help me remove this trojan

Status
Not open for further replies.
S

spikygv

Wise Old Owl
hello,

my system has been infected by Win32/PSW.onlinegames.OAJ trojan. nod32 quarantines it everytime i double click on a drive in my computer. the strange is that after quarantine , the contents of the drive are displayed in a new window leaving my computer intact.

Please help me to remove this bug

thanks.
 
OP
S

spikygv

Wise Old Owl
thank you for replying. i could not find autorun.inf in the root of any drive. i tried the same in cmd as well , but there was no autorun.inf. .
 
D

dkverma87

Broken In
Install a good Antivirus software (I recommand Avast Antivirus) and update it to date. It is also a good option to install a firewall like ZoneAlarm with antivirus. Schedule boot time scanning for viruses and restart your PC.

Now go to run and type "msconfig" and hit enter, go to startup and disable all unknown files even it is from windows folder. Restart your machine.

To open a drive Use Address Bar inspite of double click on a drive. Thus virus can't execute.

as you say your system is infected, therefore you can't see hidden files. To see these files. write "regedit" in run command and then choose :
HKEY_CURRENT_USER >> Software >> Microsoft >> Windows >> Current Version >> Explorer >> Advanced and now you can say entry, named "hidden" in the right pane. now open it and set the value to 1. Now you can see hidden files.

Now, open folder option and Uncheck "hide protected operating system files" to see all hidden files but you should remember don't use double click to open a drive.

Open drives one by one using address bar and delete "autorun.inf". Also delete unknown system files. But don't delete "boot.ini, ntdetect, pagefile, ntldr, AutoExec, MSDOS, etc. main system files" form system drive.

I hope you can do it. Good Luck!
 
dhanusaud

dhanusaud

Ambassador of Buzz
go to www.s-cop.com & download free virus scanner there. scan all drives including you think that it is safe one by one.

For the topic "how to delete autorun.inf file" follow the link below:
*www.thinkdigit.com/forum/showthread.php?t=87478

restart your PC it will work fine.

And remember, if you are using keygens for some software and saved anywhere in your HDD, it will remove all those things.:p
 
OP
S

spikygv

Wise Old Owl
thanks i'll give it a try

dhanusaud said:
go to www.s-cop.com & download free virus scanner there. scan all drives including you think that it is safe one by one.

For the topic "how to delete autorun.inf file" follow the link below:
*www.thinkdigit.com/forum/showthread.php?t=87478

restart your PC it will work fine.

And remember, if you are using keygens for some software and saved anywhere in your HDD, it will remove all those things.:p
Click to expand...

i use nod32 and its updated.i dont think i need to change my antivirus. .isnt nod32 good enough ? i tried deleting autorun.inf after following the info in the thread but no go. .
all items in the stratup ( msconfig ) are known to me ( i checked again now ). .Occasionally i check the list and keep deleting unwanted apps. .
 
Last edited:
dhanusaud

dhanusaud

Ambassador of Buzz
i am suggesting you not pressing you to do so. anyway if you dislike I don't recommend you anything else. I don't believe that I am safe even I have well updated antivirus. I some use the same standalone virus removal tool, if I get caught by unknown virus as well.

For your information that's not a complete antivirus you should have to install, instead that's only a well updated free virus removal tool.
 
joey_182

joey_182

Jack Sparrow
i have surfed from same problem while playing counter strike...
so i used 'trojan remover trial version' if u are still facing the problem then use this it ll rename the virus and then virus wont execute even if u reboot then ur nod 32 can ll remove the file or u can manually delete that file and then u just need to fix registries..for that u can use Ccleaner for free..
 
OP
S

spikygv

Wise Old Owl
trojan remover removed the trojan. thanks. .but small problem , whenever i double click on any drive from My Computer , it doesnt open , it says "open with" .. i have to access through windows explorer .. wat shall i do ?

thanks again.
 
OP
S

spikygv

Wise Old Owl
^^ yes, it worked and for safe keeping i removed some registration entries suggested by vishal gupta in the sticky thread of FAQ . thanks all .
 
Status
Not open for further replies.
Top Bottom