Recommended
Jul 27, 2012

Remove Win64/Agent.BA Virus Completely And Manually

Are you troubled by Win64/Agent.BA virus? Don’t know why this virus can sneak into your computer even if you have antivirus program installed? Users should understand this is a tricky virus that can escape from security tools and must be removed manually.

What is Win64/Agent.BA?

Win64/Agent.BA is categorized as a Trojan virus that can cause a lot of malicious activities and problems for your computer, which will cause huge security danger. It can compromise your computer by exploiting system security leaks. After successful installation, your antivirus program such ESET Nod32 antivirus 4 will show warning messages again and again. However, the virus is malicious and it even disables the security protocols of ESET since it will say the antivirus is non-functioning every time when you try to remove it.

This Trojan will drop lots of malicious files under Windows system folder to occupy system resource, slowing down your computer and making it unstable. Like other Trojans, it includes backdoor capabilities that can open network ports to download and install additional malware threats onto the infected computer. What makes people crazy is this pesky virus is able to allow attackers to gain remote access and control over the compromised computers. Thus, your personal information such as credit card information, login password will be exposed. All in all, it is a must for users to get rid of this malware once upon detection.

Expertise is required when you perform the manual guide below since any mistake may lead to system crash immediately. It is suggested users to backup all your data first. If you need any help, please live chat with YooCare experts now.

Manual Removal Guides:

1. Show hidden files and folders.

Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.

Click the View tab.

Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.

2. Open Registry entries. Find out the malicious files and entries and then delete all.

Attention: Always be sure to back up your PC before making any changes.

a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.

b. All malicious files and registry entries that should be deleted:

%AllUsersProfile%\[random]
%AppData%\Roaming\Microsoft\Windows\Templates\[random]
%AllUsersProfile%\Application Data\.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current\Winlogon\”Shell” = “random”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[RANDOM].exe”

Video Shows You How to Safely Modify Windows Registry Editor:

If you failed to remove this Trojan with the instructions above or need any assistant, you are welcome to contact YooCare experts to resolve all the problems completely.

Published by & last updated on July 27, 2012 7:49 am

Leave a Reply

Your email address will not be published.

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On