How to remove oobeldr.exe

oobeldr.exe

The module oobeldr.exe has been detected as Trojan.RedLine

oobeldr.exe
Remove oobeldr.exe

File Details

Product Name:

Winamp
Company Name:

Nullsoft, Inc.
MD5: af6e384dfabdad52d43cf8429ad8779c
Size: 4 MB
First Published: 2023-06-30 23:34:46 (2 years ago)
Latest Published: 2025-01-18 23:01:27 (4 months ago)
Status: Trojan.RedLine (on last analysis)
Analysis Date: 2025-01-18 23:01:27 (4 months ago)

Overview

Signed By: Karcher VC 4 Cordless myHome (1.198-620.0)
Status: Valid

Common Places:

%appdata%\microsoft
%temp%
%appdata%\microsoft
%programfiles%\kmspico
%appdata%\microsoft
%appdata%\microsoft
%temp%
%appdata%\microsoft
%temp%
%appdata%\microsoft

Geography:

Turkey 11.8%
Egypt 8.3%
Ecuador 7.5%
Cuba 6.3%
Morocco 6.3%
Indonesia 5.9%
Bolivia 5.1%
Switzerland 4.3%
Brazil 3.9%
Botswana 3.5%
Colombia 3.5%
Venezuela 3.5%
Argentina 3.1%
Kenya 2.8%
Reunion 2.8%
Philippines 2.8%
Spain 2.0%
Dominican Republic 2.0%
Nigeria 2.0%
Thailand 1.6%
India 1.6%
Algeria 1.2%
Vietnam 1.2%
Ethiopia 1.2%
Poland 1.2%
South Korea 0.8%
Israel 0.4%
Germany 0.4%
Honduras 0.4%
Italy 0.4%
Mexico 0.4%
Tanzania 0.4%
Iraq 0.4%
Sri Lanka 0.4%
Chile 0.4%
Uruguay 0.4%

OS Version:

Windows 10 92.5%
Windows 7 6.3%
Windows 8.1 1.2%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x007780c8

PE Sections:

Name Size of data MD5
.MPRESS1 4162048 85196a9e5bb84c8aec901dc36393e0ff
.MPRESS2 3584 23fd5bedcbebef397a50bc0c1e24fe23
.rsrc 391168 3362fe7a1fe8373e42cd3fd283556903

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for oobeldr.exe
copyright for information about oobeldr.exe
­