The file ADONCE.EXE can destroy your system, thus making the computer to work abnormally.
ADONCE.EXE is a dangerous file.
Remove ADONCE.EXE from your computer immediately.
Kill the process ADONCE.EXE and remove ADONCE.EXE from the Windows startup.
Malware Analysis of ADONCE.EXE
Full path on a computer: %WinDir%\Macro\Set\Adonce.exe
Detected by UnHackMe:
ADONCE.EXE
Default location: %WinDir%\Macro\Set\Adonce.exe
Removal Results: Success
Number of reboot: 1
ADONCE.EXE is known as:
Trojan.Wsgame
ADONCE.EXE hash:
- MD5: 4059bfac67f26d085cc922a2ee2bb4c0
How to quickly detect ADONCE.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Adonce: “%WinDir%\Macro\Set\Adonce.exe”
Folders:- %WinDir%\Bole
- %WinDir%\Bole\Nt
- %WinDir%\Fosy
- %WinDir%\Fosy\Nert
- %WinDir%\Macro
- %WinDir%\Macro\Set
- %WinDir%\Nolya
- %WinDir%\Nolya\Red
- %WinDir%\Nolya\Red\sd
- %WinDir%\Nolya\Red\sd\Roud
- %WinDir%\Vold
- %WinDir%\Vold\boi
- %WinDir%\Vold\boi\ger
Files:- %Temp%\1585C.dmp
- %Temp%\5399_appcompat.txt
- %WinDir%\Bole\Nt\tod.exe
- %WinDir%\c38de76cdefa25b5c48cd1bc0dba4dc5.jpg
- %WinDir%\Fosy\Nert\for.exe
- %WinDir%\gt.exe
- %WinDir%\Macro\Set\Adonce.exe
- %WinDir%\roky.exe
- %WinDir%\Vold\boi\ger\VektN.pas
- C:\4game_zapuskator.exe