W32.Bokya.Int


Aliases: W32/bokya
Variants: N/A

Classification: Malware
Category: Computer Virus

Status: active & spreading
Spreading: slow
Geographical info: North and South America, and some parts of Europe,Asia and Australia
Removal: Easy
Platform: W32
Discovered: 15 Jan 2003
Damage: Low

Characteristics: The W32.Bokya.Int program is known as a worm that poses itself as picture folder. The worm has been written with Visual Basic programming language and condensed with UPX.

More details about W32.Bokya.Int

Normally, this worm affects or infects all windows operating system namely, 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP. The W32.Bokya.Int program is known as a worm that poses itself as picture folder. The worm has been written with Visual Basic programming language and condensed with UPX. The damage level and geographical distribution and of this worm is very low. The threat levels and removal procedures are very easy. If you do not have Visual Basic run-time libraries, your computer and/or laptop is in luck for it will never be opened. Once opened, you will see a pop-up box that says “Bokya.” Action button include, “Abort,”Retry,” and “Ignore.” It is known that it is using a Windows scripting code intended to modify the registry to execute itself every time you start Windows. Second, it also copies itself to the root folder of all the drives as Pictures.exe. And lastly, it also tries to delete the files Regedit.exe and Regedit.com from the system folder.

The W32.Bokya.Int program is also capable of disabling the processes of anti-malware programs that are protecting the system. The anti-malware is not able to update its malware database when it is disabled. This makes the worm application difficult to detect and remove from the affected computer. The worm application is also capable of downloading and executing unwanted files from a remote file server to the user’s computer. This severely compromises the affected computer, as well as the user’s privacy and security.