Trojan OnLineGames – WinSocketA.dll – ab551ebc28e4cbcdcb44b1175e14038b

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan OnLineGames
Also known as: Trojan CI, Backdoor Koutodoor
SHA256: 88efeca9b459be5d771417b2fa81626d19e7de3e47a11e4da58302d6c83dc327
SHA1: 53b1ce48f2b0cf3c7028184676be7b21485bd45a
MD5: ab551ebc28e4cbcdcb44b1175e14038b
File size: 39936 bytes

Created files:

%SysDir%\WinSocketA.dll – Trojan OnLineGames
%WinDir%4WvHNce.sys – Trojan OnLineGames

Trojan OnLineGames created autostart registry keys:

HKLM\System\CurrentControlSet\Services\4WvHNce.sys\Type: 01000000
HKLM\System\CurrentControlSet\Services\4WvHNce.sys\Start: 03000000
HKLM\System\CurrentControlSet\Services\4WvHNce.sys\DisplayName: 4WvHNce.sys
HKLM\System\CurrentControlSet\Services\4WvHNce.sys\ImagePath: %WinDir%4WvHNce.sys
HKLM\System\CurrentControlSet\Services\WS2IFSL\Type: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\Start: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\WS2IFSL\DisplayName: Windows Socket 2.0 Non-IFS Service Provider Support Environment
HKLM\System\CurrentControlSet\Services\WS2IFSL\ImagePath: \SystemRoot\System32\drivers\ws2ifsl.sys

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images