FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
Support services
Scanners
Dr.Web vxCube
Trial
VCI investigations
Virus library
Knowledge base

Technologies

Terminology

Training and education

Myths

News

Trojan.KillProc2.24982

Added to the Dr.Web virus database: 2025-07-02

Virus description added:

Technical Information

Malicious functions
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\taskhost.exe
  • <SYSTEM32>\dwm.exe
the following user processes:
  • iexplore.exe
  • firefox.exe
Modifies file system
Creates the following files
  • %WINDIR%y1s2fctrp3
  • %CommonProgramFiles%\microsoft shared\0287zh horse [milf] (rdl1tfkz,dehod0).avi.exe
  • %ProgramFiles%\dvd maker\shared\fac71w2 xakmpl [milf] sgoibhh .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\s2fkave nude gay 7vepaqjm .mpeg.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\ikdyfwhy xxx uncut gh5b6gd7wrv .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\jxaglwti cum mnho9y54 l9hwcs7vvnphd9 (jade).mpeg.exe
  • %ProgramFiles%\microsoft office\templates\0287zh gay yzw1afy sgu4m7oc qx2j1b5 .avi.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\viaz50 nom72kl [milf] 8bgkvshe1 .zip.exe
  • %ProgramFiles%\windows journal\templates\f07qtt 8ok6yf ddqayq [bangbus] .mpg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\beast big jxqgtp 8bgkvshe1 .mpg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\zc8giv9 beast tsomq34 uncut ol6p1tua (sonja).mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\nom72kl ddqayq vjq39c1gwy legs .mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\0287zh beast sgu4m7oc young (36mho73).avi.exe
  • %CommonProgramFiles(x86)%\microsoft shared\gay porn girls hotel (gina).mpg.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\8r3baiec tsomq34 epyxwn young .rar.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\s2fkave 8ok6yf l9hwcs7vvnphd9 jxqgtp ae2sd7u4xh .avi.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\8ok6yf sgu4m7oc .zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\zc8giv9 wep6b08 uncut .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\ddqayq epyxwn .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\mnho9y54 7nd83wovj apv53deiq9fw boobs .avi.exe
  • %ALLUSERSPROFILE%\templates\upfgetx xxx girls wifey .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\lpcu5ai3 7nd83wovj epyxwn legs (rdl1tfkz,sonja).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\w6csjja14n1 epyxwn latex .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\f1i7cm ddqayq cum [milf] hole 8pfmdyy .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\ddqayq bd1l5ir l9hwcs7vvnphd9 legs hotel .avi.exe
  • %ALLUSERSPROFILE%\templates\wep6b08 porn 7vepaqjm boobs js80j73 .zip.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\ h93bklf 7vepaqjm .avi.exe
  • C:\users\default\appdata\local\temp\yzw1afy horse nom72kl hotel .mpg.exe
  • C:\users\default\appdata\local\<INETFILES>\s2fkave ddqayq hot (!) boobs .rar.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\black beast [milf] cock latex .mpeg.exe
  • C:\users\default\templates\asian mzwpstr8n nom72kl uncut (y8oxsqa,sonja).mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\ddqayq bq4kno (dehod0).mpeg.exe
  • %TEMP%\nom72kl bq4kno legs latex (sonja,dehod0).mpeg.exe
  • %LOCALAPPDATA%\<INETFILES>\f07qtt horse wep6b08 ihthd33 .avi.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\jxaglwti yzw1afy beast hot (!) 6tl9zg0uqa .zip.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\horse ihthd33 .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\8r3baiec nom72kl nude sgu4m7oc boobs .mpeg.exe
  • %APPDATA%\microsoft\templates\z1qxwcd cum [bangbus] (y8oxsqa,c4w8hqa).rar.exe
  • %APPDATA%\microsoft\windows\templates\tsomq34 7nd83wovj hot (!) gsva2xn .mpg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\lpcu5ai3 ddqayq 7vepaqjm kfp2yqq 779mipj .mpeg.exe
  • %HOMEPATH%\templates\ddqayq big cock .avi.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\horse lpcu5ai3 hot (!) b37oavmx289 .mpeg.exe
  • %WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\f07qtt nom72kl vjq39c1gwy 50+ .mpeg.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\f1i7cm mzwpstr8n girls .avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\tsomq34 lpcu5ai3 l9hwcs7vvnphd9 sgoibhh (y8oxsqa,y8oxsqa).avi.exe
  • %WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\w6csjja14n1 gay [bangbus] .mpg.exe
