Malware

Win32/PSW.OnLineGames.RAD removal tips

Malware Removal

The Win32/PSW.OnLineGames.RAD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/PSW.OnLineGames.RAD virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses suspicious command line tools or Windows utilities

How to determine Win32/PSW.OnLineGames.RAD?



File Info:

name: 302018C2C5C66F2D6F74.mlw
path: /opt/CAPEv2/storage/binaries/53fec3d41abc40068c9ecc4edcac804aff4d49430e09892eb7d211621a7b6341
crc32: D39BC8EA
md5: 302018c2c5c66f2d6f748ad4925cb050
sha1: 163f29a0d6d7a9d48599c03d794763b8e2c95040
sha256: 53fec3d41abc40068c9ecc4edcac804aff4d49430e09892eb7d211621a7b6341
sha512: 24d69c6912c2491c89da728d05e16f0c409c61ff1d113984cb0663f1c2cad94529d5781857a566e697467b9b998c2a9488c547683778e03c107d62ada314f35f
ssdeep: 1536:7yHjmrq8qVwWb52rhmfbpFPmhIRPdROa3Lnr9z1oJmGXr54goYj8KTcBGV:7Qjmr+X6heFkIRlROGOdloKL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T195930242EB3955CAE6230731A4460213FF7ABE689176DE5A4580631E0F366617CF0BB3
sha3_384: c057cc263d4d792b43c1187eab5c96cb96ef8524ef8fd3790d53a5e3fe416268f0c58b81dfbb4a381d15cf425afbc395
ep_bytes: 516a006a006860314000e801feffff6a
timestamp: 2004-01-23 23:39:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Software installation Service
FileVersion: 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)
InternalName: svchost.exe
LegalCopyright: (C) Microsoft Corporation. All rights reserved.
OriginalFilename: svchost.exe
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 5, 1, 2600, 5781
Translation: 0x0804 0x04b0

Win32/PSW.OnLineGames.RAD also known as:

BkavW32.AIDetectNet.01
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Generic.fq0@amZPlkab
ALYacGen:Trojan.Generic.fq0@amZPlkab
CylanceUnsafe
VIPREGen:Trojan.Generic.fq0@amZPlkab
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 003b1b581 )
K7AntiVirusTrojan ( 003b1b581 )
BaiduWin32.Trojan.Yakes.a
CyrenW32/OnlineGames.AS.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/PSW.OnLineGames.RAD
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Trojan.Generic.fq0@amZPlkab
NANO-AntivirusTrojan.Win32.TrjGen.bgalap
AvastWin32:Evo-gen [Trj]
TencentTrojan.TenThief.OnlineGames.llv
Ad-AwareGen:Trojan.Generic.fq0@amZPlkab
EmsisoftGen:Trojan.Generic.fq0@amZPlkab (B)
DrWebTrojan.Siggen4.46999
TrendMicroCryp_Xed-12
McAfee-GW-EditionBehavesLike.Win32.Virut.nc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.302018c2c5c66f2d
SophosMal/Generic-S
IkarusTrojan-GameThief.Win32.OnLineGames
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Generic.E0D7DA
GDataGen:Trojan.Generic.fq0@amZPlkab
GoogleDetected
Acronissuspicious
McAfeePWS-FBPD!302018C2C5C6
MAXmalware (ai score=81)
MalwarebytesMalware.Heuristic.1003
TrendMicro-HouseCallCryp_Xed-12
RisingMalware.Undefined!8.C (TFE:5:6WGAz2BzEMQ)
YandexPacked/Upack
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.W32.Packer.Upack0.3.9
FortinetW32/Onlinegames.QBI!tr
BitDefenderThetaAI:Packer.02DB934C1D
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.2c5c66

How to remove Win32/PSW.OnLineGames.RAD?

Win32/PSW.OnLineGames.RAD removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment