braviax.exe is a malware that also installs rogue security applications and display false alert on compromised computer. If your computer infected, then you have a red circle with a white X in your taskbar that is constantly telling you, that you have a virus
Your computer is infected!…
Starting in July 2009, this malware installs PC Security 2009.
HijackThis shows it
O4 – HKLM\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
O20 – AppInit_DLLs: cru629.dat
Follow these steps to remove braviax infection
Download SDFix and save the file to your desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix)
Reboot your PC in Safe mode.
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
Open the SDFix folder and double-click RunThis.bat.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Close any open browsers.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
You Sir, are a GOD amongst men. I\’m right smack in the middle between PC retarded and ignorant, and with your instructions I\’m back in business in less than an hour? Where are located? If in NY I\’ll buy you a beer, if elsewhere I\’ll Paypal you the beer, LOL. THANKS
Nedo, you should double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix)
After that, reboot your PC in safe mode …
Dennis, probably your PC has been infected using autorun virus/trojan. (infected USB or CD drives)
Thewhitetiger, glad to help you 🙂 But BIG thank you for your BEER!!! 🙂 My help is free.
But you can to help, if you`ll make a link from your site to Myantispyware or this article.
I ran the SDFix and rebooted. After the txt. file ran, my icons loaded, and now I cant cursor to anything; Im stuck on hourglass. I tried control alt delete, and I dont show any Applications working, and the processes are up. I can use the cursor on the task manager window, but when I go over to the desktop it goes to hourglass. I hit my windows key, and it doesnt even pull up my Start window. I tried rebooting to no effect. Im stumped.
Numacs, make a HijackThis log and post in the spyware removal forum.
Thank you very much for your help. Damn the virus.
Have Windows XP and I installed SDFix in safe mode and ran. Then downloaded Combofix and ran in safe mode. It automatically restarted after running Combofix. It is now in safe mode, however, no icons or windows start menu – just a black safe mode screen.
How do I even return to normal mode, with no windows toolbar? What should I do next? Please help!!
see: Win32.Renos
at: http://www.microsoft.com/security/portal/Entry.aspx?name=Win32%2fRenos
Easier to remove…
Clayton, are you have black safe mode screen everytime when you starting Windows ?
Hi Patrik,
I was able to get to normal mode and I ran Combofix again. All desktop icons and windows menu comes back after running. However, after rebooting again, nothing comes back except for the wallpaper picture. I can use task mananger to run programs. By the way, braviax is the reason I was running these programs.
Clayton, make a new topic and post your sdfix log (usually at C:\sdfix\logReport.txt)and last combofix log (usually at C:\QooBox\combofix.txt) in the spyware removal forum.
I followed the instructions and was able to clean up 2 pcs just fine. So THANK YOU!. Here are my notes about the process:
Download SDFix.exe and Combofix.exe as stated. SDFix needs to be run first from a DIFFERENT computer to unpack the files; the virus prevents it from unpacking them on the infected machine. So unpack the files somewhere else and then copy them to the infected machine. OR perhaps they will unpack after you start the pc in Safe Mode.
When the pc reboots in the middle of SDFix (started in Safe Mode), let it reboot in NORMAL Mode. SAFE MODE DOES NOT WORK if you invoke it here so just let it boot.
For combofix.exe it is then OK to restart in Safe Mode (well, it worked for me).
If all goes well, the tray icon and popups will only disappear at the end of the combofix run.
If the nasty icon disappears, you are doing well, and your pc is running in normal (not Safe) mode. Now run your anti-virus program (you DO have one, dont you?) and download the latest updates. You will find that it runs again. Also download Spybot S&D (www.safer-networking.org), and run that including all updates and immunizations
remainder of the posting –
Find Problems (Search and Destroy) part of the program yet.
Reboot in Safe Mode, do a FULL Anti-Virus scan of all hard drives, and run a full scan after that with Spybot S&D.
The anti-virus program will find lots of leftover stuff, and Spybot will probably find at least one leftover registry entry and who-knows-what-else.
Now reboot again in normal mode. You should be good to go at this point, based upon my experience and what I’ve read online.
FYI, My anti-virus program is the Symantec corporate edition, version 10.x. It is possible that their latest definitions will clean up more of this than mine did with previous definitions. They were able to clean some of the parts of this version of the virus as of 7/25/08.
The above instructions worked for me. I can’t promise that they will work for you, nor can I assure you that you won’t do further damage. BACK EVERYTHING UP FIRST IF YOU CAN.
THANK YOU! works like a charm, took 20 minutes though. Very much worth it 😀
It took awhile to run, but it worked. Thank you. Now to break the fingers of the guy who was stupid enough to run this thing in the first place…
God Bless you….it works….
It was touch and go there for awhile, but everything worked out great! Thank you for the tutorial! Works Great!
Your removal program for the braviax trojan was wonderful. It is worth the time it takes! Thanks so much!
This works. Thanks alot
I tried everything to kill that virus. I got rid of 6 trojans with Mcafee, hundreds of spyware programs with Spybot S&D, killed the processes in Task Manager, deleted the startup programs with RegCure, and shredded the braviax.exe file in SYSTEM32 and it still wouldnt go away. After googling braviax.exe I found this site as third on the list and followed your instructions. Everything went perfectly, and although SDFix didnt kill braviax, Combofix did. Its like battery acid for viruses. You deserve way more credit than you get from the hotshots like Mcafee and Norton.
A brief list of things akin to SDFix and ComboFix:
Battery Acid
Nuclear Bombs
Bleach
The Death Star
etc.
Cheers!
Wow, that was a stubborn little bastard. Im pretty computer savvy, but couldn’t get rid of it even after deleting files, editing the registry, etc. The steps /programs you suggested worked great!! Thanks for posting some simple, clear, steps. I couldnt find the answer anywhere! Im curious, though, as to what the programs are actually doing to get rid of the downloader.mislead.app trojan.
Thanks! You saved my life.
Let me add my thanks and kudos to the long list of satisfied users. I got SDFIX to run OK, but COMBOFIX would not fire up, even with a name change. I had thrown everything I could think of at it and then I saw your recommendation for CounterSpy and SuperAntiSpyware. I already had CounterSpy (version 3 with current defs) on the infected system and it would not see or remove BRAVIAX, so I downloaded and installed SuperAntiSpyware and it did the trick. The system is finally clean. Thanks again.
Got this virus – bah. Spent about $200 on various anti this and that software. This free one was the first one that seemed to find and fix the problem.
Thank you, your instructions worked perfectly.
Great tips Guys, looked very convincing that program did, can see why people fall for it.
it was knocking out avast and spybot.
three cheers for myantispyware – hip hip, hooray !
I can’t get SDFIX to run .. does it work on Vista?
When I double click RunThis.bat the box just won’t stay, just flashes up for a split second??? Any hints?
Looks like spyware blocked it.
Read these instructions.