braviax.exe is a malware that also installs rogue security applications and display false alert on compromised computer. If your computer infected, then you have a red circle with a white X in your taskbar that is constantly telling you, that you have a virus
Your computer is infected!…
Starting in July 2009, this malware installs PC Security 2009.
HijackThis shows it
O4 – HKLM\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
O20 – AppInit_DLLs: cru629.dat
Follow these steps to remove braviax infection
Download SDFix and save the file to your desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix)
Reboot your PC in Safe mode.
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.
Open the SDFix folder and double-click RunThis.bat.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Close any open browsers.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
after many many failed attempts to remove braviax.exe
this instruction to use sdfix and combofix did the trick!!
Thank you thank you
Been really suffering with braviax etc (its a real nasty one!) but this seems to have worked….only time will tell if its still lurking somewhere on my machine…..
Brilliant THANX!
i checked both the above mentioned softwares yet the problem is not resolved. below is the report text of combobox
…
2 mahendra.t.s, please follow the steps: How to use Spyware Removal Forum
braviax is dead! THANK YOU!!
followed these instructions and kicked braviax\’s ass.
Highly recommended, thank you very much,
Steve
I suggest your site and method to all my readers. Thank you very, very much.
BigDadGib
came home, found this on the family pc – shitty norton and zonealarm did nothing to proect it, spybot and avg wouldn\’t install, hijackthis wouldn\’t run, but these two tools got me right.
one note – sdfix must be run in safe mode, and at least for me, it took a really long time to start up, I thought it had locked, but it was actually still working.
thanks for putting the info out there
BigDadGib, glad to help your readers.
Richard, i`ve just added “Safe mode” step in the tutorial.
Glad to help you.
I ran sdfix in safe mode, it took a really long time and now I can\’t get past my screensaver. It doesn\’t seem to do anything anymore. Help!
braveheart, probably your screensaver has been infected and sdfix removed it.
I would recommend that you follow the instructions and post your logs in the spyware removal forum.
Wow, it worked.
Ty man
Patrik,
My computer has the braviax.exe malware. I followed your instructions on How to remove braviax.exe/cru629.dat/users32.dat malware . I installed ERUNT and ran it. It worked fine. Then I saved SDFix on the desktop and ran it, but it did nothing. It did not create the directory: C:\SDFix.
I registered under KASF in the forum and installed HijackThis. It provided an Icon, but when launched did nothing – it does not give – Do a system scan and save a logfile button.
Can you give me any help on what to do next?
Thanks,
KASF
Worked for me too! Thanks! Whew, I’m glad that piece of trash is gone.
Never mind the earlier note. After changing the file name to SDFix1, I was allowed to run it. Then there was a problem in Safe Mode with “Cannot load VDM IPX/SPX support”. There is a fix for that at rumkin.com/reference/problems/csnw.php. After those two changes were made, it worked!!!! It took awhile (especially the first 25% in Safe Mode), but it is well worth it.
Thank you so much! It is wonderful to have my computer back again!
KASF
Thank you for your help!! This is the one and only solution to get rid of the braviax problem. Great job!!
Thanks! Great instructions. They really did the job. Who makes these shitty trojans?
unknown peoples 🙁
Just ran the fix, and all is well again!!!! Thanks a mil!
tried my usual methods to fix this but was unsuccessful… followed your instructions and it cleared up the infection… i would have liked to also know how to do a manual search and removal of this problem to have a better understanding of exactly what needed to be done and how to manually do that. Thanks for your clear and simple instructions and help in resolving this (these?) problems.
Wished you’d mentioned what Windows systems this is compatible with…wasted a lot of time trying to get the SDFIX.exe file to open in WIN XP…which, of course, is not compatible with either SDFIX or COMBOFIX.
Any recommendations for XP users?
My SINCEREST thanks for all who are involved in this site, and most of all, to the creators of SDFix and combofix!!! Incredible! I was terrified like a little CHILD when faced with braviax and cru629! THANK YOU! I LOVE YOU! GOD BLESS!! SDFix worked on all but the cru629 garbage, which it could not remove. Combofix took care of it easily. You have NO idea how grateful I am! Please let me know what I can do to support you! I will be spreading the good word in the meantime….
T.Wanner, sdfix and combofix 100% compatible with windows XP.
Rory Concannon, if you want to support Myantispyware site, then make a link from your site to us.
Thanks Patrik & co, that worked!
T.Wanner – It does work for XP – read note 1 above. The variant of this nasty bit of malware that I had prevented me from running hijackthis or SDFix without renaming – click on them and nothing happens.
Kaspersky couldn’t handle it. But you have nailed it!! Thank you . . . I was reaching for the restore disc!
I battled AntiVirus XP 2008 and Malware Protector 2008 for two weeks. Never knew about Braviax or your fix until today (07/10/08). Looks like the problem is resolved. Thanks a mil.
Ok…so far ive renamed SDFix and Combofix, restarted in Safe Mode, hit install in SDFix…then what? Where do i “open SDFix folder and double click RunThis.bat”? Please help, im a hack with computers…
wow what an ordeal. CRU629.DAT keeps on popping back, even after inserting a read-only file in it\\\\\\\’s place. All types of trojans were on the machine. Various antispyware programs were used to clean them out and none can clean up this mother of all trojans. How does it get infected in the first place? This machine never surf the web at all. And what does it do?