Trojan.Boaxxe is a computer Trojan that can download more threats on to the infected computer and execute it without user’s knowledge. This threat will also open a backdoor on victim’s computer that will allow a remote attacker to gain access and steal sensitive information.
When user accidentally runs Trojan.Boaxxe on the computer, it will create certain files. You can see the list of files on Related Files and Folders section. The Trojan will also adjust the registry of your Windows. It will add a number of entries so that the code will run each time you start Windows. To gain some control and rule some parts of Windows, Trojan.Boaxxe will add some registry values.
Without your consent, this Trojan will allow a remote attacker to access the computer. This is possible when the threat started to build a backdoor port, serving as an attacker’s duct. After establishing a connection, attacker may now control the computer and steal sensitive data like user name and passwords.
To empower its presence, Trojan.Boaxxe will attempt to connect to different locations like infected web sites, remote servers, and file-sharing networks to download and execute more threats.
The Trojan may enter the computer by means of another Trojan called Trojan.Boaxxe!dr. On some instances, computers may obtain the infection from file-sharing networks, spam email messages and malicious links that user may click from instant messaging programs.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Manual Removal of Trojan.Boaxxe:
1. Temporarily Disable System Restore.
2. Update the virus definitions.
3. Restart Windows in Safe Mode.
4. Run a full system scan and clean/delete all infected files.
5. Delete/Modify any values added to the registry.
6. Exit registry editor and restart Windows.
Scan with Norton Power Eraser:
A free removal tool from Norton Antivirus was developed to remove unfamiliar threats without using the traditional AV signatures. Download the tool from this location and start scanning the computer for viruses.
Technical Details and Additional Information:
Malicious Files Added by Trojan.Boaxxe:
Associated Windows Registry Entries:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\”ImagePath” = “system32\DRIVERS\sr.sys”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\”Start” = “0”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\Parameters\”FirstRun” = “0”
Associated Windows Registry Subkeys:
HKEY_CLASSES_ROOT\[RANDOM CHARACTERS SUBKEY ONE]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\[RANDOM CHARACTERS SUBKEY TWO]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[RANDOM CHARACTERS SUBKEY THREE]