The PSW.OnlineGames4.ALGT is a malicious program that comes under the category of Trojan horse. It can infect windows based computers all over the world. It has the ability to change the settings of your system, and add malicious registry entries in the registry section of your windows operating system. Every time you start your windows, this malware start running its code, therefore, it becomes extremely hard for the users to remove this virus once their computer compromised to it. This is considered as an advanced level Trojan horse that keep changing its name as well as locations. This virus has the ability to slow down the speed of the PC. The basic purpose of designing this virus is to record your online activity, and steal your financial information.
Manual Removal of PSW.OnlineGames4.ALGT
Once the threat of PSW.OnlineGames4.ALGT is detected in your computer you need to remove it either manually, or using an effective automatic tool. You can easily get rid of this tricky Trojan horse by using any automatic removal tool, however, if you want to remove this virus manually, you have to follow the steps mentioned below:-
Reboot Your Computer in Safe Mode with Networking
You have to restart your computer, and after hitting the F8 key, you have to select Safe Mode with Networking option from the boot menu. Just press the Enter key, and your computer will restart in the Safe Mode with Networking.
End the Associated Processes
When your computer starts in the Safe Mode with Networking, you have to press Ctrl+Alt+Delete in order to start the task manager. When you are able to see the task manager, just press the Processes tab, and find the associated processes of PSW.OnlineGames4.ALGT. You have to select any suspicious process, and click on the End Process button.
Delete Files and Folders
Once you end the processes, now you are able to delete the associated files. You have to open the file explorer and after locating the following files or folders, you have to delete them:-
- %ProgramFiles%\Internet Explorer\Connection Wizard\[random]
- %System%\drivers\UAC[RANDOM CHARACTERS].sys
Deleting Registry Entries
After getting rid of the suspicious files, you have to clean the registry also. You have to run the RegEdit.exe command in order to start the registry editor. Once the registry editor starts on your screen, you can see the registry entries, and by checking the entries one by one you have to find and delete the following registry entries:-
· HKEY_CLASSES_ROOT\CLSID\[random numbers]
· HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\[random].exe
· HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\[random]
· HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\[random numbers]
Once you have finished the task of deleting the above mentioned registry entries, you have to close the registry editor, and restart your computer in the normal mode. You have to check the effectiveness of manual removal process once your computer is restarted in the normal mode, and if the threat is removed you have to take steps to protect your computer from future attacks of similar viruses.