ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話

03-6550-8770

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話

03-6550-8770

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY ID
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.KillProc2.25512

Added to the Dr.Web virus database: 2025-07-10

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\8ok6yf girls (y8oxsqa).mpeg.exe
  • %ProgramFiles%\dvd maker\shared\4h1e2a346 tsomq34 7nd83wovj uncut zn3tvn (g6u8n4r).mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\mnho9y54 [free] .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\w6csjja14n1 cum apv53deiq9fw hotel .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\jxaglwti tsomq34 7vepaqjm .zip.exe
  • %ProgramFiles%\microsoft office\templates\8r3baiec nom72kl lpcu5ai3 uncut boobs .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\wpjwijv yzw1afy nom72kl zn3tvn .avi.exe
  • %ProgramFiles%\windows journal\templates\wep6b08 girls cock sweet .zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\s2fkave mzwpstr8n uncut 8bgkvshe1 .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\0287zh horse nom72kl epyxwn (cy4xpd).rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\8r3baiec lpcu5ai3 uncut .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\8ok6yf l9hwcs7vvnphd9 b37oavmx289 (sonja,sonja).mpg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\wep6b08 [bangbus] (y8oxsqa,cy4xpd).zip.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\f07qtt wep6b08 hot (!) ae2sd7u4xh (g6u8n4r).mpg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\porn bq4kno .avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\fac71w2 xxx nom72kl 6tl9zg0uqa .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\jxaglwti h93bklf uncut .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z1qxwcd nom72kl 7vepaqjm .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\eq7k2xcxt gay 7vepaqjm legs .mpeg.exe
  • %ALLUSERSPROFILE%\templates\8r3baiec nude [free] kfp2yqq .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\wep6b08 nude vjq39c1gwy .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\bd1l5ir xakmpl [free] hole js80j73 .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\lpcu5ai3 gay girls .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\fac71w2 tsomq34 tsomq34 girls .mpeg.exe
  • %ALLUSERSPROFILE%\templates\7b6fhxi mnho9y54 [free] feet mg9fvb2xk9 (sandy).mpg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f1i7cm 7nd83wovj nom72kl qx2j1b5 .avi.exe
  • C:\users\default\appdata\local\temp\z1qxwcd porn cum epyxwn .mpg.exe
  • C:\users\default\appdata\local\<INETFILES>\ikdyfwhy sperm ihthd33 .zip.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\ikdyfwhy ddqayq [free] nmibe2 .zip.exe
  • C:\users\default\templates\8r3baiec mzwpstr8n sperm nom72kl glans 8bgkvshe1 (hyo87il,36mho73).zip.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\fac71w2 w6csjja14n1 [free] boobs .avi.exe
  • %TEMP%\zc8giv9 w6csjja14n1 [milf] titts .zip.exe
  • %LOCALAPPDATA%\<INETFILES>\ 7vepaqjm feet 40+ (dxocjwba,36mho73).mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\beast girls cock (y8oxsqa,liz).mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\gay uncut cock .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\nude [free] .mpg.exe
  • %APPDATA%\microsoft\templates\w6csjja14n1 beast girls ash ejn547rbxhd1 .mpeg.exe
  • %APPDATA%\microsoft\windows\templates\porn apv53deiq9fw .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\black ddqayq beast sgu4m7oc cock nmibe2 .avi.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\f1i7cm xxx nom72kl cock sweet .zip.exe
  • %HOMEPATH%\templates\sperm l9hwcs7vvnphd9 feet mg9fvb2xk9 .zip.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\8ok6yf horse [milf] balls .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\8r3baiec horse [milf] kfp2yqq (haj1oyikd,hyo87il).mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\ikdyfwhy mnho9y54 bq4kno .rar.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\z9z7rwe xakmpl apv53deiq9fw .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\jxaglwti xakmpl xxx hot (!) lzxyhb7k .mpeg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\s2fkave nude uncut 8pfmdyy .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\f1i7cm ddqayq apv53deiq9fw ash balls (sonja).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\xxx beast nom72kl .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\wpjwijv lpcu5ai3 gay hot (!) .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\z9z7rwe cum uncut glans zn3tvn .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\4h1e2a346 7nd83wovj 7vepaqjm ol6p1tua .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\asian horse wep6b08 ihthd33 50+ .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\4h1e2a346 bd1l5ir uncut ejn547rbxhd1 .mpg.exe
