I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
RRSLOL.EXE – Trojan OnLineGames removal
File | MD5 | Virus Alias |
---|---|---|
RRSLOL.EXE | 765afd8b1c51871dc60091e177c0cd8a | Trojan OnLineGames |
RRSLOL.EXE | 765afd8b1c51871dc60091e177c0cd8a | Trojan Artemis |
RRSLOL.EXE | 765afd8b1c51871dc60091e177c0cd8a | Trojan XPACK |
RRSLOL.EXE | 765afd8b1c51871dc60091e177c0cd8a | Trojan Generic |
RRSLOL.EXE | 765afd8b1c51871dc60091e177c0cd8a | Trojan Graftor |
RRSLOL.EXE | 765afd8b1c51871dc60091e177c0cd8a | Trojan Agent |
RRSLOL.EXE size: 90624 bytes
RRSLOL.EXE hash: 765AFD8B1C51871DC60091E177C0CD8A
Created files:
%SysDir%\drivers\PCIDump.sys
%SysDir%\gyblack.lst
%SysDir%\lolcc.ss
%SysDir%\lolss.exe
%SysDir%\lolxcs.dll
%SysDir%\NetHelp32.exe
%SysDir%\RRsLol.exe
%SysDir%\WinHelp32.exe
%Temp%\bd.exe
%Temp%\L0L_Login.exe
%Temp%\LOLds.exe
%Temp%\LOL_Update.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\WS2IFSL\Type: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\Start: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\DisplayName: Windows Socket 2.0 Non-IFS Service Provider Support Environment
HKLM\System\CurrentControlSet\Services\WS2IFSL\ImagePath: \SystemRoot\System32\drivers\ws2ifsl.sys
Detected by UnHackMe:
RRSLOL.EXE
Default location: %SYSDIR%\RRSLOL.EXE
Dropper information:
MD5: d397c60c346a1aaf0814431df307f41a
File size: 1263616 bytes