Your computer is unfortunately infected by Win32/Agent.OBA? You might have tried removing this infection from your computer but failed. Do you how to effectively get rid of Win32/Agent.OBA? This post will provide a useful guide on how to remove this infection from your infected computer for good.
Win32/Agent.OBA is one of the malicious Trojans that attempt to steal personal information when getting installed on your computer. It is usually attached with spam email attachments and free programs. It can be downloaded onto your computer as well when you visit malicious websites or click on suspicious links. This Trojan can have a great effect on your system performance and Web browsers performance. It consumes lots of precious resources and slows down your computer. It also floods your browsers with a number of ad pop-ups and fake error messages. To make mess up your system, it deletes core system files and modifies registry entries and downloads additional malware from certain websites. Moreover, it can collect confidential information on your computer and send to the remote hackers. That information collected may conclude your usernames, passwords, IP address, search queries and banking account detains. It is vital that this Trojan be removed the moment it is detected.
Win32/Agent.OBA removal can be accomplished in two ways, the manual way and the automatic way. Manually removing this Trojan is not an easy task, for you need to stop the process of the Trojan and delete its related files and registry entries from your computer completely. Here are the steps and you can follow them to perform the removal.
1. Reboot your computer after exiting all programs.
2. Please keep tapping the F8 key during the start-up process.
3. When the Windows Advanced Options Menu appears, please select Safe Mode with Networking by using the arrow keys.
4. Press Enter to proceed.
5. Press the keys Ctrl+ Alt+ Delete at the same time to open the Window Task Manger.
6. Go to “Processes”, find out the process of Win32/Agent.OBA and stop it.
7. Find out and delete files related to the Trojan from your computer.
%sysdir%\drivers\ip6fw.sys
%sysdir%\drivers\runtime.sys
%sysdir%\[number]_exception.nls
8. Click the "Start" button and select "Run".
9. Type "regedit" into the box and the Registry Editor will open.
10. Find out the following registry entries, right click on them and select "Delete" to remove them from your registry.
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
HKEY_LOCAL_MACHINE \Software \Microsoft \Windows \CurrentVersion \RunServicesOnce
HKEY_CURRENT_USER/Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER \Software \Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\Run
If you are a fresh hand in computer, we highly recommend that you use the automatic way to delete Win32/Agent.OBA. In this way, you only need to download a powerful removal tool and use it to completely remove the nasty Trojan from your computer. Comparing with the manual way, the automatic way is much easier, and most important of all, it is safer. If you make any mistakes during the manual removal process, it may bring severe system problems. But if you use the automatic way, you can avoid causing damage to your system.
Win32/Agent.OBA is one of the malicious Trojans that attempt to steal personal information when getting installed on your computer. It is usually attached with spam email attachments and free programs. It can be downloaded onto your computer as well when you visit malicious websites or click on suspicious links. This Trojan can have a great effect on your system performance and Web browsers performance. It consumes lots of precious resources and slows down your computer. It also floods your browsers with a number of ad pop-ups and fake error messages. To make mess up your system, it deletes core system files and modifies registry entries and downloads additional malware from certain websites. Moreover, it can collect confidential information on your computer and send to the remote hackers. That information collected may conclude your usernames, passwords, IP address, search queries and banking account detains. It is vital that this Trojan be removed the moment it is detected.
Win32/Agent.OBA removal can be accomplished in two ways, the manual way and the automatic way. Manually removing this Trojan is not an easy task, for you need to stop the process of the Trojan and delete its related files and registry entries from your computer completely. Here are the steps and you can follow them to perform the removal.
1. Reboot your computer after exiting all programs.
2. Please keep tapping the F8 key during the start-up process.
3. When the Windows Advanced Options Menu appears, please select Safe Mode with Networking by using the arrow keys.
4. Press Enter to proceed.
5. Press the keys Ctrl+ Alt+ Delete at the same time to open the Window Task Manger.
6. Go to “Processes”, find out the process of Win32/Agent.OBA and stop it.
7. Find out and delete files related to the Trojan from your computer.
%sysdir%\drivers\ip6fw.sys
%sysdir%\drivers\runtime.sys
%sysdir%\[number]_exception.nls
8. Click the "Start" button and select "Run".
9. Type "regedit" into the box and the Registry Editor will open.
10. Find out the following registry entries, right click on them and select "Delete" to remove them from your registry.
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
HKEY_LOCAL_MACHINE \Software \Microsoft \Windows \CurrentVersion \RunServicesOnce
HKEY_CURRENT_USER/Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER \Software \Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer\Run
If you are a fresh hand in computer, we highly recommend that you use the automatic way to delete Win32/Agent.OBA. In this way, you only need to download a powerful removal tool and use it to completely remove the nasty Trojan from your computer. Comparing with the manual way, the automatic way is much easier, and most important of all, it is safer. If you make any mistakes during the manual removal process, it may bring severe system problems. But if you use the automatic way, you can avoid causing damage to your system.
评论
发表评论