  • %WINDIR%\assembly\temp\f1i7cm vjq39c1gwy legs mg9fvb2xk9 .mpeg.exe
  • %WINDIR%\assembly\tmp\f07qtt xakmpl 7vepaqjm fishy .mpeg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\4h1e2a346 bd1l5ir wep6b08 uncut (liz,liz).mpg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\eq7k2xcxt bd1l5ir apv53deiq9fw .avi.exe
  • %WINDIR%\pla\templates\ddqayq 7nd83wovj girls zn3tvn .zip.exe
  • %WINDIR%\security\templates\wpjwijv ddqayq cum vjq39c1gwy (jade,dxocjwba).zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\fac71w2 horse sgu4m7oc fw58kpr41ob1w .mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\cum 7vepaqjm eigt45 (sarah).mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\8r3baiec beast big .mpg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\zc8giv9 lpcu5ai3 [milf] titts shoes (sarah).zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\7b6fhxi wep6b08 gay 7vepaqjm legs ejn547rbxhd1 .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\gay nom72kl ash sweet .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\xakmpl nom72kl .mpg.exe
  • %WINDIR%\syswow64\fxstmp\f07qtt nom72kl 7vepaqjm .zip.exe
  • %WINDIR%\syswow64\ime\shared\jxaglwti nom72kl lpcu5ai3 [bangbus] legs (hyo87il).avi.exe
  • %WINDIR%\syswow64\config\systemprofile\s2fkave 7nd83wovj [free] latex .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\horse xxx epyxwn .zip.exe
  • %WINDIR%\syswow64\fxstmp\lpcu5ai3 yzw1afy bq4kno (gina).mpeg.exe
  • %WINDIR%\syswow64\ime\shared\s2fkave 8ok6yf cum hot (!) zn3tvn .mpg.exe
  • %WINDIR%\temp\mnho9y54 porn l9hwcs7vvnphd9 ash b37oavmx289 .zip.exe
  • %WINDIR%\winsxs\installtemp\beast yzw1afy l9hwcs7vvnphd9 (karin,gina).rar.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\mnho9y54 l9hwcs7vvnphd9 titts (2hbt8wr,dxocjwba).mpeg.exe
  • %ProgramFiles%\dvd maker\shared\f1i7cm porn yzw1afy uncut balls (cy4xpd).mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\8r3baiec nude nom72kl .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\0287zh ddqayq bq4kno legs boots .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\xakmpl nom72kl [free] hairy .mpg.exe
  • %ProgramFiles%\microsoft office\templates\gzn4ud7e 7nd83wovj 7vepaqjm .rar.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\4h1e2a346 lpcu5ai3 apv53deiq9fw feet .zip.exe
  • %ProgramFiles%\windows journal\templates\8ok6yf bd1l5ir l9hwcs7vvnphd9 50+ .zip.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\porn hot (!) balls (rdl1tfkz).zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\wep6b08 horse apv53deiq9fw gsva2xn .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\horse girls (cy4xpd).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\cum [bangbus] .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\s2fkave nom72kl uncut ash ae2sd7u4xh .mpg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\gay big sweet .avi.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\porn lpcu5ai3 [milf] ash b37oavmx289 .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\f07qtt 7nd83wovj 7vepaqjm 40+ (36mho73,dehod0).avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\xakmpl ddqayq sgu4m7oc glans (hyo87il).zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\beast hot (!) (36mho73).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\tsomq34 w6csjja14n1 apv53deiq9fw .zip.exe
  • %ALLUSERSPROFILE%\templates\s2fkave xakmpl l9hwcs7vvnphd9 .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\bd1l5ir ddqayq hot (!) balls .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\7b6fhxi xakmpl uncut zn3tvn (sonja).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\asian mnho9y54 vjq39c1gwy boobs sweet .zip.exe
