eng.ini
  • C:\temp\dta_client\64\stringtable_jpn.ini
  • C:\temp\dta_client\64\stringtable_chn.ini
  • C:\temp\dta_client\stringtable_jpn.ini
  • C:\temp\dta_client\stringtable_chn.ini
  • C:\temp\dta_client\64\cfg\set\extact_str_jpn.ini
  • C:\temp\dta_client\64\cfg\set\extact_str_chn.ini
  • C:\temp\dta_client\cfg\set\extact_str_jpn.ini
  • C:\temp\dta_client\cfg\set\extact_str_chn.ini
  • C:\temp\dta_client\64\viewdoc64.exe
  • C:\temp\dta_client\64\cfg\set\extact_str_eng.ini
  • C:\temp\dta_client\cfg\set\extact_str_eng.ini
  • C:\temp\dta_client\rcloudotp.dll
  • C:\temp\dta_client\update\versioninfo.csv
  • C:\temp\dta_client\cfg\set\version.ini
  • C:\temp\dta_client\cfg\set\lsp4dta.ini
  • C:\temp\dta_client\cfg\set\extapp_cfg.ini
  • C:\temp\dta_client\cfg\set\extact_str_kor.ini
  • C:\temp\dta_client\cfg\set\extact_cfg.ini
  • C:\temp\dta_client\cfg\set\dmwk.ini
  • C:\dta_client\dms_at\64\dmsp64.dll
  • %TEMP%\dd_vcredistmsi39f4.txt
Deletes the following files
  • %TEMP%\_ir_sf_temp_0\irsetup.dat
  • C:\temp\dta_client\restartexplorer.exe
  • C:\temp\dta_client\rfsdetour.dll
  • C:\temp\dta_client\rfsdetour64.dll
  • C:\temp\dta_client\rfsdetourex.dll
  • C:\temp\dta_client\rfsdetourex64.dll
  • C:\temp\dta_client\rfsfiltermanager.dll
  • C:\temp\dta_client\rfsfiltermanager64.dll
  • C:\temp\dta_client\rfstring.dll
  • C:\temp\dta_client\searchroot.lnk
  • C:\temp\dta_client\serverinfo.ini
  • C:\temp\dta_client\verifyfiletype.dll
  • C:\temp\dta_client\setup.s3db
  • C:\temp\dta_client\startdms.exe
  • C:\temp\dta_client\stringtable.ini
  • C:\temp\dta_client\stringtable_chn.ini
  • C:\temp\dta_client\stringtable_eng.ini
  • C:\temp\dta_client\stringtable_jpn.ini
  • C:\temp\dta_client\stringtable_kor.ini
  • C:\temp\dta_client\tskill.exe
  • C:\temp\dta_client\vcredist_x86.exe
  • C:\temp\dta_client\vcredist_x86_2008.exe
  • C:\temp\dta_client\vdiskalarm.exe
  • C:\temp\dta_client\registerstartdms.exe
  • C:\temp\dta_client\removedta.exe
  • C:\temp\dta_client\sqlite3.dll
  • C:\temp\dta_client\verifyfile4dta.dll
  • C:\temp\dta_client\rc4regprotect64.sys
  • C:\temp\dta_client\hooking_l_on.ico
  • C:\temp\dta_client\inidms.exe
  • C:\temp\dta_client\inject4dta.dll
  • C:\temp\dta_client\installstartdms.exe
  • C:\temp\dta_client\libcurl64.dll
  • C:\temp\dta_client\lotte_recycle_bin.exe
  • C:\temp\dta_client\lotte_recycle_bin_64.exe
  • C:\temp\dta_client\lsp4dta.exe
  • C:\temp\dta_client\lsp4shell.dll
  • C:\temp\dta_client\lsp4shell64.dll
  • C:\temp\dta_client\lsp4svc.exe
  • C:\temp\dta_client\ncstedm2.ocx
  • C:\temp\dta_client\nstartdmsat.exe
  • C:\temp\dta_client\rayfulcripto.dll
  • C:\temp\dta_client\rc4fileprotect.sys
  • C:\temp\dta_client\rc4fileprotect64.sys
  • C:\temp\dta_client\rc4lsprotect.sys
  • C:\temp\dta_client\rc4lsprotect64.sys
  • C:\temp\dta_client\rc4psprotect.sys
  • C:\temp\dta_client\rc4psprotect64.sys
  • C:\temp\dta_client\rc4regprotect.sys
  • C:\temp\dta_client\rc4vdisk.sys
  • C:\temp\dta_client\getcsidl.exe
  • C:\temp\dta_client\rcloudotp.dll
  • C:\temp\dta_client\cfg\set\dmwk.ini
  • C:\temp\dta_client\viewdoc.exe
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80kor.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789.manifest
