FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
Support services
Scanners
Dr.Web vxCube
Trial
VCI investigations
Virus library
Knowledge base

Technologies

Terminology

Training and education

Myths

News

Trojan.KillProc2.25003

Added to the Dr.Web virus database: 2025-07-02

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\yzw1afy bq4kno .mpeg.exe
  • %ProgramFiles%\dvd maker\shared\8r3baiec 7nd83wovj [milf] hotel .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\h93bklf nude l9hwcs7vvnphd9 eigt45 .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\viaz50 w6csjja14n1 nom72kl boobs .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\horse [free] lzxyhb7k .avi.exe
  • %ProgramFiles%\microsoft office\templates\cum [free] .mpg.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\s2fkave nude uncut .avi.exe
  • %ProgramFiles%\windows journal\templates\tsomq34 nom72kl vjq39c1gwy js80j73 .rar.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\8r3baiec w6csjja14n1 ddqayq hot (!) 8bgkvshe1 (sandy,jade).avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\viaz50 8ok6yf hot (!) boobs qq6w54yfhtqrbwcslg .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\4h1e2a346 porn horse 7vepaqjm shoes .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\xxx beast ihthd33 titts 50+ .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\ uncut (liz).mpeg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\black mzwpstr8n sperm [free] kfp2yqq latex .mpeg.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\upfgetx gay l9hwcs7vvnphd9 (liz,gina).zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\sperm 7vepaqjm zn3tvn (karin,sandy).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\z9z7rwe mzwpstr8n big .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\4h1e2a346 mnho9y54 nom72kl .zip.exe
  • %ALLUSERSPROFILE%\templates\mnho9y54 lpcu5ai3 [free] glans sm (c4w8hqa,hyo87il).avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\mnho9y54 ddqayq apv53deiq9fw boobs .rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\4h1e2a346 wep6b08 yzw1afy uncut rv0y8n .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\black bd1l5ir ihthd33 girly .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f1i7cm ddqayq 7vepaqjm boobs .zip.exe
  • %ALLUSERSPROFILE%\templates\horse hot (!) jxqgtp ae2sd7u4xh .zip.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\8r3baiec ddqayq bd1l5ir ihthd33 legs hotel .avi.exe
  • C:\users\default\appdata\local\<INETFILES>\horse yzw1afy [milf] .avi.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\beast uncut lady .rar.exe
  • C:\users\default\templates\horse 7vepaqjm ash nmibe2 .mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\horse nom72kl ejn547rbxhd1 .avi.exe
  • %TEMP%\zc8giv9 beast nom72kl 7vepaqjm gsva2xn .rar.exe
  • %LOCALAPPDATA%\<INETFILES>\beast mnho9y54 7vepaqjm .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\7nd83wovj mzwpstr8n ihthd33 .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\gzn4ud7e mnho9y54 7vepaqjm lzxyhb7k (sonja).avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\sperm mnho9y54 sgu4m7oc js80j73 .rar.exe
  • %APPDATA%\microsoft\templates\0287zh gay tsomq34 l9hwcs7vvnphd9 .zip.exe
  • %APPDATA%\microsoft\windows\templates\7b6fhxi xxx mzwpstr8n 7vepaqjm .rar.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\f07qtt beast nom72kl rv0y8n .avi.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\xakmpl ihthd33 titts qx2j1b5 (y8oxsqa).mpeg.exe
  • %HOMEPATH%\templates\z9z7rwe 7nd83wovj nom72kl [free] (haj1oyikd).mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\8r3baiec ddqayq bq4kno .rar.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\tsomq34 l9hwcs7vvnphd9 .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\jxaglwti w6csjja14n1 vjq39c1gwy glans lady .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\s2fkave xakmpl nom72kl glans 8pfmdyy .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\zc8giv9 ddqayq hot (!) js80j73 .zip.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\beast uncut (dxocjwba,sonja).mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\mzwpstr8n yzw1afy [bangbus] boobs 6tl9zg0uqa .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\z1qxwcd gay nom72kl hole .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\beast uncut hole (dehod0).mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\bd1l5ir [milf] .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\s2fkave 8ok6yf w6csjja14n1 apv53deiq9fw feet .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\yzw1afy 7nd83wovj l9hwcs7vvnphd9 balls .zip.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\8ok6yf girls titts ash .avi.exe
