PWS:Win32/OnLineGames.IV information

The PWS:Win32/OnLineGames.IV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What PWS:Win32/OnLineGames.IV virus can do?

Unconventionial language used in binary resources: Chinese (Simplified)
Uses Windows utilities for basic functionality
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine PWS:Win32/OnLineGames.IV?


File Info:
crc32: 22AF833E
md5: a0bc28e8f0b38bdb1ca235a8e88116b2
name: A0BC28E8F0B38BDB1CA235A8E88116B2.mlw
sha1: f2984acf6799f374e3dbc519cb15379d9cc0cecc
sha256: 26df17a5650af86da2685ed6c10592fcb200ccb6974f27320ac1a9b407411549
sha512: 4090fcd1e3a3db445c8b4d031b2b4380a0119abcf0c11f7fe0a6f224d555650b24ab36f6ae7df7abac59ef7e735224e24e4b1fb2a3791c46f4489c64d850758a
ssdeep: 6144:CxWiTMT5BI1a69t4wzu4OvEJXI40ec8treBZExW+UXa7STTZX8:uWicBNMt4wz31SkKBZtXQ8X8
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

PWS:Win32/OnLineGames.IV also known as:

Bkav	W32.AIDetectVM.malware
Lionic	Trojan.Win32.Agent.4!c
DrWeb	Trojan.KillProc.2113
MicroWorld-eScan	Trojan.GenericKD.3116668
CMC	Trojan.Win32.Agent!O
ALYac	Trojan.GenericKD.3116668
Cylance	Unsafe
Zillya	Trojan.Agent.Win32.1289486
Sangfor	Malware
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	TrojanPSW:Win32/OnLineGames.1257b9ba
K7GW	Trojan ( 005246d51 )
K7AntiVirus	Trojan ( 005246d51 )
TrendMicro	TROJ_ONLINEG.KYH
Cyren	W32/OnlineGames.HG.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Agent.RRC
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Malware.Zusy-6840460-0
GData	Trojan.GenericKD.3116668
Kaspersky	Trojan.Win32.Agent.fntv
BitDefender	Trojan.GenericKD.3116668
NANO-Antivirus	Trojan.Win32.Agent.ddfvqg
ViRobot	Trojan.Win32.Agent.606208.G
Tencent	Win32.Trojan.Agent.Llqy
Ad-Aware	Trojan.GenericKD.3116668
Sophos	Mal/Generic-S
Comodo	Worm.Win32.Dropper.RA@1qraug
F-Secure	Trojan:W32/DelfInject.R
BitDefenderTheta	Gen:NN.ZexaF.34090.LqW@aCDRPHbb
VIPRE	Trojan.Win32.Generic!BT
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.hh
FireEye	Generic.mg.a0bc28e8f0b38bdb
Emsisoft	Trojan.GenericKD.3116668 (B)
SentinelOne	DFI – Malicious PE
F-Prot	W32/OnlineGames.HG.gen!Eldorado
Endgame	malicious (high confidence)
Webroot	W32.InfoStealer.OnlineGames.Gen
Avira	TR/Agent.AQSE
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Win32.Agent
Microsoft	PWS:Win32/OnLineGames.IV
Jiangmin	Trojan/Agent.fvpw
Arcabit	Trojan.Generic.D2F8E7C
ZoneAlarm	Trojan.Win32.Agent.fntv
TACHYON	Trojan/W32.Agent.606208.EK
AhnLab-V3	Trojan/Win32.Agent.C130310
Acronis	suspicious
McAfee	GenericRXBA-LF!A0BC28E8F0B3
MAX	malware (ai score=100)
Panda	Generic Malware
TrendMicro-HouseCall	TROJ_ONLINEG.KYH
Rising	Trojan.PSW.Win32.Ecode.p (CLOUD)
Yandex	Trojan.Agent2!mDcPdEJlIYo
Ikarus	Trojan.Win32.Agent
Fortinet	W32/Agent.FNTV!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.2ff

How to remove PWS:Win32/OnLineGames.IV?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

PWS:Win32/OnLineGames.IV information