Posts Comments

Oficla Virus Removal

By admin on March 15, 2010 Leave a Comment

The Trojan Oficla is a malicious software application that modifies systems that it infects and attempts to download fake anti-malware applications. This Trojan, which is also known as Win32 Oficla, reaches user systems via spam emails that warn about a certain alleged payment made by the user, which is of course fake. The user is asked to download a payment inspector attached to the email which will determine whether the payment was indeed made. Naturally, the user will try to download the attachment to prove that they have not made any such payment.

However, the attachment that gets delivered with this email is not a payment inspector application, it is the Trojan Oficla, which immediately gets installed on the user’s system as soon as the attachment to the email is downloaded and run. Once installed, Oficla dumps some files into the Windows file system along with some registry entries. It may also provide a backdoor for an attacker to download and install additional malicious software.

Win32 Oficla may also inject malicious code into the running process and download and install a rogue security software application that could cause further trouble on the computer system by creating new files and folders as well as registry entries. Such a rogue application could also attempt to trick the user into buying a software license.

In order to manually remove the Trojan Oficla, it is necessary to stop its processes from running and to remove its registry keys and entries. However, in most cases, this can proof to be a difficult process to follow, reason why it is recommended to conduct a full system scan using genuine antivirus software such as Spyware Doctor with Antivirus in order to remove Trojan Oficla professionally.

Automatic Oficla Removal

SpyHunter Download

SpyHunter is very user friendly, providing you with a simple interface that will allow you to properly understand the options and functions available. SpyHunter succeeds at both cleaning your already infected computer from viruses and to prevent virus infections in the future. Simply put IT WORKS!

SpyHunter Download  

 

Manual Oficla removal Guide

The first step to remove Oficla is to stop the following process:

  • %Windir%\gkboiers.dll

Next, it is necessary to remove the following keys and settings from the Windows Registry:

  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
  • [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa]
  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

Outside Resources:

http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Oficla-X.aspx

Filed Under: Virus Removal Tagged With: , , , , , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.