How to Remove Braviax.exe from your Computer

Braviax.exe is a nasty infection that has left many computer users scratching their heads.  The file was first discovered in the European Union on January 31st 2008, and has also been observed in the United Kingdom and Spain.

File Information

There are many versions of this program and file sizes may vary, but the most common file sizes are 11,264 bytes and 13,312 bytes. Braviax.exe is added to the registry as an auto start process, which means that the program loads on system startup and creates and executes processes on your system. Braviax.exe is commonly associated with the malware group System Defender: Spyware-a.

These are some of the other names that this nasty spyware uses:

  • 27044453.SVD
  • 64016548.EXE
  • 30083895.EXE
  • 44263592.EXE
  • 79835338.PE_
  • A0005354.EXE
  • A0006354.EXE
  • A0006355.EXE
  • A0007354.EXE
  • A0007355.EXE
  • A0007361.EXE
  • A0007362.EXE

What Braviax.exe Does

Braviax.exe is scamware that scares the infected user into purchasing the System Defender software for $49.95.  The program then shows a notification balloon indicating that the user has infections that should be removed with System Defender.

Here is an example of what the fake threat alert looks like:

"WARNING! SystemDefender has detected 61 SPYWARE objects on your computer! Malicious objects found on your computer, if not cleaned immediately, are likely to lead to:
- Window slowdowns, freezes, and crashes
- Computer unpredictable or erratic behavior
- Your internet surfing privacy violation
- Your local and online access passwords theft"

Some users have also made the mistake of downloading software that braviax.exe links to. These software won’t heal your PC and are just more scamware that will need to be removed.

How Braviax.exe works

Braviax.exe is known to use a software packing process to pack or encrypt itself.

The file changes the search page for Internet Explorer and can create and register a browser help object in IE.  It can also disable the Windows Security Center notification balloon. This executable can also disable the Windows firewall installed on your system. The malicious file can not only create unwanted processes on your PC, but it also possesses the capability to delete essential processes.

Using HTTP protocols, this process can communicate with other systems, execute infected processes and register malicious dynamic link library files. If you find your Startup settings altered, this is because the braviax.exe file can change Windows initialization and system settings used at Startup. If that was not enough, braviax.exe also has the capability to hijack the virtual memory process.

How To Remove Braviax.exe From Your Computer:

You may use the following method to manually remove the braviax.exe infection from your computer:

  1. Take yourself off the internet. If the malware cannot find the internet, additional malware cannot be downloaded.
  2. Boot your machine with the Windows XP setup disk.
  3. When the Welcome to Setup screen for Windows installation comes up, press R to go to the Recovery console.
  4. Use cd command to go to the Windows directory.
  5. To delete the virus files, type the following commands and then press Enter:
  6. del braviax.exe

    del cru629.dat

  7. Use cd command to navigate to the C:\WINDOWS\SYSTEM32\DLLCACHE directory.
  8. Type del beep.sys and press Enter to delete the file.  If you fail to delete this file, braviax.exe may continue hounding you.
  9. Enter exit to close Recover Console and restart your PC.
  10. Reboot in Safe mode.

10.  Once in Safe mode, go to Start and then go to Run.

11.  Type regedit and press Enter to launch Registry Editor.

12.  Go to My Computer. Click on the Edit menu. Select Find.

13.  Type in braviax in the dialog box. Delete all entries you find that refer to braviax. Continue the search until all entries have been found and deleted.

14.  Repeat the process but this time look for cru629. Delete all entries that relate to cru629. Continue the search until no entries relating to cru629 remain.

The above steps should get rid of braviax.exe and cru629.dat.

Note: Beep.sys is normally a legitimate Windows program and seems to be the key to prevent braviax.exe from reinstalling. Basically, removing the beep.sys file  from your system results in the loss of the beeping sound that you hear upon Startup. If you would like to keep the beeping sound, simply copy the file from an uninfected computer and replace it.

The manual method for removing the infection is quite time-consuming and the chances of deleting a required registry entry or system file are quite high. This is the reason why an effective and a safer way to get rid of the infection is to use good antivirus and anti-spyware tools to scan and disinfect your PC. After the process is complete, run a registry scan as well to repair any error that may have been left behind.

Maintaining your computer’s health isn’t just about running regular scans with reliable registry cleaners, antivirus and anti-spyware programs.  Computer health is also about safe Internet surfing. You must keep in mind that the widest and most commonly available way of disseminating viruses and other malware is through the internet. Don’t go to sites that are marked as possibly threats to you and your computer, and stay away from sites that are known to be virus repositories.

An ounce of prevention is worth a pound of cure when maintaining your computer’s health.