Защити созданное

Другие наши ресурсы

  • free.drweb.uz — бесплатные утилиты, плагины, информеры
  • av-desk.com — интернет-сервис для поставщиков услуг Dr.Web AV-Desk
  • curenet.drweb.uz — сетевая лечащая утилита Dr.Web CureNet!
  • www.drweb.uz/web-iq — ВебIQметр
Закрыть

Библиотека
Моя библиотека

Чтобы добавить ресурс в библиотеку, войдите в аккаунт.

+ Добавить в библиотеку

Ресурсов: -

Последний: -

Моя библиотека

Поиск

Поиск

Поддержка
Круглосуточная поддержка | Правила обращения

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -
Создать новый запрос Частые вопросы

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

UZ

RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.DownLoader33.28172

Добавлен в вирусную базу Dr.Web: 2020-04-07

Описание добавлено:

Technical Information

Modifies file system
Creates the following files
  • %LOCALAPPDATA%\temp.qhp752
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cb1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\bp1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pn1232.d
  • <Current directory>\cache\cookie.txt.jl1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rv1232.d
  • <Current directory>\cache\cookie.txt.iv1232
  • <Current directory>\cache\cookie.txt.yp1232
  • <Current directory>\cache\cookie.txt.ma1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ey1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wh1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nq1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rq1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pq1232.d
  • <Current directory>\cache\cookie.txt.xm1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ju1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\lj1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wo1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ye1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sa1232.d
  • <Current directory>\cache\cookie.txt.op1232
  • <Current directory>\cache\cookie.txt.ob1232
  • <Current directory>\cache\cookie.txt.rs1232
  • <Current directory>\cache\cookie.txt.fx1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ne1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kz1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\tx1232.d
  • <Current directory>\cache\cookie.txt.sl1232
  • <Current directory>\cache\cookie.txt.yg1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sp1232.d
  • <Current directory>\cache\cookie.txt.af1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pd1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\oo1232.d
  • <Current directory>\cache\cookie.txt.fe1232
  • <Current directory>\cache\cookie.txt.zx1232
  • <Current directory>\cache\cookie.txt.eo1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\uj1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pv1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\av1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gy1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wv1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\xu1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sm1232.d
  • <Current directory>\cache\cookie.txt.oq1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ko1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\te1232.d
  • <Current directory>\cache\cookie.txt.nh1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ok1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ua1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\databases.db-journal
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ud2392.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\databases.db
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0\0000000000000001.db
  • <Current directory>\cache\cookie.txt.zg1232
  • <Current directory>\cache\cookie.txt.rq1232
  • <Current directory>\cache\cookie.txt.dc1232
  • <Current directory>\cache\cookie.txt.tu1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\id1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ie1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nm1232.d
  • <Current directory>\cache\cookie.txt.gm1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cn1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\hw1232.d
  • <Current directory>\cache\cookie.txt.xx1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\oc1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sk1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\zf1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\vk1232.d
  • <Current directory>\cache\cookie.txt.ta1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\dx1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nk1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yl1232.d
  • <Current directory>\cache\cookie.txt.yj1232
  • <Current directory>\cache\cookie.txt.fh1232
  • <Current directory>\cache\cookie.txt.xi1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sj1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nw1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\fu1232.d
  • <Current directory>\cache\cookie.txt.un1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rz1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\xb1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\bz1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kk1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\mi1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nz1232.d
  • <Current directory>\jsver.txt
  • %LOCALAPPDATA%\temp.nly752
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\hp2392.d
  • <Current directory>\cache\cookie.txt.lock
  • <Current directory>\cache\cookie.txt.uh2392
  • %LOCALAPPDATA%\ofi labs\phantomjs\logs\2020-04-07.txt
  • %LOCALAPPDATA%\ofi labs\phantomjs\domino.txt
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cs2392.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gx2392.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\plugin\unzip.exe
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\bg2392.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\qn2392.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\plugin\nssm.exe
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\hp1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ya1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nl1232.d
  • <Current directory>\dist\libs\driverjs\package.json
  • <Current directory>\cache\cookie.txt.fl1232
  • <Current directory>\dist\libs\driverjs\modules\xunit.js
  • <Current directory>\dist\libs\driverjs\modules\tester.js