  • %WINDIR%\winsxs\installtemp\20230908192104471.0\vcomp.dll
  • %WINDIR%\winsxs\installtemp\20230908192104471.0\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920.cat
  • %WINDIR%\winsxs\installtemp\20230908192104471.0\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920.manifest
  • %WINDIR%\winsxs\installtemp\20230908192104501.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104501.0\8.0.50727.6195.policy
  • %WINDIR%\winsxs\installtemp\20230908192104521.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104521.0\8.0.50727.6195.policy
  • %WINDIR%\winsxs\installtemp\20230908192104541.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104541.0\8.0.50727.6195.policy
  • C:\temp\dta_client\viewdoc.ini
  • %WINDIR%\winsxs\installtemp\20230908192104551.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104571.0\8.0.50727.6195.cat
  • %WINDIR%\winsxs\installtemp\20230908192104571.0\8.0.50727.6195.policy
  • %CommonProgramFiles(x86)%\microsoft shared\vc\msdia80.dll
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_msvcp80.dll.98cb24ad_52fb_db5f_ff1f_c8b3b9a1e18e
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_msvcm80.dll.98cb24ad_52fb_db5f_ff1f_c8b3b9a1e18e
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_msvcr80.dll.98cb24ad_52fb_db5f_ff1f_c8b3b9a1e18e
  • %WINDIR%\installer\$patchcache$\managed\00004109110000000100000000f01fec\14.0.4763\ul_atl80.dll.97f81af1_0e47_dc99_ff1f_c8b3b9a1e18e
  • %TEMP%\ixp001.tmp\vcredist.msi
  • %TEMP%\ixp001.tmp\vcredis1.cab
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80jpn.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80ita.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789.cat
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80fra.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80esp.dll
  • C:\temp\dta_client\workguide.db3
  • C:\temp\system\edmscontrol_install.exe
  • C:\temp\system\edmsinterface.dll
  • C:\temp\system\edmsinterface64.dll
  • C:\temp\system\libcurl.dll
  • %WINDIR%\winsxs\installtemp\20230908192103917.0\atl80.dll
  • %WINDIR%\winsxs\installtemp\20230908192103917.0\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa.cat
  • %WINDIR%\winsxs\installtemp\20230908192103917.0\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa.manifest
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\msvcm80.dll
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\msvcp80.dll
  • C:\temp\dta_client\fsct.dll
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\msvcr80.dll
  • C:\temp\dta_client\hkinfor.db3
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86.manifest
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfc80u.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfcm80.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfcm80u.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b.cat
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b.manifest
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80chs.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80cht.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80deu.dll
  • %WINDIR%\winsxs\installtemp\20230908192104371.0\mfc80enu.dll
