1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Mom's Computer Infected With braviax.exe

Discussion in 'Virus & Other Malware Removal' started by Diamonique, Oct 8, 2008.

Thread Status:
Not open for further replies.
  1. Diamonique

    Diamonique Thread Starter

    Joined:
    Jan 29, 2005
    Messages:
    4
    My Mom's computer which I am on now got infected with braviax.exe, and I'm trying to get it removed but this computer isn't letting me do anything.

    Ok I finally got a version of HiJackThis to run, here are the results below.

    Thanks

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:37:17 PM, on 10/8/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\brastk.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [brastk] "C:\WINDOWS\system32\brastk.exe"
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe"
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: Aces Up! by pogo - http://game3.pogo.com/v/9.0.1.7/applet/aces/aces-en_US.cab
    O16 - DPF: Addiction by pogo - http://game3.pogo.com/v/9.0.6.14/applet/addiction/addiction-en_US.cab
    O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/v/8.1.9.1/applet/slots/alibaba-en_US.cab
    O16 - DPF: Alibaba Slots - http://game3.pogo.com/v/9.0.9.16/applet/alibaba/alibaba-en_US.cab
    O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/battlephlinx/battlephlinx-ob-assets.cab
    O16 - DPF: Big Shot Roulette TM by pogo - http://game3.pogo.com/v/8.1.9.1/applet/roulette/roulette-en_US.cab
    O16 - DPF: Bingo Luau by pogo - http://game3.pogo.com/v/9.0.6.14/applet/freebingo/freebingo-en_US.cab
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/v/8.1.9.1/applet/canasta/canasta-en_US.cab
    O16 - DPF: Chess by pogo - http://game3.pogo.com/v/9.0.1.7/applet/chess2/chess2-en_US.cab
    O16 - DPF: Crazy Cakes by pogo - http://game3.pogo.com/v/9.0.4.11/applet/platespinner/platespinner-en_US.cab
    O16 - DPF: Dice City Roller by pogo - http://game3.pogo.com/v/9.0.1.7/applet/ytz/ytz-en_US.cab
    O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.3.0.53/checkeredflag/checkeredflag-ob-assets.cab
    O16 - DPF: Dominoes v2 by pogo - http://game3.pogo.com/v/9.0.1.14/applet/domino2/domino2-en_US.cab
    O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/v/9.0.1.7/applet/firstclass2/firstclass2-en_US.cab
    O16 - DPF: Fortune Bingo by pogo - http://game3.pogo.com/v/9.0.1.7/applet/superbingo/superbingo-en_US.cab
    O16 - DPF: Golf Solitaire by pogo - http://game3.pogo.com/v/9.0.3.12/applet/golfsolitaire/golfsolitaire-en_US.cab
    O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.3.0.46/harvest/harvest-ob-assets.cab
    O16 - DPF: High Stakes Poker by pogo - http://game3.pogo.com/v/8.1.9.1/applet/drawpoker/drawpoker-en_US.cab
    O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/v/8.1.9.1/applet/pool2/pool-en_US.cab
    O16 - DPF: Hog Heaven Slots by pogo - http://game3.pogo.com/v/9.1.1.1/applet/fancy/fancy-en_US.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.3.1.26/jigsaw/jigsaw-ob-assets.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/v/8.1.9.1/applet/gin2/gin2-en_US.cab
    O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.3.1.33/keno/keno-ob-assets.cab
    O16 - DPF: KenoPop! by pogo - http://game3.pogo.com/v/9.0.4.1/applet/speedkeno/speedkeno-en_US.cab
    O16 - DPF: Lottso by pogo - http://game3.pogo.com/v/9.0.1.7/applet/lottso/lottso-en_US.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.3.1.33/mahjong/mahjong-ob-assets.cab
    O16 - DPF: Mahjong Safari by Pogo - http://game3.pogo.com/v/8.2.1.23/applet/safari/safari-en_US.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.0.53/mlslots/mlslots-ob-assets.cab
    O16 - DPF: No-Limit Texas Hold'em by pogo - http://game3.pogo.com/v/8.1.9.1/applet/allin/allin-en_US.cab
