Malware

PWS:Win32/OnLineGames.HI removal tips

Malware Removal

The PWS:Win32/OnLineGames.HI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PWS:Win32/OnLineGames.HI virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to disable Windows File Protection aka System File Checker.
  • Yara detections observed in process dumps, payloads or dropped files

How to determine PWS:Win32/OnLineGames.HI?



File Info:

name: 9C8DA642868F62AE8023.mlw
path: /opt/CAPEv2/storage/binaries/1e7e03f562b0e7c4c54d632ef0ef9f6743526a2706d83f3f65bfb08a96481016
crc32: EDE877A6
md5: 9c8da642868f62ae80236f57a7b30cfb
sha1: e4db13d75e89426afa9fbf448d15df29541b6be0
sha256: 1e7e03f562b0e7c4c54d632ef0ef9f6743526a2706d83f3f65bfb08a96481016
sha512: dfeb5bd7992bc476004512e033771e1a49c823503f98da8b5ceb9940bc649c8568ee47600229923378dc1e7c80f7f664aa9665bc7d6fa2548e1c9e076900dca3
ssdeep: 768:6ohWSmYy1S5B4LWi6pf3+NLIlkHC0659gMs2mdquF5pg:6IUYWqBN/4LxHC06PgMhmdrF
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T103E2D18FE00F311DC18AA8361EB106597924F1A0E6F413B58ED9F9E31C57864E96FE22
sha3_384: 5fa3be6a0917517d3f64ba3fe4d51733ccfa77bb2ec145c5baf5fabfbcbc8c05863ea7b4940df53e13b40510354c0b2f
ep_bytes: 807c2408010f85c201000060be00d000
timestamp: 2010-04-16 09:41:22


Version Info:

0: [No Data]

PWS:Win32/OnLineGames.HI also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.OnLineGames.4!c
MicroWorld-eScanGeneric.Onlinegames.15.650708AF
FireEyeGeneric.mg.9c8da642868f62ae
SkyhighBehavesLike.Win32.Dropper.nc
McAfeeArtemis!9C8DA642868F
MalwarebytesMalware.AI.2590014019
ZillyaTrojan.OnLineGames.Win32.78948
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojanPSW:Win32/OnLineGames.60fb66cc
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZedlaF.36802.bmPfauVsx@
VirITTrojan.Win32.OLG.AINQ
SymantecInfostealer.Gampass
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/PSW.OnLineGames.OUX
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-GameThief.Win32.OnLineGames.ajvcs
BitDefenderGeneric.Onlinegames.15.650708AF
NANO-AntivirusTrojan.Win32.OnLineGames.bssvx
AvastWin32:Trojan-gen
RisingStealer.OnLineGames!8.131 (TFE:5:79A7UYuXbAB)
EmsisoftGeneric.Onlinegames.15.650708AF (B)
BaiduWin32.Trojan-PSW.OLGames.ah
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.PWS.Wsgame.25032
VIPREGeneric.Onlinegames.15.650708AF
TrendMicroTSPY_ONLINEG.SMM
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Generic.ny
VaristW32/OnlineGames.DT.gen!Eldorado
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[GameThief]/Win32.OnLineGames
Kingsoftmalware.kb.b.910
MicrosoftPWS:Win32/OnLineGames.HI
XcitiumTrojWare.Win32.PSW.OnLineGames.WJQL@1qia4d
ArcabitGeneric.Onlinegames.15.650708AF
ZoneAlarmTrojan-GameThief.Win32.OnLineGames.ajvcs
GDataGeneric.Onlinegames.15.650708AF
GoogleDetected
AhnLab-V3Win-Trojan/Onlinegamehack29.Gen
VBA32TrojanPSW.OnLineGames.wl
ALYacGeneric.Onlinegames.15.650708AF
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTSPY_ONLINEG.SMM
TencentTrojan.TenThief.DNFTrojan.ix
YandexTrojan.GenAsa!7+XwQYrZi+A
IkarusNet-Worm.Win32.Kido
MaxSecureTrojan.Malware.1698235.susgen
FortinetW32/OnLineGames.IH!tr.pws
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
alibabacloudRiskWare:Win/OnLineGames.OUX

How to remove PWS:Win32/OnLineGames.HI?

PWS:Win32/OnLineGames.HI removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment