Cannot remove Trojan:Win32/oficla.E

I think that I have a virus which create a file in my temps directory and immediately deletes them. My Microsoft security essential pop up a message after every 15minutes and when I click to clean it says that file not found. I try to run full scan using Microsoft security essential as well as other Anti-virus but does not find anything and when try to scan in safe mode it will crash. One more thing this virus adds extension to firefox ahich redircts me to advertising sites when click on links.In C:\Windows\Temp\dqwg.tmp\svchost.exe location Microsoft security essential finds is Trojan:Win32/oficla.E. I think it keep on changing the temp files name and I also tried system restore. Can any one aware how to remove this Trojan from my system? Please help to get rid of this issue thank you in advance.

Suffering from same problem because of trojan win32:oficla-E found on my system. I am using Avast anti virus and perform several scans as well as boot scan finds it and display the pop ups every 15-20 minute but when give action to remove it then no file found message is displayed. It can not find it with the scan.I have used various tools such as Spybot search and destroy, Ad-Aware, Advanced System Care,Super Anti Spyware, and Windows Defender and done full scan with spybot have found it but all are unable to remove it from my system.

I think I have solution to your problem. you just need to perform the following instruction to remove trojan win32.ofical-E.
First restart your computer and continue press f8 during the bootup process in order to get startup options. In Safe mode with networking select START option and when your computer start use spybot search an destroy to scan the system it finds all the malicious and then prompt me to restart the system again in order to get rid of the bad registry entries which it found so far and will solve this problem. I think that any anti virus malware program will do the same thing if started in safe mode with networking. Best of luck and hope this information will help to remove this malicious program and get rid of it. After performing it I got my problem solve.

Having the same issue and I think the problem is resolved by following the instructions mentioned in above post.I downloaded spybot and scan system but it found only cookies. I have updated my Microsoft security essential so I am not sure whether it got removes because of spybot or due to update to Microsoft security essential.But Microsoft security essential still crash when scanning in safe mode.

Trojan:Win32/Oficla.E attempts to inject code into windows running process to download a security program named as TrojanDownloader:Win32/FakeScanti. You check the following changes which indicate the presence of this Trojan.
1]Presence of additional data in temp registry as mentioned in the following example.
Value=Shell
With data=explorer.exe rundll32.exe dckp.kio pushprl
subkey= HKLM->SOFTWARE->Microsoft->Windows NT->CurrentVersion->window login
2] you can also come to know from Alert notifications from installed antivirus software.
This trogan win32/oficla.E might be also installed by another trojan such as win32/oficla.A. It is also found that this trojan is distributed in spam mail message as an attachment. Attachment is an archive file and named as agreement.zip which contain an exe code named agreement.exe.

When you run this trojan it drops a copy of itself in temp directory, the file is named as any random number and with .tmp extension. The drooped file is executed which try to launch user asynchronous procedure call to svchost.exe which in turn call the malicious APC. After this the trojan is copied as a random file named in windows system folder. The registry is modified to run its copy at each start of windows as given below:
Value="Shell"
With data= "explorer.exe rundll32.exe dckp.kio pushprl"
TO Subkey= HKLM->SOFTWARE->Microsoft->Windows NT->CurrentVersion\window logon
This trogan modifies the registry with the below given data and value :
Value:Urlo
Data:<Some hexadecimal data>

Thomas321 thank you for your valuable you have mentioned the working of this Trojan win32/ofical-E. Can you please tell some methods to prevent my system from such malicious effect?I have tried with various software to remove it but it is really impossible. Please provide detail information for prevention thank you in advance. Your effort will be appreciated.

You can perform the following step to prevent your system from such malicious program:
1]You can enable the firewall on your computer.
2]Try to get the latest updates available to all your software
3]Make sure that your anti-virus is up-to-date
4]when opening attachments and accepting file transfers amke sure that it is from trusted party
5]Don't click on the link on web pages when it is not related to your task.
6]If possible try to avoid downloading pirated softwares because threats can also be bundled with them.
7]Try to protect from social engineering attack to protect your system. Attackers can try to exploit vulnerabilities in software so that they can compromise a system
8]Use strong password combination of small word, capital letters and numbers. Because attacker may try to access your account by guessing your account password.

Below are the steps to enable a firewall on your computer
You have two options you can use a third-party firewall and second you can turn on the Microsoft Windows Internet Connection Firewall.
Procedure to turn ON windows firewall in VISTA:
1. Go to Start menu and click Control Panel.
2. Select Security.
3. Select Turn Windows Firewall on or off.
4. Select On and
5. Finally click OK.
Procedure to turn ON windows firewall in Windows XP
1. Go to Start menu and Select Control Panel.
2. Select Network and Internet Connections. If not available then click Switch to Category View.
3. Sel;ect Change Windows Firewall Settings.
4. Select On and
5. Finally Click OK to finish the setting.

Procedure to get the latest computer updates for vista
Latest update will help to protect your system from viruses, worms, and other threats as they are discovered. It is necessary to install updates to all your software installed in your system this can be done from venors site.
Follow the below steps to turn on Automatic Updates in Windows Vista
1.Go to Start manu and open Control Panel.
2.Select System and Maintainance.
3.Then select Windows Updates.
4.Select Install updates automatically setting as recommended by Microsoft and chose the time which is convenient for you to perform the update.
Procedure to get the latest computer updates for windows XP:
1.Go to Start menu and select Control Panel.
2.Select System.
3.Select Automatic Updates.
4.Select Automatic setting as recommended by Microsoft and chose the time which is convenient for you to perform the update.