http://net-studio.org >> Patch>

Braviax (Braviax.exe) Remover


	Patchs for virus
	Tutorials
	Tips
	Forum
	Windows Optimum
	USB FireWall
	Boost Google Search

	Information
	Une backdoor trojan malveillant qui s'exécute en arrière-plan et permet l'accès à distance au système compromis.
	Fichier
	<System>\braviax.exe <System>\delself.bat <System>\dllcache\beep.sys <System>\dllcache\figaro.sys
	Registre
	Created Registry Values: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] 1208 = 0x00000000 2500 = 0x00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] 1208 = 0x00000000 2500 = 0x00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] 1208 = 0x00000000 2500 = 0x00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] 1208 = 0x00000000 2500 = 0x00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] 1208 = 0x00000000 2500 = 0x00000003 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] braviax = "%System%\braviax.exe" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] Enable Browser Extensions = "yes" Search Bar = "http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Security Center] AntiVirusDisableNotify = 0x00000001 FirewallDisableNotify = 0x00000001 UpdatesDisableNotify = 0x00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] braviax = "%System%\braviax.exe" Registry Values were modified: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] Default_Search_URL = "http://www.google.com/ie" Search Page = "http://www.google.com" Start Page = "http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] SearchAssistant = "http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] 1201 = 0x00000000 1804 = 0x00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] 1201 = 0x00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] 1201 = 0x00000000 1804 = 0x00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] 1201 = 0x00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] 1200 = 0x00000000 1201 = 0x00000000 1608 = 0x00000000 1804 = 0x00000001 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] Start Page = "http://www.google.com" Search Page = "http://www.google.com"
	ATTENTION
	Une fois ce virus installé sur votre ordinateur, il va se connecter à l'adresse : http://do-scan-progress.com/?wmid=1058&l=33&it=2&s=1 et tente de télécharger un fichier nommé wini10581.exe, le mets dans le repertoire Windows et installe une application qui s'appelle XP AntiSpyware 2008 (ou 2009) ou XP AntiVirus 2008 ou 2009.

Liens

Les derniers Patchs:

Antivirus 360 (av360.exe)
Spyware Guard (spywareguard.exe, Mal/EncPk-CZ, Rootkit.Win32.TDSS, SpywareGuard2008, Program:Win32/FakeSpyguard)
Brastk (Win32/Wantvi.I, Brastk.exe)
Braviax (Win32/Wantvi.I, Braviax.exe)
XP AntiSpyware 2009 (XP_AntiSpyware.exeL, Downloader.Win32.Agent.bs,New Malware.aj)
FlashGuard.exe (DriveGuard.exe,Win32.Worm.Autoit.AL, AUTORUN.TZ)
cradle of filth (cradle_of_filth.vbe, Notre Gates qui est à Seattle)

COPYRIGHT (C) 2008 NET STUDIO, ALL RIGHT RESERVED