  • %TEMP%\jsver.txt
  • %LOCALAPPDATA%\temp.uhg752
  • <Current directory>\nas.exe
  • %LOCALAPPDATA%\temp.aem752
  • %TEMP%\domino.zip
  • <Current directory>\setting.json
  • <Current directory>\dist\domino.js
  • <Current directory>\dist\libs\driverjs\bin\bootstrap.js
  • <Current directory>\dist\libs\driverjs\modules\casper.js
  • <Current directory>\dist\libs\driverjs\modules\cli.js
  • <Current directory>\dist\libs\driverjs\modules\clientutils.js
  • <Current directory>\dist\libs\driverjs\modules\colorizer.js
  • <Current directory>\dist\libs\driverjs\modules\events.js
  • <Current directory>\dist\libs\driverjs\modules\http.js
  • <Current directory>\dist\libs\driverjs\modules\mouse.js
  • <Current directory>\dist\libs\driverjs\modules\pagestack.js
  • <Current directory>\dist\libs\driverjs\modules\querystring.js
  • <Current directory>\dist\libs\driverjs\modules\utils.js
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\xd1232.d
  • <Current directory>\dist\libs\lib.js
  • <Current directory>\cache\cookie.txt.if1232
  • <Current directory>\cache\cookie.txt.wx2392
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yv1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pr1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rn1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ts1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wm1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yc1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ys1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cy1232.d
  • <Current directory>\cache\cookie.txt.pq1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\https_m.sm.cn_0.localstorage
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ve1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ki1232.d
  • %LOCALAPPDATA%\temp.ifx752
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\fe1232.d
  • <Current directory>\cache\cookie.txt.mf1232
  • <Current directory>\cache\cookie.txt.lock.rmlock
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\er1232.d
  • <Current directory>\cache\cookie.txt.xg1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gp1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pj1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cr1232.d
  • <Current directory>\cache\cookie.txt.xc1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gg1232.d
  • <Current directory>\cache\cookie.txt.wb1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0.localstorage-journal
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0.localstorage
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\fk1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\qn1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\jo1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0\0000000000000001.db-journal
  • <Current directory>\cache\cookie.txt.ud1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wx1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\of1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nf1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\https_m.sm.cn_0.localstorage-journal
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\vz1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rs1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kt1232.d
  • <Current directory>\cache\cookie.txt.sv1232
  • %LOCALAPPDATA%\ofi labs\phantomjs\ocr\ocr.zip
  • <Current directory>\cache\cookie.txt.aw1232
Deletes the following files
  • %LOCALAPPDATA%\temp.qhp752
  • %LOCALAPPDATA%\temp.uhg752
  • %LOCALAPPDATA%\temp.aem752
  • <Current directory>\jsver.txt
  • %LOCALAPPDATA%\temp.nly752
  • <Current directory>\cache\cookie.txt.lock
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cs2392.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\2vg5yix4.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0.localstorage-journal
  • <Current directory>\cache\cookie.txt.lock.rmlock
  • %LOCALAPPDATA%\ofi labs\phantomjs\https_m.sm.cn_0.localstorage-journal
  • %TEMP%\jsver.txt
  • %LOCALAPPDATA%\temp.ifx752
  • %LOCALAPPDATA%\ofi labs\phantomjs\databases.db-journal
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0\0000000000000001.db-journal
Moves the following files
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\hp2392.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\2vg5yix4.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\xb1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\a\1q7uigxj.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cn1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\c\3tft5cel.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sm1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\a\1oz5velj.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\hw1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\3\1qgxdbis.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\xu1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\6\2ja2o3a6.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wo1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\d\hu7u3txm.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\lj1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\5\23jqjfyu.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ju1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\5\k4wx4pn5.d
  • from <Current directory>\cache\cookie.txt.xm1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pq1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\2xzaf24g.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rq1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\1geip2dy.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nq1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\f\w4a510xo.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wh1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\12xoqr5w.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ey1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\c\2ec9nbkl.d
  • from <Current directory>\cache\cookie.txt.ma1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rv1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\6\30eafiy6.d
  • from <Current directory>\cache\cookie.txt.yp1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cb1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\2jb8xm8g.d
  • from <Current directory>\cache\cookie.txt.iv1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pn1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\6\14wtwsh6.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\bp1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\5\17cvgbee.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ye1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\1\2upd716a.d
