Search Box

Categories

• Advantages and disadvantages
• Business
• Cruises
• Electronics
• Finance
• Flight
• Games
• Insuranse
• Internet
  • Adsence
  • Antivirus
  • Hosting
  • SEO
• Lease
• Loan
• Mortage
• Nintendo
• Payable
  • Don't overpay
  • Overpay
• Technology
  • Android, Gphone
  • Mobiles
  • Scype
  • Viop
• Tourism

Latest News

• Nokia Download!
• T-mobile G2 like HTC Touch HD
• Morgage rates at 37-year low
• Cheep air tips
• Visa Mobile Application

RR Posts

• Anti virus software
• Macafe - Internet security Suite
• McAfee products
• Macafe security

Links

• California Home Loan Refinance

Meta

• Login
• Main Entries Rss
• Comments Rss

Brastk.exe - how to remove?

Posted by admin

This malware creates two files - brastk.exe and karna.dat, and makes a copy in the folders C:\Windows and C:\Windows\System32.
Moreover, it also creates two autorun entries in registry:

• HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  value called “Brastk” under run subkey
• HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows
  value AppInit_Dlls=Karna.dat

But the most important trick, is that Brastk replaces regular windows system file Beep.sys (4,224 bytes) to infected (27,648 bytes) in C:\Windows\System32\drivers.
This infected Beep.sys is an autoloader with brastk.exe and karna.dat files, installed any time system is rebooted.

To remove this malware you sholud:

1. Delete beep.sys
2. Start windows in safe mode and delete entries in registry
3. Delete Brastk.exe and Karna.dat

Posted in: Antivirus | November 2008

Leave a Reply

You must be logged in to post a comment.