How to Delete a Brave Sentry

The Windows Registry contains extensive information about how your computer runs. Because removal of the virus requires extensive changes to the Windows Registry via the Registry Editor, it is important to back up the Registry prior to beginning the virus removal process.

For infected Windows Vista computers: Click Start. Type systempropertiesprotection in the Start Search box. Press Enter. Type the password if prompted and click Allow. Once the most recent restore points display, go to the System Properties dialog box on the System Protection tab and click Create. Type the name for this backup and click Create. Once the backup has been created, click OK twice to exit.

For infected Windows XP computers: Click Start, then Run. Type Windows\system32\restore\rstrui.exe, and click OK. Select a restore point on the Welcome page and click Next. Enter the name for the backup on the Create a Restore Point page and click Create. Once the backup has been created, click Close.

For infected Windows 2000 computers: Use the Backup utility to create an Emergency Repair Disk.

For infected Windows 95 computers: Restart the computer in Safe Mode and log in as an administrator. Press F8 after the first beep occurs during start up, before the display of the Windows 95 logo. Select the first option in the selection menu to run Windows in Safe Mode. Click Start, then Run. Type cmd in the text box and press Enter. At the command prompt type the following lines, pressing ENTER after each line:
cd windows
attrib -r -h -s system.dat
attrib -r -h -s user.dat
copy system.dat *.bu
copy user.dat *.bu

For infected Windows 98 and Windows Me computers: Click Start, then Run. Type scanregw, and click OK. Click Yes when prompted to back up the registry. Click OK when notified that the backup is complete.

For infected Windows NT computers: Click Start, then Run. Type Ntbackup.exe and click OK to use the NT Backup tool to back up the registry.

If the operating system of the infected computer is either Windows Me or Windows XP, turn off System Restore while this fix is being implemented.

To turn off System Restore within Windows Me, click Start, then Settings, and then Control Panel. Double-click the System icon and select File System from the Performance tab. Left-click the Troubleshooting tab and check the Disable System Restore box. Click OK.

To turn off System Restore within Windows XP, log in as an administrator and click Start. Right-click on My Computer, and select Properties from the shortcut menu. Click the Turn off System Restore option for each drive on the System Restore tab. Click Apply, then Yes to confirm when prompted. Click OK.

Restart the computer in Safe Mode and log in as an administrator. Press F8 after the first beep occurs during start up, but before the display of the Windows logo. Select the first option from the selection menu to run Windows in Safe Mode.

Remove any program files from the computer. Click Start, then Control Panel, then Add/Remove Programs. Remove any programs referencing BraveSentry. If none are listed, continue to Step 4.

Use the Windows Search tool to determine if BraveSentry was removed with the program files. Click Start, then Search, then All Files and Folders. Type BraveSentry in the All or Part of the File Name section. Select All Local Hard Drives from the Look in: drop-down list for the best results. Click Search. Make note of the specific path where the file is located, typically C:\Program Files. This information will be necessary later in the removal process.

Use Windows Task Manager to end any BraveSentry processes that are running. Press Ctrl+Alt+Del to open Task Manager. Click BraveSentry within the Applications tab and click End Task. Click the Processes tab and sort by the image column to locate and end the following processes:

BraveSentrySetup[1].exe
dxvwabxj.exe
vxgame[X2].exe
voi[X1].exe
taskdir.exe
services.exe
maxd64.exe
kerneles8.exe
alg.exe
xpupdate.exe
win32.exe
vxh8jkdq[X2].exe
vxgamet[X2].exe
xpupdate.exe
bravesentry.exe

Open the Registry Editor and remove all BraveSentry registry values. Click Start, then Run. Type regedit and click OK. Locate the following values, right-click them and select Delete to remove the following entries:

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bravesentry
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runbravesentry
HKEY_CURRENT_USER\software\bravesentry\updates
HKEY_CURRENT_USER\software\bravesentry\systemsecurity
HKEY_CURRENT_USER\software\bravesentry\scan
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bravesentry
HKEY_CURRENT_USER\software\bravesentry
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run bravesentry
HKEY_CURRENT_USER\software\bravesentry\updates
HKEY_CURRENT_USER\software\bravesentry\system security
HKEY_CURRENT_USER\software\bravesentry\scan
HKEY_CURRENT_USER\software\bravesentry

Access the command prompt to unprotect the related program files and enable deletion. Click Start, then Run. Type cmd and click OK. Type cd at the command prompt (for change directory), press the space bar and type the name of the full directory path of the file that was determined in Step 3, typically C:\Program Files\BraveSentry.

At the command prompt, type attrib -a -s -h bravesentry.exe and press Enter. Repeat the process using the following commands:
attrib -a -s -h BraveSentrySetup[1].exe
attrib -a -s -h dxvwabxj.exe
attrib -a -s -h vxgame[X2].exe
attrib -a -s -h voi[X1].exe
attrib -a -s -h taskdir.exe
attrib -a -s -h services.exe
attrib -a -s -h maxd64.exe
attrib -a -s -h kerneles8.exe
attrib -a -s -h alg.exe
attrib -a -s -h xpupdate.exe
attrib -a -s -h win32.exe
attrib -a -s -h vxh8jkdq[X2].exe
attrib -a -s -h vxgamet[X2].exe
attrib -a -s -h xpupdate.exe
attrib -a -s -h bravesentry.exe

Unregister all instances of BraveSentry DLL files from the command prompt. Type cd at the command prompt, press the space bar and type the name of the full directory path of the DLL files. The files must be unregistered before removal by typing the exact directory path + regsvr32 /u c:\program files\BraveSentry\bravesentry0.dll, and pressing Enter. Repeat the process using the following commands:

regsvr32 /u c:\program files\BraveSentry\zlbw.dll
regsvr32 /u c:\program files\BraveSentry\winbixnkq32.dll
regsvr32 /u c:\program files\BraveSentry\tio[X1].dll
regsvr32 /u c:\program files\BraveSentry\msupdate32.dll
regsvr32 /u c:\program files\BraveSentry\comdlg64.dll
regsvr32 /u c:\program files\BraveSentry\bravesentry3.dll
regsvr32 /u c:\program files\BraveSentry\bravesentry2.dll
regsvr32 /u c:\program files\BraveSentry\bravesentry1.dll

Type exit and press Enter to close the command prompt and return to Windows.

Remove any other miscellaneous BraveSentry files. Click Start, then click Search and select All Files and Folders. Type bravesentry.exe in the All or Part of the File Name field. Select All Local Hard Drives from the Look in: drop-down list. Click Search. Right-click the file name and select Delete from the shortcut menu. Repeat this process for all of the following files:

BraveSentrySetup[1].exe
BraveSentry.lnk
BraveSentry
dxvwabxj.exe
Explorer 2238
vxgame[X2].exe
voi[X1].exe
taskdir.exe
services.exe
maxd64.exe
kerneles8.exe
alg.exe
zlbw.dll
winbixnkq32.dll
tio[X1].dll
msupdate32.dll
comdlg64.dll
bravesentry3.dll
bravesentry2.dll
bravesentry1.dll
bravesentry0.dll
xpupdate.exe
win32.exe
vxh8jkdq[X2].exe
vxgamet[X2].exe
desktop.html
vxgame[X2].exe
voi[X1].exe
taskdir.exe
services.exe
maxd64.exe
kerneles8.exe
alg.exe

Once all of the files are deleted, remove the BraveSentry program folder.

Reboot the PC.

If BraveSentry still resides on the computer, repeat the above steps or try using a free automatic removal program from Trend Micro or AVG listed in the reference section below.