  • from <Current directory>\cache\cookie.txt.op1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gy1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\e\3iwph1yn.d
  • from <Current directory>\cache\cookie.txt.ob1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\av1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\2vbeb807.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pv1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\3gcqtjix.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\oc1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\0\2tbnrqrp.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\zf1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\3n7qewqy.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\jo1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\6\33e7qc4f.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\vk1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\257jjkf9.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ie1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\0\32qecup0.d
  • from <Current directory>\cache\cookie.txt.tu1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.dc1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.rq1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.zg1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ua1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\b9m7ifhh.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ok1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\2\2qkme1ar.d
  • from <Current directory>\cache\cookie.txt.nh1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\te1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\20a66a2w.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ko1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\8cs1ea87.d
  • from <Current directory>\cache\cookie.txt.oq1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.gm1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nm1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\qonnc7xx.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\bz1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\fv2jql7x.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rz1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\b\19blky4k.d
  • from <Current directory>\cache\cookie.txt.xx1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.un1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\fu1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\1\2utdnu51.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nw1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\1\1quq8fh1.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sj1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\2\1pkhipxr.d
  • from <Current directory>\cache\cookie.txt.xi1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.fh1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.yj1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yl1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\6\gy4ebby6.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nk1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\249n0ted.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\dx1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\1hl9a9p9.d
  • from <Current directory>\cache\cookie.txt.ta1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\uj1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\1\fvmoauaa.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sk1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\f\plec82lo.d
  • from <Current directory>\cache\cookie.txt.eo1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.xg1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gp1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\7gulyiui.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\er1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\3g4rv1rg.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pj1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\a\360oeqpz.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kt1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\0\3hnldqq0.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rs1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\2777tbld.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\vz1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\5\3puremx5.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\of1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\3\3ngjrqlc.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nf1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\1\1k2y56sa.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wx1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\19q7pgod.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ud2392.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\1vh1n4my.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cr1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\3\15c6q6hc.d
  • from <Current directory>\cache\cookie.txt.ud1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\qn1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\0\uqdkkgop.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\fk1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\yb4pjc8y.d
  • from <Current directory>\cache\cookie.txt.wb1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gg1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\a\1lq7l4oj.d
  • from <Current directory>\cache\cookie.txt.xc1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.sv1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.if1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\xd1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\zarqfopt.d
  • from <Current directory>\cache\cookie.txt.fl1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nl1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\0\2n78yyep.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ya1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\3hbffl7h.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\qn2392.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\2jj3hoa7.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\bg2392.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\0\niyoicup.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\gx2392.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\17wy95sg.d
