Solved! Use 002BADC8.EXE (Trojan OnLineGames) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

002BADC8.EXE – Trojan OnLineGames removal

FileMD5Virus Alias
002BADC8.EXE 0e084687318c4483de03bbfbccb9d780 Trojan OnLineGames
002BADC8.EXE 0e084687318c4483de03bbfbccb9d780 Trojan SuspiciousFile
002BADC8.EXE 0e084687318c4483de03bbfbccb9d780 Trojan Generic
002BADC8.EXE 0e084687318c4483de03bbfbccb9d780 Backdoor Koutodoor
002BADC8.EXE 0e084687318c4483de03bbfbccb9d780 Worm Autorun
002BADC8.EXE 0e084687318c4483de03bbfbccb9d780 Trojan Siggen

002BADC8.EXE size: 76471 bytes
002BADC8.EXE hash: 0E084687318C4483DE03BBFBCCB9D780

Created files:

%SysDir%\002BADC8.exe
%SysDir%\zzxxcck.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\WS2IFSL\Type: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\Start: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\DisplayName: Windows Socket 2.0 Non-IFS Service Provider Support Environment
HKLM\System\CurrentControlSet\Services\WS2IFSL\ImagePath: \SystemRoot\System32\drivers\ws2ifsl.sys

Detected by UnHackMe:

002BADC8.EXE
Default location: %SYSDIR%\002BADC8.EXE

Dropper information:
MD5: 0e084687318c4483de03bbfbccb9d780
File size: 76471 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images