  • %WINDIR%\assembly\temp\horse hot (!) .mpeg.exe
  • %WINDIR%\assembly\tmp\black bd1l5ir bq4kno (karin).zip.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\8ok6yf big 779mipj .mpg.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\s2fkave lpcu5ai3 tsomq34 big zmc8ujp (sonja).zip.exe
  • %WINDIR%\pla\templates\wep6b08 nude ihthd33 kfp2yqq eigt45 .avi.exe
  • %WINDIR%\security\templates\mzwpstr8n girls (haj1oyikd,gina).mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\black xxx bq4kno gsva2xn .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\mzwpstr8n tsomq34 7vepaqjm fishy .mpg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\viaz50 mnho9y54 uncut (sonja).rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\gzn4ud7e cum [free] fishy .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\porn h93bklf l9hwcs7vvnphd9 6tl9zg0uqa (rdl1tfkz,sonja).avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\ddqayq horse 7vepaqjm zn3tvn (dehod0).rar.exe
  • %WINDIR%\syswow64\config\systemprofile\zc8giv9 mnho9y54 7nd83wovj [milf] kfp2yqq .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\8r3baiec nude [milf] sweet (36mho73).rar.exe
  • %WINDIR%\syswow64\fxstmp\f07qtt tsomq34 epyxwn ash .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\ikdyfwhy yzw1afy mnho9y54 ihthd33 sweet .rar.exe
  • %WINDIR%\syswow64\config\systemprofile\7b6fhxi mnho9y54 gay l9hwcs7vvnphd9 8pfmdyy .avi.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\8r3baiec mzwpstr8n h93bklf hot (!) js80j73 .avi.exe
  • %WINDIR%\syswow64\fxstmp\black tsomq34 w6csjja14n1 big qx2j1b5 .mpg.exe
  • %WINDIR%\syswow64\ime\shared\viaz50 wep6b08 bq4kno zn3tvn (jenna).avi.exe
  • %WINDIR%\temp\f1i7cm ddqayq mzwpstr8n nom72kl .rar.exe
  • %WINDIR%\winsxs\installtemp\z9z7rwe cum vjq39c1gwy mg9fvb2xk9 (gina).mpg.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\mzwpstr8n ihthd33 (karin).avi.exe
  • %ProgramFiles%\dvd maker\shared\8r3baiec nude sperm girls .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\yzw1afy uncut cock fishy (c4w8hqa).rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\tsomq34 uncut .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\sperm girls .avi.exe
  • %ProgramFiles%\microsoft office\templates\eq7k2xcxt h93bklf lpcu5ai3 apv53deiq9fw hole boots (jade).avi.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\gay sgu4m7oc rv0y8n .mpeg.exe
  • %ProgramFiles%\windows journal\templates\tsomq34 girls glans hairy .mpg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\mzwpstr8n girls feet hotel .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\f1i7cm 7nd83wovj sgu4m7oc gh5b6gd7wrv .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\yzw1afy apv53deiq9fw hole .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\ uncut feet (haj1oyikd,g6u8n4r).mpg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\beast [bangbus] .zip.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\nom72kl sgu4m7oc cock .rar.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\black wep6b08 mnho9y54 uncut feet sm (y8oxsqa).rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\beast girls cock sm (2hbt8wr).avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\yzw1afy girls cock .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z9z7rwe horse xxx uncut titts js80j73 (jade).rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\sperm hot (!) latex .rar.exe
  • %ALLUSERSPROFILE%\templates\z9z7rwe nude horse big (g6u8n4r).avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\gzn4ud7e 8ok6yf yzw1afy sgu4m7oc sm .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black 7nd83wovj nom72kl cock shoes (2hbt8wr).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\beast [free] hotel (sonja,g6u8n4r).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\gzn4ud7e xakmpl yzw1afy ihthd33 titts .zip.exe
  • %ALLUSERSPROFILE%\templates\gzn4ud7e cum sperm uncut .mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f1i7cm ddqayq gay 7vepaqjm glans eigt45 .mpg.exe
  • C:\users\default\appdata\local\temp\8r3baiec porn mzwpstr8n l9hwcs7vvnphd9 hole .zip.exe
  • C:\users\default\appdata\local\<INETFILES>\gzn4ud7e ddqayq [free] 8bgkvshe1 (hyo87il,cy4xpd).mpeg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\horse bq4kno (jade).zip.exe
  • C:\users\default\templates\s2fkave nude horse hot (!) glans .mpeg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\8r3baiec wep6b08 tsomq34 7vepaqjm eigt45 .zip.exe
  • %TEMP%\f07qtt 7nd83wovj mzwpstr8n [milf] lady .mpeg.exe
  • %LOCALAPPDATA%\<INETFILES>\8r3baiec 8ok6yf mnho9y54 vjq39c1gwy (y8oxsqa).zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\gay ihthd33 wifey .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\nom72kl sgu4m7oc (dxocjwba).rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\ sgu4m7oc glans .mpeg.exe
  • %APPDATA%\microsoft\templates\gay [bangbus] qx2j1b5 .rar.exe
  • %APPDATA%\microsoft\windows\templates\s2fkave 8ok6yf mzwpstr8n [free] cock (haj1oyikd,jade).avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\tsomq34 bq4kno (cy4xpd).mpg.exe
  • %HOMEPATH%\templates\xakmpl yzw1afy sgu4m7oc 50+ .mpg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\z9z7rwe h93bklf yzw1afy l9hwcs7vvnphd9 gh5b6gd7wrv .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\z9z7rwe nude xxx sgu4m7oc ash .zip.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\lpcu5ai3 l9hwcs7vvnphd9 hole hotel (2hbt8wr).mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\xxx hot (!) .mpg.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\eq7k2xcxt nude mnho9y54 sgu4m7oc hairy .zip.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\eq7k2xcxt bd1l5ir lpcu5ai3 uncut .rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\f07qtt nude gay hot (!) hole nrb42wq (dxocjwba).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\lpcu5ai3 [bangbus] hole (36mho73,sarah).rar.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\sperm [bangbus] fishy .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\nom72kl hot (!) (dxocjwba).avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\yzw1afy girls 8bgkvshe1 .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\eq7k2xcxt porn lpcu5ai3 7vepaqjm titts 8bgkvshe1 .avi.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\beast bq4kno titts .rar.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\eq7k2xcxt 8ok6yf tsomq34 big .rar.exe
  • %WINDIR%\assembly\temp\sperm 7vepaqjm glans (hyo87il,g6u8n4r).mpeg.exe
  • %WINDIR%\assembly\tmp\upfgetx 8ok6yf horse girls glans ash .avi.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\gay ihthd33 (sarah).avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\f1i7cm horse tsomq34 l9hwcs7vvnphd9 glans qx2j1b5 (cy4xpd).zip.exe
  • %WINDIR%\pla\templates\eq7k2xcxt cum gay 7vepaqjm .zip.exe
  • %WINDIR%\security\templates\fac71w2 bd1l5ir xxx sgu4m7oc hole .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\s2fkave nude gay epyxwn hairy .zip.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\f07qtt wep6b08 nom72kl apv53deiq9fw hairy .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\8r3baiec cum beast epyxwn ash .zip.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt w6csjja14n1 horse epyxwn .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\fac71w2 7nd83wovj beast nom72kl .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\gay vjq39c1gwy (g6u8n4r).zip.exe
  • %WINDIR%\syswow64\config\systemprofile\mnho9y54 l9hwcs7vvnphd9 feet .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\horse l9hwcs7vvnphd9 wifey .mpg.exe
  • %WINDIR%\syswow64\fxstmp\nude mzwpstr8n uncut balls .mpg.exe
  • %WINDIR%\syswow64\ime\shared\gzn4ud7e porn mnho9y54 girls .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\8r3baiec bd1l5ir tsomq34 uncut 6tl9zg0uqa .zip.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\yzw1afy big .avi.exe
  • %WINDIR%\syswow64\fxstmp\s2fkave xakmpl beast [milf] .mpeg.exe
  • %WINDIR%\syswow64\ime\shared\black h93bklf horse sgu4m7oc titts girly .zip.exe
  • %WINDIR%\temp\f07qtt horse sperm ihthd33 .avi.exe
  • %WINDIR%\winsxs\installtemp\h93bklf xxx [bangbus] glans .avi.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play