  • %WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\upfgetx horse 7nd83wovj epyxwn lzxyhb7k .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\nom72kl sgu4m7oc boobs 8bgkvshe1 .zip.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\jxaglwti porn lpcu5ai3 7vepaqjm .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\nude bd1l5ir epyxwn feet .mpg.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\ddqayq apv53deiq9fw .avi.exe
  • %WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\8r3baiec horse [free] balls .mpeg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\f07qtt bq4kno .mpg.exe
  • %WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\8ok6yf l9hwcs7vvnphd9 ash ae2sd7u4xh (rdl1tfkz,y8oxsqa).mpg.exe
  • %WINDIR%\assembly\temp\0287zh tsomq34 ihthd33 .mpeg.exe
  • %WINDIR%\assembly\tmp\s2fkave w6csjja14n1 [bangbus] nrb42wq .mpg.exe
  • %WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\sperm horse 7vepaqjm legs .avi.exe
  • %WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\gay cum apv53deiq9fw ash balls .zip.exe
  • %WINDIR%\pla\templates\viaz50 h93bklf girls (jade).zip.exe
  • %WINDIR%\security\templates\gay nom72kl (jade).mpeg.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\z1qxwcd cum uncut ash 8bgkvshe1 .avi.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\local\temp\7b6fhxi lpcu5ai3 7vepaqjm zmc8ujp .rar.exe
  • %WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\eq7k2xcxt 7nd83wovj gay bq4kno .mpeg.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt nude big .avi.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\local\temp\gzn4ud7e horse uncut .rar.exe
  • %WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\ikdyfwhy 8ok6yf bd1l5ir [bangbus] (hyo87il).avi.exe
  • %WINDIR%\syswow64\config\systemprofile\z9z7rwe xakmpl wep6b08 vjq39c1gwy ash sweet .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\f07qtt gay bd1l5ir apv53deiq9fw zn3tvn (g6u8n4r,hyo87il).rar.exe
  • %WINDIR%\syswow64\fxstmp\f1i7cm xxx 7nd83wovj [free] (sonja).zip.exe
  • %WINDIR%\syswow64\ime\shared\upfgetx 8ok6yf bd1l5ir hot (!) jxqgtp gh5b6gd7wrv .mpg.exe
  • %WINDIR%\syswow64\config\systemprofile\mnho9y54 xxx epyxwn titts ash .mpeg.exe
  • %WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\8ok6yf sperm [free] .avi.exe
  • %WINDIR%\syswow64\fxstmp\fac71w2 horse apv53deiq9fw js80j73 .avi.exe
  • %WINDIR%\syswow64\ime\shared\horse girls qx2j1b5 (2hbt8wr,sandy).avi.exe
  • %WINDIR%\temp\f1i7cm bd1l5ir [milf] (gina).mpeg.exe
  • %WINDIR%\winsxs\installtemp\mzwpstr8n xakmpl nom72kl ejn547rbxhd1 .zip.exe
  • <Current directory>\sqjaed7r1vnw
  • %CommonProgramFiles%\microsoft shared\ikdyfwhy sperm apv53deiq9fw eigt45 .zip.exe
  • %CommonProgramFiles%\microsoft shared\s2fkave horse sperm hot (!) hole .avi.exe
  • %ProgramFiles%\dvd maker\shared\gzn4ud7e h93bklf xxx 7vepaqjm rv0y8n (jenna,jade).mpg.exe
  • %ProgramFiles%\dvd maker\shared\z9z7rwe sgu4m7oc qx2j1b5 .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\upfgetx h93bklf xxx girls titts .rar.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\8r3baiec ddqayq cum bq4kno js80j73 .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\z1qxwcd gay ihthd33 .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\upfgetx 7nd83wovj lpcu5ai3 7vepaqjm hole .zip.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\yzw1afy uncut .mpg.exe
  • %ProgramFiles%\microsoft office\office14\groove\xml files\space templates\f07qtt nude apv53deiq9fw jxqgtp latex .zip.exe
  • %ProgramFiles%\microsoft office\templates\7nd83wovj uncut ash .mpeg.exe
  • %ProgramFiles%\microsoft office\templates\ [free] .zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\gzn4ud7e sperm nude [free] 40+ .zip.exe
  • %ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\8r3baiec wep6b08 tsomq34 bq4kno hole fishy (cy4xpd).rar.exe
  • %ProgramFiles%\windows journal\templates\ddqayq [milf] glans wifey (liz,hyo87il).zip.exe
  • %ProgramFiles%\windows journal\templates\nom72kl [bangbus] glans rv0y8n (liz).mpeg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\f1i7cm cum mnho9y54 [milf] (2hbt8wr).mpg.exe
  • %ProgramFiles%\windows sidebar\shared gadgets\black cum girls nrb42wq .zip.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\gzn4ud7e 7nd83wovj mnho9y54 vjq39c1gwy (jade).rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\8r3baiec horse vjq39c1gwy legs .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\tsomq34 uncut (36mho73,sarah).mpeg.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\f07qtt xxx mzwpstr8n [free] hotel .avi.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\fac71w2 ddqayq yzw1afy [bangbus] cock .rar.exe
  • %ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\beast uncut feet fw58kpr41ob1w (cy4xpd).mpg.exe
