[#: The article How to Remove Trojan:Win32/Boaxxe.E is an article in Spyware Removal Instructions, the original author is egomoo .you can read more articles at Manual removal instructions> Trojan,the next article:.#]
|
|
What's about Trojan:Win32/Boaxxe.E
Trojan:Win32/Boaxxe.E is an hostile and dangerous trojan that uses special rootkit methods to open stealth backdoors to third parties by changing files, running processes and registry entries. Mostly, Trojan:Win32/Boaxxe.E is installed on the system via corrupt multimedia downloads, adult sites, spam email links or through peer-to-peer file exchange programs. Trojan:Win32/Boaxxe.E may be damaging to the functionality of your computer.
Trojan:Win32/Boaxxe.E is a trojan that drops other malware in the system.
Drops and installs other malware
Upon execution, Trojan:Win32/Boaxxe.E drops a DLL file with a random file name in the Windows system folder. The dropped file is detected as Trojan:Win32/Boaxxe.F and is registered as a Browser Helper Object (BHO):
For example, for the dropped file ‘dwjvzib.dll’, the CLSID used to register it as a BHO is the following:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B6FD59E-CAD7-41D3-98B8-51ACCA596EF8}
Trojan:Win32/Boaxxe.E also creates a scheduled task to install its dropped file every day at a specific time. The task contains the following command:
rundll32.exe
It also installs its dropped file as a service. For example, the dropped file ‘dwjvzib.dll’ may have the service name ‘Mouse Class Monitor’:
Adds value: “ServiceDll”
With data: “
To subkey: HKLM\SYSTEM\ControlSet\Services\mqxblzgd\Parameters
Adds value: “ImagePath”
With data: “%SystemRoot%\System32\svchost.exe -k netsvcs”
Adds value: “Description”
With data: “Monitor for Mouse Class”
Adds value: “DisplayName”
With data: “Mouse Class Monitor”
To subkey: HKLM\SYSTEM\ControlSet\Services\mqxblzgd
Trojan:Win32/Boaxxe.E also ensures that its dropped file is loaded to the ‘Winlogon’ process by creating a registry subkey and entries, for example:
Adds value: “DLLName”
With data: “dwjvzib.dll”
To subkey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ovmpvnzn
|
|
How to Get rid of Trojan:Win32/Boaxxe.E
Step1: Please download Safe Returner from Here to your Desktop.
- If you are using Firefox, make sure that your download settings are as follows:
- Tools->Options->Main tab
- Set to "Always ask me where to Save the files".
Step 2:Close any open browsers. Close/disable all antivirus,HIPS and anti-malware programs so they do not interfere with the running of Safe Returner,visit here for how to temporarily disable your anti-virus and/or anti-malware programs.
Step 3:Run Safe Returner with a simple click "Start Scan".
Step 4:Waiting less than 5 minutes after scan finished.
Step 5:Click "Remove" to remove spyware or malware threats.
>Step6:
Why should you need Regtweaker?
As we know, virus and Trojans make the computer malfunction by destroying and modifying the registry so that the computer will not run normally. After the virus and Trojans are removed, the registry is still destroyed or modified, so the computer still has problems. That's why you need to repair the registry. Also, some virus and Trojans leave some DLL files in the registry and this will cause strange DLL errors and affect the computer performance.
Installing or uninstalling software still can leave your Windows registry fragmented,with obsolete,corrupted and harmful files.Check your registry with RegTweaker tody.Download RegTweaker Now
To make your computer run as fast as before or much faster than before,
1. Download and install Regtweaker.
2.Run a full scan of your computer.
3. Click Repair Now and repair all errors detected.
After these 3 easy steps, your computer will run much faster than before!
on 