  • %ALLUSERSPROFILE%\templates\s2fkave mzwpstr8n nom72kl mg9fvb2xk9 (hyo87il).mpg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\nom72kl horse nom72kl .mpg.exe
  • C:\users\default\appdata\local\temp\7b6fhxi sperm [free] qq6w54yfhtqrbwcslg .zip.exe
  • C:\users\default\appdata\local\<INETFILES>\s2fkave beast uncut .zip.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\black ddqayq lpcu5ai3 big cock (jenna,haj1oyikd).mpeg.exe
  • C:\users\default\templates\7b6fhxi mzwpstr8n big kfp2yqq balls .zip.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\s2fkave mzwpstr8n 8ok6yf big (c4w8hqa,dehod0).mpeg.exe
  • %TEMP%\w6csjja14n1 xakmpl [milf] feet ash .mpeg.exe
  • %LOCALAPPDATA%\<INETFILES>\cum [bangbus] hairy (liz).mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\w6csjja14n1 yzw1afy nom72kl .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\z1qxwcd beast l9hwcs7vvnphd9 .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\black yzw1afy w6csjja14n1 ihthd33 40+ .avi.exe
  • %APPDATA%\microsoft\templates\viaz50 tsomq34 sperm bq4kno fw58kpr41ob1w .avi.exe
  • %APPDATA%\microsoft\windows\templates\z9z7rwe lpcu5ai3 girls shoes .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\tsomq34 sgu4m7oc lzxyhb7k .rar.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\gzn4ud7e mzwpstr8n nom72kl latex .mpg.exe
  • %HOMEPATH%\templates\xxx [milf] wifey .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\nom72kl xakmpl hot (!) hole 50+ .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\7b6fhxi ddqayq [free] .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\wpjwijv nude [milf] ash lady .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\wep6b08 big .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\fac71w2 w6csjja14n1 hot (!) legs eigt45 (cy4xpd,c4w8hqa).rar.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\ddqayq apv53deiq9fw (gina,dxocjwba).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\ddqayq vjq39c1gwy wifey .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\jxaglwti horse cum l9hwcs7vvnphd9 ae2sd7u4xh .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\upfgetx mzwpstr8n bq4kno gsva2xn .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\s2fkave lpcu5ai3 lpcu5ai3 7vepaqjm glans ejn547rbxhd1 (cy4xpd).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\horse apv53deiq9fw .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\porn [milf] (g6u8n4r,g6u8n4r).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\h93bklf lpcu5ai3 uncut 6tl9zg0uqa .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\horse xxx uncut legs .mpeg.exe
  • %WINDIR%\assembly\temp\gzn4ud7e porn horse vjq39c1gwy fw58kpr41ob1w .mpeg.exe
  • %WINDIR%\assembly\tmp\z9z7rwe yzw1afy horse [free] 6tl9zg0uqa .rar.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\viaz50 mzwpstr8n l9hwcs7vvnphd9 .avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\asian xxx epyxwn .mpeg.exe
  • %WINDIR%\pla\templates\0287zh yzw1afy nom72kl (sandy,dxocjwba).zip.exe
  • %WINDIR%\security\templates\ikdyfwhy mnho9y54 xakmpl [milf] fw58kpr41ob1w .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\black lpcu5ai3 epyxwn .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\viaz50 sperm [free] legs .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\h93bklf wep6b08 apv53deiq9fw titts (36mho73).mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\mzwpstr8n [milf] hole .rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\upfgetx horse [bangbus] (c4w8hqa,sonja).mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\cum gay uncut kfp2yqq ash .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\horse cum big 40+ .mpeg.exe
  • %WINDIR%\syswow64\fxstmp\f07qtt bd1l5ir nom72kl mg9fvb2xk9 .zip.exe
  • %WINDIR%\syswow64\ime\shared\z1qxwcd nude mnho9y54 sgu4m7oc cock qx2j1b5 (karin,liz).mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\asian mzwpstr8n big glans ae2sd7u4xh .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\z1qxwcd 8ok6yf wep6b08 girls (sonja,sonja).rar.exe
  • %WINDIR%\syswow64\fxstmp\tsomq34 big glans ol6p1tua .zip.exe
  • %WINDIR%\syswow64\ime\shared\upfgetx gay wep6b08 uncut .mpg.exe
  • %WINDIR%\temp\gay [milf] kfp2yqq shoes (hyo87il).zip.exe
  • %WINDIR%\winsxs\installtemp\jxaglwti w6csjja14n1 bq4kno zmc8ujp (liz,dehod0).avi.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play