braviax.exe is a malware that also installs rogue security applications and display false alert on compromised computer. If your computer infected, then you have a red circle with a white X in your taskbar that is constantly telling you, that you have a virus
Your computer is infected!…
Starting in July 2009, this malware installs PC Security 2009.
HijackThis shows it
O4 – HKLM\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
O20 – AppInit_DLLs: cru629.dat
Follow these steps to remove braviax infection
Download SDFix and save the file to your desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix)
Reboot your PC in Safe mode.
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
Open the SDFix folder and double-click RunThis.bat.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Close any open browsers.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Hey,
Just wanted to say thanks for this fix. It has been driving me NUTS! But after a few minutes following through your great post, I’ve been able to completely resolve this issue.
Thanks sooooooo much Patrik!!!!!
Bob,try Kaspersky.
Steve, looks like your PC is infected with new version of braviax, Please make new topic at our Spyware removal forum.
Thanks a lot for this post. You saved me a lot of time…:-)
Hi,
I’ve had three serious virus attacks over the last two years, the first two required a reformat.
I was running Nod32 & Superantispyware and still I got infected with Braviax…
In my view an anti virus program should prevent infection in the first place… Nod32 failed to do this.
secondly, if infected it should be able to clean it off. Nod32 + Superantispyware & Vipre failed to do this.
Desperate I tried SDFix and it looks like it’s working…
I’d be hapy to pay for this software..
I’ll let you know if it works…
Yes,It has just finished it’s scan and it definately looks like it worked..
Thanks
Information for other readers.
The version of Braviax that infected my PC would not allow me to install SDFix until after I had changed the program name to SDFix2.
It also disables any attempt to load other anti-virus or spybot programs – I tried several.
Once SDFix is installed, reboot in WIndows safte mode with networking and download Malwarebytes Anti-malware. Install that and any updates. At this point I diconnected the PC from internet (removed Ethernet cable) as during several attempts to resolve this, I had the impression the virus was replicating and maybe downloading copies from the internet – I may have been wrong.
Then run SDFix, allow that process to work through (it will reboot, start WIndows normally and run a second process to finish) then again reboot and come back into Windows Safe Mode. Run Malwarebytes – it will find other bad files and registry entries and fix these. As a precaution, I had also downloaded and installed SuperAntiSpyware while installing Malware bytes above – so I now ran SAS but this did not detect any virus or bad files – so Malwarebytes is probably enough.
Very nasty virus took me a whole day to fix. Have no idea how the PC came to be infected. It was all ok one night but in the morning AVG had detected the virus. I pre-screen all emails, don’t visit dodgy websites and have Zone Alarm installed. I’ve now taken Patriks advice and purchased the Kaspersky software.
Many thanks Patrik for producing SDFix – your work is much appreciated!
Yeah this rock hard!!!
After almost a day of trying to fight this stupid thing by finding and deleting it in start up reg. and in my systems. SDfix kills it in about half an hour. Great stuff just simply great.
(Important) if you save the extractable file and it will not open when clicked. simply add a ‘2’ at the end of the name and it will open. (Important)
Hey thanks a lot dude…….this trick worked for me,i was trying to stop this shit (braviax.exe) from eve but i cudn’t,at last saw ur trick and the problem has been solved……
cheers!!!!!!!!
Helped me. Thank you!
Thank You guys! It worked!
Patrik,
Was infected by the braviax virus from a website, but managed to find your site. Followed your instructions — SDFix, Malwarebytes, etc. — and virus eradicated. I run both Norton Antivirus and Zonealarm, but the virus easily evaded both. Any ideas on how did my machine get infected? And, seeing that those two apps can’t protect me, what should I do to prevent infection in the future?
Too bad you don’t have a PayPal link — the service you provide is worth compensation.
Red, probably your Windows verison is not up to date. Check it. Also use Firefox or Opera as your default browser. Also you should have an antispyware program. Full version of MalwareBytes or SuperAntispyware (only full version have autoprotection) or good and free SpyBot.
What the F. hell is “safe mode”?
Tim, read more about safe mode here – http://www.myantispyware.com/2009/03/01/how-to-reboot-computer-in-safe-mode/
It helped to remove. But Spybot doesn’t work anymore. I reinstalled it. But then was computer immediately again infected – NOD32 informed. And Spybot stpped to work. I repeated SDfix and mbam and I cleaned computer again. But now I don’t know what to do, that I can use Spybot again. I am afraid to install again, because I think braviax come again. Can someone help?
Hi again. After 1st reboot computer was infected again – it was worse – instead 5 treads, noe there were 17!!!!!!!
Please, help me – I don’t know what to do anymore. Must I really format disk?
Heeeeeelp!
Rajko, probably your PC infected with a new version of braviax. Ask for help at our Spyware removal forum.
Thank you so much….all of the sudden my lap top puked out like 143 infections of all kinds of nasty things, including braviax. I don’t know what I did to deserve that honor, but my lap top was hijacked and I couldn’t use anything. I followed the steps, and got rid of all that junk….so I hope and pray that it won’t come back. Thank you sooooooooo much, you rock.
Please help…I am trying to remove the braviax trojan from the computer using the steps you\’ve given. However, when I get to the part that says to reboot the computer in safe mode, it wont allow me to do that. When I press F8, and select safemode, a blue screen pops up saying that I am seeing this screen because my computer is trying to protect itself, and there is a virus detected. The only thing I can do at that point is reboot again. The only way I can get through is to select start normally. What can I do to get through this?
Hey, I have the braviax crap, and I can’t get rid of it. I followed the instructions step by step 110%, and it’s still there. I have Avast! Pro, Spyware Doctor, and AVG, and they all seem to catch it but it keeps coming back.. any help? Thanks..
Thanks Guys – My computer picked up the Braviax virus and Eset couldn’t deal with it.
I tried everything from Smit Fraud Fix, to CC Cleaner, to Hijack This, and more.
Only did SD Fix do the trick.
Fantastic, my short lived relationship with Braviax is now over!
This worked a treat..that Bravia was doing my nut ion…..thanks so much.
That’ll teach me to go to PtP sites…I got it off Piratebay!!!
It was quite easy to follow the simple instructions…and I’m def not a PC whizz by any means.
Thanks again.
Trevor, ask for help at our Spyware removal forum.
Hi, Just started up my PC this morning..Its back!!! 🙁 And, its NOT allowing me entry to my Security section in Control Panel…
Anyone got any ideas why??
Norrie, then make a new topic at our spyware removal forum.
Hah! Ha-HAH! Die, braviax, DIE!! Wow, thank you so much for this…I was fighting with the thing until 3 a.m. this morning and a couple more hours today and nothing worked. Symantec didn’t even notice it. So far this procedure seems to have worked like a charm!
I have a client that got caught by the BRAVIAX.EXE rootkit. However, when I start downloading your SDFix.exe, AVG Internet Security v.8.5 with all the latest updates (as of 9/2/2009) tells me that your SDFix.exe is Malware/Adware.
What’s up with that?
Wolfgang, this is false alert. SDFix is not a virus. Its contains file that used to stop system processes. Antivirus programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user.
I actually have the same problem that Mina has when I try to launch Windows in Safe Mode. I don’t see any other responses to her question, so I don’t know if it is known what would cause Windows to not be able to boot up in safe mode. I get the exact screen that she described as well.