Trojan.Boaxxe

Trojan.Boaxxe is a deadly computer parasite that should be taken out of the infected system at once. To avoid this Trojan, we recommend that you abstain from visiting unknown web sites.

Trojan.Boaxxe is a computer Trojan that can download more threats on to the infected computer and execute it without user’s knowledge. This threat will also open a backdoor on victim’s computer that will allow a remote attacker to gain access and steal sensitive information.

When user accidentally runs Trojan.Boaxxe on the computer, it will create certain files. You can see the list of files on Related Files and Folders section. The Trojan will also adjust the registry of your Windows. It will add a number of entries so that the code will run each time you start Windows. To gain some control and rule some parts of Windows, Trojan.Boaxxe will add some registry values.

Without your consent, this Trojan will allow a remote attacker to access the computer. This is possible when the threat started to build a backdoor port, serving as an attacker’s duct. After establishing a connection, attacker may now control the computer and steal sensitive data like user name and passwords.

To empower its presence, Trojan.Boaxxe will attempt to connect to different locations like infected web sites, remote servers, and file-sharing networks to download and execute more threats.

The Trojan may enter the computer by means of another Trojan called Trojan.Boaxxe!dr. On some instances, computers may obtain the infection from file-sharing networks, spam email messages and malicious links that user may click from instant messaging programs.

Technical Information:

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Manual Removal of Trojan.Boaxxe:

1. Temporarily Disable System Restore.
2. Update the virus definitions.
3. Restart Windows in Safe Mode.
4. Run a full system scan and clean/delete all infected files.
5. Delete/Modify any values added to the registry.
6. Exit registry editor and restart Windows.

Scan with Norton Power Eraser:
A free removal tool from Norton Antivirus was developed to remove unfamiliar threats without using the traditional AV signatures. Download the tool from this location and start scanning the computer for viruses.

Technical Details and Additional Information:

Malicious Files Added by Trojan.Boaxxe:
%System%\Restore\MachineGuid.txt
%Windir%\Tasks\At1.job

Associated Windows Registry Entries:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\”ImagePath” = “system32\DRIVERS\sr.sys”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\”Start” = “0″
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\Parameters\”FirstRun” = “0″

Associated Windows Registry Subkeys:
HKEY_CLASSES_ROOT\CLSID\{68443FF4-3A3A-4772-8B09-9291F0570DF3}
HKEY_CLASSES_ROOT\[RANDOM CHARACTERS SUBKEY ONE] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\[RANDOM CHARACTERS SUBKEY TWO] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[RANDOM CHARACTERS SUBKEY THREE]

Alternative Removal Method for Trojan.Boaxxe

Option 1 : Use Windows System Restore to return Windows to previous state

If Trojan.Boaxxe enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Trojan.Boaxxe infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.