theofficeshop
asked on
How do I get rid of the PSW.OnlineGames.NMY trojan
I have a PC that is infected with the WIN32/PSW.OnlineGames.NMY trojan virus. My Eset Nod32 antivirus keeps bouncing every five seconds to tell me that it has been placed in quarantine and doesn't stop. The exact message is:
Object:
C;\autorun.inf
Threat:
Win32/PSW.OnlineGames.NMY trojan
Information:
cleaned by deleting-quarantined
I did a search for autorun on the computer and it displayed the following
cdautorun c:\program file\picas2
autorun c:\program files\microsoft plus! Digitial Media editor\plus dme11.cab
autorun c:\prgrram files\online services\perople pc
autorun c:\windows\system32\pcintr o
autorun c:\windows\system32\pcintr o
autorun c:\program files\ho\Digital Imaging\{OFABD3D7-3O36-4E7 8-B29D-589 57ADBOA12}
How can I get rid of this trojan?
Object:
C;\autorun.inf
Threat:
Win32/PSW.OnlineGames.NMY trojan
Information:
cleaned by deleting-quarantined
I did a search for autorun on the computer and it displayed the following
cdautorun c:\program file\picas2
autorun c:\program files\microsoft plus! Digitial Media editor\plus dme11.cab
autorun c:\prgrram files\online services\perople pc
autorun c:\windows\system32\pcintr
autorun c:\windows\system32\pcintr
autorun c:\program files\ho\Digital Imaging\{OFABD3D7-3O36-4E7
How can I get rid of this trojan?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
First of all, remove any removable devices (e.g. usb sticks, memory cards, etc.). Look into the file C:\autorun.inf and put down the file name listed at the line commencing with "shell\open\command=".
Look up and rename that file and restart the computer.
Send the file you've previously renamed in a password protected archive and this thread's url in the subject to samples[at]eset.com.
You can also do the following
You don't have to uninstall NOD if you use clamwin portable anti-virus.
Install portable version of ClamWin anti-virus in a USB pen drive and scan your PC with it.
Use another clean PC to download Clamwin portable anti-virus and install it on a USB pen drive.
Download here
http://portableapps.com/apps/utilities/c...
Document on how to configure ClamWin
http://support.real-time.com/open-source...
1) Start Clamwin anti-virus and update the latest anti-virus definition files.
2)Select the tools menu bar, set the preferences to remove virus.
3)Start the infected PC in safe mode by pressing F8 during start up.
4) Run the Clamwin Anti-virus that is installed on the USB pen drive to scan the
infected PC.
5)After removing the virus, install crap cleaner (ccleaner) to get rid of the
viruses left over setting in the windows registry.
http://www.softpedia.com/progDownload/CC...
Source(s):
ClamWin is a Free Antivirus for Microsoft Windows that uses the GNU General
Public License by the Free Software Foundation and is free (as in freedom)
software. It can detect and remove more than 430,000 Trojans and viruses.
5 months ago