[Closed] BRASTIA - how can I kill it once and for all?

try Spybot.

Sounds like you have a DNS server Trojan dude

Why not just do a full OS install ?

There are specific removal tools for that - google them
I'd do as lowey suggests though - make sure you format all discs & partitions

2nd formatting and re-install, my HDD's on its last legs so gets that treatment anyway every few months.

a bit of success!!!

I noticed an uberdodgy looking file in the main Spybot folder. I deleted it but before I had returned from the recycle bin another dodgy had appeared. I renamed the main Spybot prog file, deleted the new dodgy and then was able to open Spybot, hoorah. It's checking and immunizing it's life away now. Same trick hasn't worked for Kasp. I'll keep you posted.

boogies found so far inc:

smitfraud
virantix
agentpz
mywebsearch

and bunch of other cack in the reg which has now been fixed

still hunting!

You could also try ComboFix, though depending on what you've got you're 'fake' AV could try and pretend that it's malware and not let you get to the site - If so, let me know and I'll host it somewhere for you to grab a copy of it.

Take off and nuke the site from orbit - only way to be sure.

Or, a re-partition and format of all affected drives. Software is fine as a shield during operation, but you can't trust it for a deep clean IMO.

Scienceofficer - Member
Take off and nuke the site from orbit - only way to be sure.

Ace quote - Aliens?

[url=

yes[/url]

Just got to get rid of agent pz now. Hopefully Kasp will start working again after that.

Agreed though, I doubt it'll be completey clean again.

new update: SDfix has got Kasp working again. RegMechanic has closed some of the holes. There are still bugs but they're being dealt with. Annoyingly brastia still appears in the start.ini and will continue to do so until I can find the system files that have been buggered.