  • from <Current directory>\cache\cookie.txt.uh2392 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.wx2392 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pr1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\2\ew86g1ab.d
  • from <Current directory>\cache\cookie.txt.fe1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\rn1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\5\1v3ghc6e.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\oo1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\d\18d8l86m.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\pd1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\e\uavyxnpn.d
  • from <Current directory>\cache\cookie.txt.af1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sp1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\d\306z94cm.d
  • from <Current directory>\cache\cookie.txt.yg1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.sl1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\tx1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\2\125q53vr.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kz1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\b\227yb5gk.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ne1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\whtldtpg.d
  • from <Current directory>\cache\cookie.txt.fx1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wv1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\9\14f50ady.d
  • from <Current directory>\cache\cookie.txt.rs1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\sa1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\1jbv1zq8.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kk1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\1d61hakw.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\mi1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\7\3t2ixyqg.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\nz1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\2\3e488oyr.d
  • from <Current directory>\cache\cookie.txt.mf1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\fe1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\b\191pyyjk.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ki1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\f\34o6euuo.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ve1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\f\2g80ct1o.d
  • from <Current directory>\cache\cookie.txt.pq1232 to <Current directory>\cache\cookie.txt
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cy1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\5\lhghc9te.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ys1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\8\bl5kcbth.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yc1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\1\1d8bos71.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\wm1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\6\3mmjvv06.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\ts1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\f\60at58io.d
  • from %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yv1232.d to %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\2\c3xpuh22.d
  • from <Current directory>\cache\cookie.txt.zx1232 to <Current directory>\cache\cookie.txt
  • from <Current directory>\cache\cookie.txt.aw1232 to <Current directory>\cache\cookie.txt
Substitutes the following files
  • <Current directory>\jsver.txt
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\data8\4\2vg5yix4.d
  • <Current directory>\cache\cookie.txt.lock
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0.localstorage-journal
  • %LOCALAPPDATA%\ofi labs\phantomjs\https_m.sm.cn_0.localstorage-journal
  • %TEMP%\jsver.txt
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\cy1232.d
  • <Current directory>\cache\cookie.txt.fl1232
  • <Current directory>\cache\cookie.txt
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\oo1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\av1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\kk1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\cache\prepared\yl1232.d
  • %LOCALAPPDATA%\ofi labs\phantomjs\databases.db-journal
  • %LOCALAPPDATA%\ofi labs\phantomjs\http_m.baidu.com_0\0000000000000001.db-journal
Network activity
Connects to
  • 'fe##.baidu.com':80
  • 'ms.##img.com':80
TCP
HTTP GET requests
  • http://se####.#uominuo.com:8056/ver.txt?ra################ via se####.duominuo.com
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/hanbaobao_04adf60.png
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/guanzhu_0edf6fe.png
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/shoucang_5ef89d6.png
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/dingdan_6391122.png
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/pifu_eef387c.png
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/fankui_cc44349.png
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/spritelist_71904c7.png
  • http://m.##idu.com/static/index/plus/public/tab_news.png
  • http://11#.#.71.237:8066/ws?to####################################################################################################### via 11#.#.71.237
  • http://do##.#unzhuan.com/Domino/win32/node.exe
  • http://sm.##img.com/static/wiseindex/js/lib/transfer/common/ivkBox_2c53958.js
  • http://m.##idu.com/sugrec?pr#####################################################################################################################################################################...
  • http://sm.##img.com/static/wiseindex/amd_modules/@baidu/invoke-box_3f05010.js
  • http://sm.##img.com/static/wiseindex/amd_modules/@searchfe/user-agent_24ce52d.js
  • http://m.##idu.com/se/static/ala_atom/assets/img/release_1a3a558.png
  • http://sm.##img.com/static/wiseindex/amd_modules/@baidu/get-app-info_2747ad8.js
  • http://sm.##img.com/static/wiseindex/amd_modules/@baidu/jssdk_6c0ef3a.js
  • http://sm.##img.com/static/wiseindex/amd_modules/@searchfe/promise_ac4cb03.js
  • http://sm.##img.com/static/wiseindex/amd_modules/@baidu/Boxjs-search_2ce639b.js
  • http://sm.##img.com/static/wiseindex/amd_modules/@baidu/Boxjs-amd_1cd9b4a.js
  • http://m.##idu.com/tc?tc#########################################################################################################################################################################...
