TechSpot

Brastk virus problems

By crispydog
Nov 22, 2008
  1. Got this horror on Wednesday.It disabled all my AV checkers,HJT, & corrupted ZA,stopped me visiting any security sites & redirected any security searches on google.
    Through this & other forums advise I have managed to delete all references/files with the names brastk,karna & antispyware 2009 from programs & registry.
    I have managed to reload ZA.I have run the 8-step guide,Avira (found 8 trojans),Avast & AVG all these now show me as being clean.
    Problems:
    Downloaded Malwarebytes & super anti spyware both will not install.
    XP system restore does not work.
    Cannot directly access sites like grisoft.com,symantec.com,trend etc,I get the unable to connect window,if I try to access thes sites via a google search I get redirected to some obsure search pages.
    HJT log attached any help would me much appreciated.
     
  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

  3. crispydog

    crispydog TS Rookie Topic Starter

    Downloaded HJT it will not install.
     
  4. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    That is Step #7

    What about steps 1 to 6 ?
     
  5. crispydog

    crispydog TS Rookie Topic Starter

    1,2,3 all run ok,java up to date,cant do 4 & 5 they wont install.
     
  6. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Try this
    Uninstall your current Antivirus software (hang on I'll check what it is...)

    Huh

    Un-install AVG
    and un-install Avast
    You cannot have 2 of them

    Un-install any other live protecting softwares as well
     
  7. crispydog

    crispydog TS Rookie Topic Starter

    uninstall zone alarm as well?
     
  8. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Yes all .
     
  9. crispydog

    crispydog TS Rookie Topic Starter

    ok,all gone

    Managed to install HJT log attached
     
  10. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Well done :grinthumb

    But sadly as per the guide, all attachments must be supplied
    These logs help diagnose your issue further
    Especially the MBAM log, this one, if issues found, can be updated and scanned again (as sometimes infections hide other infections, a double scan is required, obviously removing all issues at the end of the scan if found))
     
  11. crispydog

    crispydog TS Rookie Topic Starter

    Mbam still wont install,nothing happes when i open the installer.

    tried renaming it but no joy
     
  12. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

  13. crispydog

    crispydog TS Rookie Topic Starter

    I take it then my only option is to wipe the drive & reinstall XP.
     
  14. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Under extreme cases
    Where the support may take longer than actually re-installing Windows, and all drivers\Windows updates\ Programs and user data and settings
    It is sometimes stated just to re-install clean
     
  15. crispydog

    crispydog TS Rookie Topic Starter

    Finally managed to install & run mbam & sas,found lots of nasties,here's the logs.
     
  16. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    If you are not using RegistryBooster 2009, please un-install it
    Otherwise just stop it from running at startup by ticking and then fixing the following line in HJT
    Then restart


    Malwarebytes found and removed a few entries (which is great news)
    But I would suggest that you re-open it
    Then update it again (third tab)
    Then run a full scan again
    Basically malware can hide malware, running the second scan, can remove the hidden ones ;)

    Please reply back with a new Malwarebytes scan log
    And if anymore malware entries were found and removed
    Restart
    Run CCleaner again
    Then open HijackThis, and provide a new HJT log :)
     
  17. crispydog

    crispydog TS Rookie Topic Starter

    New logs below,thanks..
     
  18. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Please re-open HJT and tick and fix the following
    By the way, if you don't use PartyPoker, please un-install it from Add\Remove programs
    The same (as all above) may apply here:
    Then please re-run CCleaner, once more

    Once complete
    Please restart, once more
    And then reply with how the computer is presently running.?
    Can you now access sites like: grisoft.com ?

    If not, try this one last approach: (IE Reset) http://www.techspot.com/vb/post682762-2.html
     
  19. crispydog

    crispydog TS Rookie Topic Starter

    Seems to be running very well at mo,I can access all the sites that were denied previously with no redirects.
    A question about the reason to remove
    O4 - Global Startup: BN-WD54G Wireless Client Utility.lnk = C:\Program Files\BLUENEXT\BN-WD54G\Installer\WINXP\BCU.exe

    this is my wireless receiver/transmitter dongle.

    Many thanks for all the help,much appreciated.
    Russ.
     
  20. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Please leave that entry in
    Sorry about that, a search for BCU.exe came up with possible spyware
    As your file is attached to C:\Program Files\BLUENEXT\BN-WD54G\Installer\WINXP\BCU.exe
    Please leave it alone

    I have also amended the above reply of mine
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...