    O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.3.0.53/freecell/freecell-ob-assets.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/flinger/flinger-ob-assets.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/v/8.1.9.1/applet/popfu/popfu-en_US.cab
    O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.3.0.53/poppazoppa/poppazoppa-ob-assets.cab
    O16 - DPF: Poppit by pogo - http://game3.pogo.com/v/9.1.1.8/applet/poppit2/poppit2-en_US.cab
    O16 - DPF: Pseudoku by pogo - http://game3.pogo.com/v/8.1.9.22/applet/pseudoku/pseudoku-en_US.cab
    O16 - DPF: SciFi Slots by pogo - http://game3.pogo.com/v/9.0.6.14/applet/slots/scifi-en_US.cab
    O16 - DPF: Showbiz Slots 2 by pogo - http://game3.pogo.com/v/9.1.1.1/applet/slots/showbiz2-en_US.cab
    O16 - DPF: Showbiz Slots by pogo - http://game3.pogo.com/v/9.1.1.1/applet/slots/showbiz-en_US.cab
    O16 - DPF: Spades 2 by pogo - http://game3.pogo.com/v/9.0.2.13/applet/spades2/spades2-en_US.cab
    O16 - DPF: Spider Solitaire by pogo - http://game3.pogo.com/v/8.1.9.1/applet/spider/spider-en_US.cab
    O16 - DPF: Squelchies by pogo - http://game3.pogo.com/v/8.1.9.1/applet/squelchies/squelchies-en_US.cab
    O16 - DPF: Sweet Tooth 2 by Pogo - http://game3.pogo.com/v/9.0.1.7/applet/sweettooth2/sweettooth2-en_US.cab
    O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/v/8.1.9.1/applet/holdem/holdem-en_US.cab
    O16 - DPF: Thousand Island Solitaire by pogo - http://game3.pogo.com/v/9.0.1.10/applet/millbrae/millbrae-en_US.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.2.25/peaks/peaks-ob-assets.cab
    O16 - DPF: Tumble Bees by pogo - http://game3.pogo.com/v/8.1.9.1/applet/tumbee2/tumbee2-en_US.cab
    O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.3.2.25/turbo21/turbo21-ob-assets.cab
    O16 - DPF: Turbo 21 v2 by pogo - http://game1.pogo.com/v/8.1.9.7/applet/turbo22/turbo22-en_US.cab
    O16 - DPF: Vaults of Atlantis Slots by pogo - http://game3.pogo.com/v/9.0.1.7/applet/mlslots/mlslots-en_US.cab
    O16 - DPF: Word Search Daily by pogo - http://game3.pogo.com/v/9.0.1.7/applet/wordsearch/wordsearch-en_US.cab
    O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.2.32/wordwhomp2/whomp2-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.3.0.53/whackdown/whackdown-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://game3.pogo.com/v/9.0.1.7/applet/wordjong/wordjong-en_US.cab
    O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.3.0.46/worldclass/worldclass-ob-assets.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://echat.bellsouth.net/sdccommon/download/tgctlcm.cab
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {2A9146F3-E5DE-48D8-8B53-E1214450B778} (Generator Class) - http://users.rcn.com/hornms/MachineID.dll
    O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
    O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
    O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - https://setup.bellsouth.net/wizlet/PWReset/static/controls/WebflowActiveXInstaller_6-1-2.cab
    O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://D:\content\include\XPPatchInstaller.CAB
    O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1202443945362
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1202446036228
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
    O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
    O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://D:\Content\include\msSecUcd.cab
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://flash.7sultans.com/7sultans/FlashAX2.cab
    O20 - AppInit_DLLs: karna.dat
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

    --
    End of file - 13059 bytes
     
  2. Diamonique

    Diamonique Thread Starter

    Joined:
    Jan 29, 2005
    Messages:
    4
    I fixed things myself so I'm marking this solved.

    Thanks
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/757373

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice