Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bojka.exe


  • Please log in to reply
2 replies to this topic

#1 HJH

HJH

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 28 March 2005 - 07:10 PM

Hi, hopefully this is in the right place.


I have had the Trojan "bokja.exe" for months now. I have tried absolutely everything to get rid of it, but to no avail. I'm out of ideas.

So, I ask: Has anyone ever had this virus? And if so, how did you rid yourself of it? Or does anyone have any ideas on how to do so?

Any help would be much appreciated.

EDIT: Spelt the name wrong in the title. It's "boKja.exe", not "bojka.exe".

Edited by HJH, 28 March 2005 - 08:10 PM.


BC AdBot (Login to Remove)

 


#2 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:03:35 AM

Posted 29 March 2005 - 12:08 AM

I should think that if you use Spybot or Ad-AwareSe, and run either of these in SAFE MODE, they should be able to remove it for you.
Regards,
John
Whereof one cannot speak, thereof one should be silent.

#3 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,583 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:35 AM

Posted 29 March 2005 - 11:51 AM

Hi HJH,

First I want to say I'm sorry that you weren't able to eliminate this back in January:
http://www.bleepingcomputer.com/forums/ind...wtopic=7934&hl=

To answer your question, I have personally not ever had this infection but have run across it before in HJT logs. It's from the 2nd Thought Adware trojan and sorry again, but I, we, run across so many of these things when doing logs, I can't remember exactly what it takes to get rid of it. I do seem to remember that it was difficult.

What I suggest is that you start the malware removal process over again by posting another HJT log. There is a new version since you last posted so first update HijackThis by following the instructions in this post:
How to post a HijackThis Log

Before posting a log, tho, you should do the preliminaries, an important part of which is running AdAware and Spybot in Safe Mode as jgweed has suggested. In your case it is much more effective to run these programs in Safe Mode and I would run a full system scan with your antivirus (still Norton?) in safe mode as well.

That may eliminate it, but whether it does or not I would still post a HijackThis log.

I also noticed in your old log that you were running an unpatched XP. If you are still doing that you will continue to get infected thru security holes despite all the security apps you have installed. So it is important that you do this:

1. With Internet Explorer Open, click on Tools, Windows Update.
2. Let it scan and then choose Custom Installation.
3. Put a checkmark next to only Windows Malicious Software Removal Tool and allow that to run. It should rid you of any malware on your PC that got installed thru the vulnerabilities of an unpatched system. Like the l?ass.exe file you had problems with.

4. When that is done, exit Windows Updates. Open this link to the Windows XP Service Pack 1a page, select Express Installation and follow the instructions to download/install Service Pack 1a (SP1a). Reboot when requested. Hold off on SP2 for now.

After you have been given the all clear and are comfortable that all is working as it should, then I recommend you go ahead and install SP2. As SP2 is a large update, you may want to order the CD from Microsoft instead of downloading the file. Order here. Then return to Windows Update and install any remaining Critical Updates.

Edited by Papakid, 29 March 2005 - 11:56 AM.

The fate of all mankind, I see

Is in the hands of fools

--King Crimson





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users