Braviax, is it all gone?

Discussion in 'Malware Help (A Specialist Will Reply)' started by spookie_luna, Mar 11, 2008.

  1. spookie_luna

    spookie_luna Private E-2

    Hi there,

    I must have clicked some malicious link today, don't even remember where or when, just that balloon popping up saying i was infected. I noticed the delself.bat file on my desktop and googled it and saw its connection to braviax. Finally I found your wonderfully helpful forum and tried the READ & RUN ME FIRST, to the best of my abilities.

    I believe every step has been done and attached are my logs. The delself.bat icon is still on my desktop, and i believe things are lagging a bit or maybe i've just made myself really paranoid. The balloon is gone, but i want to know if there is still something wrong. Can someone please take a look? It would be greatly appreciated!

    :)
     

    Attached Files:

    spookie_luna, Mar 11, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You are in pretty good shape now. Just do the below minor step.


    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)

    After clicking Fix, exit HJT.

    Then if you are not having any other malware problems, it is time to do our final steps:
    1. If we used ComboFix then UNINSTALL COMBOFIX (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN
      • Now type combofix /u in the runbox and click OK.
      • Note: The space between the X and the /U, it must be there.
    3. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    4. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    5. If you are running Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    6. After doing the above, you should work thru the below link:
     
    chaslang, Mar 12, 2008
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds