Papa Smurf
November 2nd, 2008, 11:01 PM
So, I've been recently hit by this Adware/spyware. It was quarantined by NOD32 v3.0. I noticed NOD was blocking addresses from connecting till my computer just restarted itself. I rebooted it up and I managed to find the problem that was causing all of it and it was file "brastk.exe" I disabled/deleted it from sysem32 and opened regedit to check if there was any startup and no there wasn't.
11/1/2008 9:48:08 PM Real-time file system protection file C:\WINDOWS\system32\dllcache\figaro.sys Win32/Adware.UltimateDefender application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\DOCUME~1\Owner\LOCALS~1\Temp\wJQs.exe.
I then ran SysInspector and didnt find any "brastk.exe, figaro.sys, karna.dat, and wJQs.exe". Think I'm safe or still infected?
Edit:I just realized this might be in the wrong forum section. If so, I'm sorry if a mod can move this to the right section thanks.
11/1/2008 9:48:08 PM Real-time file system protection file C:\WINDOWS\system32\dllcache\figaro.sys Win32/Adware.UltimateDefender application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\DOCUME~1\Owner\LOCALS~1\Temp\wJQs.exe.
I then ran SysInspector and didnt find any "brastk.exe, figaro.sys, karna.dat, and wJQs.exe". Think I'm safe or still infected?
Edit:I just realized this might be in the wrong forum section. If so, I'm sorry if a mod can move this to the right section thanks.