  • %CommonProgramFiles(x86)%\microsoft shared\s2fkave wep6b08 beast apv53deiq9fw (y8oxsqa).avi.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\z9z7rwe nude lpcu5ai3 hot (!) hole mg9fvb2xk9 (karin).zip.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\mnho9y54 sgu4m7oc zn3tvn .rar.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\tsomq34 ihthd33 .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\black cum mnho9y54 epyxwn 8pfmdyy .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\z9z7rwe wep6b08 yzw1afy big ejn547rbxhd1 .rar.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\f07qtt nude yzw1afy [milf] 50+ .zip.exe
  • %CommonProgramFiles(x86)%\microsoft shared\z9z7rwe beast horse 7vepaqjm ae2sd7u4xh (gina).rar.exe
  • %ALLUSERSPROFILE%\templates\z9z7rwe cum apv53deiq9fw fishy .avi.exe
  • %ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\horse 7vepaqjm ash .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\upfgetx cum nom72kl nom72kl titts .avi.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\yzw1afy 7vepaqjm cock .zip.exe
  • %ProgramFiles(x86)%\windows sidebar\shared gadgets\asian bd1l5ir [milf] .zip.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\upfgetx ddqayq nom72kl uncut .mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\s2fkave horse xxx l9hwcs7vvnphd9 8bgkvshe1 (sandy,2hbt8wr).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\ikdyfwhy cum 7vepaqjm zmc8ujp .rar.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\ porn big (gina).mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\wpjwijv girls feet (dxocjwba,sonja).mpg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\wpjwijv nom72kl cum uncut lady .mpeg.exe
  • %ALLUSERSPROFILE%\templates\tsomq34 7vepaqjm (sarah).mpeg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\sperm [free] titts sgoibhh .rar.exe
  • C:\users\default\appdata\local\temp\lpcu5ai3 hot (!) sgoibhh (gina,liz).avi.exe
  • C:\users\default\appdata\local\<INETFILES>\sperm apv53deiq9fw .zip.exe
  • %ALLUSERSPROFILE%\templates\xakmpl apv53deiq9fw hole .rar.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\gzn4ud7e xakmpl tsomq34 [free] .avi.exe
  • C:\users\default\templates\nom72kl bq4kno hole .mpg.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\xxx [free] nrb42wq .mpg.exe
  • %TEMP%\sperm nom72kl .avi.exe
  • %LOCALAPPDATA%\<INETFILES>\yzw1afy vjq39c1gwy hole .zip.exe
  • %ALLUSERSPROFILE%\microsoft\rac\temp\porn tsomq34 apv53deiq9fw glans (c4w8hqa,y8oxsqa).zip.exe
  • %ALLUSERSPROFILE%\microsoft\search\data\temp\asian w6csjja14n1 [free] jxqgtp ash .rar.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\xxx 7vepaqjm ol6p1tua .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\fac71w2 porn lpcu5ai3 7vepaqjm sweet .avi.exe
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\8r3baiec 7nd83wovj big .mpeg.exe
  • %ALLUSERSPROFILE%\microsoft\windows\templates\z9z7rwe gay bd1l5ir sgu4m7oc ol6p1tua (36mho73).mpeg.exe
  • %APPDATA%\microsoft\windows\templates\8ok6yf gay ihthd33 glans fishy .avi.exe
  • %APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\8r3baiec porn yzw1afy [milf] hole boots .mpg.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\fac71w2 w6csjja14n1 beast [free] hole .zip.exe
  • %ALLUSERSPROFILE%\templates\horse ihthd33 .mpg.exe
  • C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f07qtt ddqayq cum epyxwn gsva2xn .mpg.exe
  • C:\users\default\appdata\local\temp\lpcu5ai3 beast uncut (y8oxsqa,sonja).mpeg.exe
  • C:\users\default\appdata\local\<INETFILES>\8ok6yf 7vepaqjm gsva2xn (dehod0).mpeg.exe
  • C:\users\default\appdata\roaming\microsoft\windows\templates\7b6fhxi horse bq4kno .mpg.exe
  • C:\users\default\templates\f1i7cm horse big nrb42wq (y8oxsqa).rar.exe
  • %LOCALAPPDATA%\microsoft\windows\<INETFILES>\ikdyfwhy w6csjja14n1 uncut .rar.exe
  • %TEMP%\7b6fhxi h93bklf nom72kl ihthd33 fishy .rar.exe
  • %LOCALAPPDATA%\<INETFILES>\8r3baiec wep6b08 nom72kl jxqgtp b37oavmx289 .mpg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\viaz50 tsomq34 epyxwn .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\lpcu5ai3 sgu4m7oc .mpeg.exe
  • %LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\wep6b08 bq4kno shoes .zip.exe
  • %APPDATA%\microsoft\templates\gay w6csjja14n1 nom72kl (liz).avi.exe
  • %APPDATA%\microsoft\windows\templates\8r3baiec nude girls (gina).avi.exe
  • %APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\z9z7rwe wep6b08 beast vjq39c1gwy legs 6tl9zg0uqa .rar.exe
  • %HOMEPATH%\templates\ikdyfwhy sgu4m7oc feet .zip.exe
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'Proxy Desktop' WindowName: ''
Restarts the analyzed sample
Executes the following
  • '%WINDIR%\explorer.exe'

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play