  • %WINDIR%\winsxs\installtemp\20230908192103997.0\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86.cat
  • C:\temp\system\dtautil.dll
  • %WINDIR%\winsxs\installtemp\20230908192104167.0\mfc80.dll
  • C:\temp\dta_client\filev012.ocx
  • C:\temp\dta_client\extapp.exe
  • C:\temp\dta_client\extact.dll
  • C:\temp\dta_client\64\dms_at64.exe
  • C:\temp\dta_client\64\dms_sso_check.dll
  • C:\temp\dta_client\64\dms_sso_check.exe
  • C:\temp\dta_client\64\dmwk64.dll
  • C:\temp\dta_client\64\dta4attach64.dll
  • C:\temp\dta_client\64\dta64.dll
  • C:\temp\dta_client\64\dtaweb64.dll
  • C:\temp\dta_client\64\edms64.lnk
  • C:\temp\dta_client\64\extact64.dll
  • C:\temp\dta_client\64\filev012.ocx
  • C:\temp\dta_client\64\fsct64.dll
  • C:\temp\dta_client\64\hkinfor.db3
  • C:\temp\dta_client\64\inidms64.exe
  • C:\dta_client\dms_at\64\removedta64.exe
  • C:\temp\dta_client\64\removedta64.exe
  • C:\temp\dta_client\64\restartexplorer.exe
  • C:\temp\dta_client\64\searchroot.lnk
  • C:\temp\dta_client\64\serverinfo.ini
  • C:\temp\dta_client\64\setup.s3db
  • C:\temp\dta_client\64\sqlite64.dll
  • C:\temp\dta_client\64\stringtable.ini
  • C:\temp\dta_client\64\dmrc_string64.dll
  • C:\temp\dta_client\64\dmea64.dll
  • C:\temp\dta_client\64\dmsp64.dll
  • C:\temp\dta_client\64\dmrc_icon64.dll
  • C:\temp\dta_client\64\dmctmu64.dll
  • C:\temp\dta_client\64\cfg\set\extact_str_eng.ini
  • %TEMP%\_ir_sf_temp_1\irsetup.dat
  • C:\temp\p_workroom\èþáöåë\èþáöåë µµ¿ò¸».txt
  • C:\temp\dta_client\64\cfg\set\cfgdta.ini
  • C:\temp\dta_client\64\cfg\set\dhtmlwork.ini
  • C:\temp\dta_client\64\cfg\set\dmbc.ini
  • C:\temp\dta_client\64\cfg\set\dmctmu.ini
  • C:\temp\dta_client\64\cfg\set\dmea.ini
  • C:\temp\dta_client\64\cfg\set\dmexternal.ini
  • C:\temp\dta_client\64\cfg\set\dmwk.ini
  • C:\temp\dta_client\64\cfg\set\extact_cfg.ini
  • C:\temp\dta_client\64\stringtable_chn.ini
  • %TEMP%\ixp000.tmp\vcredist.msi
  • C:\temp\dta_client\64\cfg\set\extact_str_chn.ini
  • C:\temp\dta_client\64\cfg\set\extact_str_kor.ini
  • C:\temp\dta_client\64\cfg\set\extapp_cfg.ini
  • C:\temp\dta_client\64\cfg\set\lsp4dta.ini
  • C:\temp\dta_client\64\cfg\set\version.ini
  • C:\temp\dta_client\64\res\dta_tray.ico
  • C:\temp\dta_client\64\data.ini
  • C:\temp\dta_client\64\diskutil_64.dll
  • C:\temp\dta_client\64\dmbc64.dll
  • C:\temp\dta_client\64\dmcp64.dll
  • C:\temp\dta_client\64\dmcp_conn64.exe
  • %TEMP%\_ir_sf_temp_0\irsetup.exe
  • C:\temp\dta_client\64\cfg\set\extact_str_jpn.ini
  • %WINDIR%\winsxs\installtemp\20230908192104551.0\8.0.50727.6195.policy
  • C:\temp\dta_client\64\stringtable_eng.ini
  • C:\temp\dta_client\64\tskill.exe
  • C:\temp\dta_client\dmctmu.dll
  • C:\temp\dta_client\dmea.dll
  • C:\temp\dta_client\dmexternalwork.exe
  • C:\temp\dta_client\dmrc_icon.dll
  • C:\temp\dta_client\dmrc_string.dll
  • C:\temp\dta_client\dmsdoc.db3
  • C:\temp\dta_client\dmsp.dll
  • C:\temp\dta_client\dms_at.exe
  • C:\temp\dta_client\dms_sso_check.dll
  • C:\temp\dta_client\64\dmsdoc.db3
  • C:\temp\dta_client\dms_sso_check.exe
  • C:\temp\dta_client\dta.dll
  • C:\temp\dta_client\dta4attach.dll
  • C:\temp\dta_client\dtaclient.ocx