  • http://m.##idu.com/tc?tc################################################################################################################################
  • http://m.##idu.com/s?wo##########################################################################################################################################################################...
  • http://ms##.#dstatic.com/se/static/js/iphone/globalT_f2ec1d7.js
  • http://m.##idu.com/se/static/img/iphone/logo_web.png
  • http://m.##idu.com/se/static/img/iphone/input_bearicon.png
  • http://ms##.#dstatic.com/se/static/js/iphone/frame_44c8ba2.js
  • http://m.##idu.com/se/static/atom/search-ui/Image/asset/default.svg
  • http://m.##idu.com/se/static/wiseatom/personalcenter/assets/img/default_icon_02f13d8.png
  • http://sm.##img.com/static/wiseindex/amd_modules/@baidu/wise-invoke-popup_fa02b72.js
  • http://sm.##img.com/static/wiseindex/js/package/superframe_5b7bdae.js
  • http://m.##idu.com/se/static/img/iphone/logo.png
  • http://do##.#unzhuan.com/nas.exe
  • http://se####.#uominuo.com:8056/domino.zip via se####.duominuo.com
  • http://se####.duominuo.com/server/config
  • http://do##.#unzhuan.com/
  • http://do##.#unzhuan.com/Domino/win32/unzip.exe
  • http://se####.#uominuo.com:8056/queue?op########### via se####.duominuo.com
  • http://do##.#unzhuan.com/Domino/win32/nssm.exe
  • http://st####.duominuo.com/task/xd_search.js?ra################
  • http://m.#m.cn/
  • http://wn#.##ominuo.com/ocr.zip?ra################
  • http://m.##idu.com/
  • http://m.##idu.com/static/index/plus/public/icon_police.png
  • http://m.##idu.com/?ac###########################################################################################################################################################################...
  • http://m.##idu.com/se/static/img/iphone/tab_loading__bg_logo.png
  • http://s.###tatic.com/common/openjs/openBox.js?_v##############
  • http://hp#.#aidu.com/v.gif?ti####################################################################################################################################################################...
  • http://sm.##img.com/static/wiseindex/img/fetch_ing_8_0.png
  • http://sm.##img.com/static/wiseindex/fonts/n-icons_d083fee.ttf
  • http://s2.#imgs.cn/ims?kt########################################################################################################################################################################...
  • http://s2.#imgs.cn/ims?kt#############################################################################################################################################################
  • http://m.##idu.com/static/search/clear.png
  • http://sm.##img.com/static/wiseindex/amd_modules/ralltiir_489d038.js
  • http://m.##idu.com/sugrec?ty#####################################################################################################################################################################...
  • http://sm.##img.com/static/wiseindex/js/package/newsActivity_e19cfdd.js
  • http://m.##idu.com/tc?tc##############################################################################################################################################
  • http://sm.##img.com/static/wiseindex/amd_modules/@searchfe/assert_3ed54c3.js
  • http://sm.##img.com/static/wiseindex/amd_modules/@searchfe/underscore_23fe246.js
  • http://m.##idu.com/se/static/wiseatom/personalcenter/pack_bc18b69.js
  • http://sm.##img.com/static/wiseindex/js/lib/atomWrapper_6fc442d.js
  • http://m.##idu.com/se//static/img/iphone/logo_web.png
  • 'm.#m.cn':443
  • 'm.##idu.com':443
  • 'im###.baidu.com':443
  • 'sm##.alicdn.com':443
  • 'su##.m.sm.cn':443
  • 'hm.##idu.com':443
  • 'lo#.#mstat.com':443
  • 's.###tatic.com':443
  • 'gs##.#dstatic.com':443
  • 'sv.##static.com':443
  • 'mb#.#aidu.com':443
  • 'fo####r.taobao.com':443
  • 'ss#.#aidu.com':443
  • 'b.###tatic.com':443
    • UDP
    • DNS ASK se####.duominuo.com
    • DNS ASK gs##.#dstatic.com
    • DNS ASK hm.##idu.com
    • DNS ASK sv.##static.com
    • DNS ASK mb#.#aidu.com
    • DNS ASK my#####h.pae.baidu.com
    • DNS ASK m.##omi.com
    • DNS ASK ex#.#aidu.com
    • DNS ASK m.##w.cn
    • DNS ASK vd#####r.bdstatic.com
    • DNS ASK ss#.#aidu.com
    • DNS ASK b.###tatic.com
    • DNS ASK ms##.#dstatic.com
    • DNS ASK ms.##img.com
    • DNS ASK t8.##idu.com
    • DNS ASK t7.##idu.com
    • DNS ASK t9.##idu.com
    • DNS ASK lo#.#mstat.com
    • DNS ASK fo####r.taobao.com
    • DNS ASK s.###tatic.com
    • DNS ASK uf####.baidu.com
    • DNS ASK do##.#unzhuan.com
    • DNS ASK st####.duominuo.com
    • DNS ASK wn#.##ominuo.com
    • DNS ASK m.#m.cn
    • DNS ASK m.##idu.com
    • DNS ASK im###.baidu.com
    • DNS ASK sm.##img.com
    • DNS ASK be###.gov.cn
    • DNS ASK wa####s.baidu.com
    • DNS ASK hp#.#aidu.com
    • DNS ASK g.###cdn.com
    • DNS ASK sm##.alicdn.com
    • DNS ASK lo#.m.sm.cn
    • DNS ASK s2.#imgs.cn
    • DNS ASK su##.m.sm.cn
    • DNS ASK ap#.m.sm.cn
    • DNS ASK fe##.baidu.com
    • DNS ASK ca#######images.cdn.bcebos.com
    Miscellaneous
    Creates and executes the following
    • '<Current directory>\nas.exe' --config=setting.json dist/Domino.js bs
    • '<Current directory>\nas.exe' --config=setting.json dist\Domino.js local %7B%22id%22%3A%22xiadian2964760%22%2C%22act%22%3A%22xd_search%22%2C%22action%22%3A%22search%22%2C%22isMobile%22%3A%221%22%2C%22type%22%3A%22%22%2C%22u...
    Executes the following
    • '%WINDIR%\syswow64\getmac.exe'
    • '%WINDIR%\syswow64\tasklist.exe'
    • '%WINDIR%\syswow64\wbem\wmic.exe' process get executablepath,processid

    Рекомендации по лечению

    1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
    2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
    Демо бесплатно

     

    Скачать Dr.Web

    По серийному номеру

    Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

    Демо бесплатно

     

    Скачать Dr.Web

    По серийному номеру

    Скачать Dr.Web с Apple Store

    На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

    Демо бесплатно

     

    Скачать Dr.Web

    По серийному номеру

    1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
    2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
      • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
      • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
      • выключите устройство и включите его в обычном режиме.

    Подробнее о Dr.Web для Android

    Демо бесплатно на 14 дней

    Выдаётся при установке

    Скачать с сайта
    Скачать с Google Play