  • C:\temp\dta_client\dtadrvmngr.dll
  • C:\temp\dta_client\dtamaindrv.sys
  • C:\temp\dta_client\dtamt.exe
  • C:\temp\dta_client\dtautil.dll
  • C:\temp\dta_client\dtaweb.dll
  • C:\temp\dta_client\edmres.dll
  • C:\temp\dta_client\edms.lnk
  • C:\temp\dta_client\dmbc.dll
  • C:\temp\dta_client\dmwk.dll
  • C:\temp\dta_client\dmcp_conn.exe
  • C:\temp\dta_client\dmcp.dll
  • C:\temp\dta_client\diskutil_32.dll
  • C:\temp\dta_client\data.ini
  • C:\temp\dta_client\64\vcredist_x64.exe
  • C:\temp\dta_client\64\vcredist_x64_2008.exe
  • C:\temp\dta_client\64\viewdoc64.exe
  • C:\temp\dta_client\64\workguide.db3
  • C:\temp\dta_client\cfg\set\cfgdta.ini
  • C:\temp\dta_client\cfg\set\dhtmlwork.ini
  • C:\temp\dta_client\cfg\set\dmbc.ini
  • C:\temp\dta_client\cfg\set\dmctmu.ini
  • C:\temp\dta_client\cfg\set\dmea.ini
  • C:\temp\dta_client\64\stringtable_jpn.ini
  • C:\temp\dta_client\cfg\set\dmexternal.ini
  • C:\temp\dta_client\64\stringtable_kor.ini
  • C:\temp\dta_client\cfg\set\extact_cfg.ini
  • C:\temp\dta_client\cfg\set\extact_str_eng.ini
  • C:\temp\dta_client\cfg\set\extact_str_jpn.ini
  • C:\temp\dta_client\cfg\set\extact_str_kor.ini
  • C:\temp\dta_client\cfg\set\extapp_cfg.ini
  • C:\temp\dta_client\cfg\set\lsp4dta.ini
  • C:\temp\dta_client\cfg\set\version.ini
  • C:\temp\dta_client\res\dta_tray.ico
  • C:\temp\dta_client\update\versioninfo.csv
  • C:\temp\dta_client\analysis4dta.dll
  • C:\dta_client\dms_at\64\tskill.exe
  • C:\temp\dta_client\configure.ini
  • C:\temp\dta_client\cfg\set\extact_str_chn.ini
  • %TEMP%\ixp000.tmp\vcredis1.cab
Moves the following files
  • from C:\dta_client\dms_at\removedta.exe to C:\dta_client\dms_at\remove2023-09-0845.tmp
Substitutes the following files
  • C:\dta_client\dms_at\64\removedta64.exe
  • C:\dta_client\dms_at\64\tskill.exe
  • C:\dta_client\dms_at\removedta.exe
Miscellaneous
Searches for the following windows
  • ClassName: '' WindowName: ''
Creates and executes the following
  • '%TEMP%\_ir_sf_temp_0\irsetup.exe' __IRAOFF:668610 "__IRAFN:<Full path to file>" "__IRCT:1" "__IRTSS:0" "__IRSID:S-1-5-21-1238866942-1249195528-555854008-1000"
  • 'C:\temp\winformmessagebox.exe' " ECM ÇÁ·Î±×·¥À» ¼³Ä¡ ÁßÀÔ´Ï´Ù. ¼³Ä¡°¡ ÁøÇàµÇ´Â µ¿¾È PCВёВ¦ Á¾·áÇÏÁö ¸¶½Ê½Ã¿ä. PCȯ°æ¿¡ µû¶ó ¼³Ä¡ ½Ã°£ÀÌ 5~...
  • 'C:\temp\pccontrol_setup_silent.exe'
  • '%TEMP%\_ir_sf_temp_1\irsetup.exe' __IRAOFF:668594 "__IRAFN:C:\temp\PCControl_Setup_Silent.exe" "__IRCT:1" "__IRTSS:40130703" "__IRSID:S-1-5-21-1238866942-1249195528-555854008-1000"
  • 'C:\dta_client\dms_at\vcredist_x86.exe' /q:a /c:"VCREDI~1.EXE /q:a /c:""msiexec /i vcredist.msi /qn"" "
  • 'C:\dta_client\dms_at\vcredist_x86_2008.exe' /qb!
  • 'D:\1b4c006c78910cc1e0d39c12\install.exe' /qb!
  • 'C:\temp\pccontrol_setup_silent.exe' ' (with hidden window)
  • '%WINDIR%\syswow64\taskkill.exe' -f -im StartDMS.exe' (with hidden window)
  • 'C:\dta_client\dms_at\vcredist_x86.exe' /q:a /c:"VCREDI~1.EXE /q:a /c:""msiexec /i vcredist.msi /qn"" "' (with hidden window)
  • 'C:\dta_client\dms_at\vcredist_x86_2008.exe' /qb!' (with hidden window)
Executes the following
  • '%WINDIR%\syswow64\msiexec.exe' /i vcredist.msi /qn

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play