What is Brastk.exe And How To Remove It

What is brastk.exe ? Is it a Safe file?

Brastk.exe is a rogue process that is associated with various malware programs. If you find this process running on your computer, we strongly recommend that you get rid of it.

Generally, the brastk.exe is located in %system% folder and is known to exist in 10,752 and 10,240 bytes sizes.

Here, %system% is a variable that refers to the system folder on a Windows computer. By default, for Windows XP and Vista, it is C:\Windows\System32, for Windows NT and 2000, it is C:\Winnt\System32, and for Windows 95, 98, and Me edition it is C:\Windows\System

What malware are associated with brastk.exe?

The brastk.exe is known to be associated with the following Internet threats:

XP Antispyware 2009
TrojanDownloader:Win32/Renos [Microsoft]
Adware.Agent.ZO [PC Tools]
Backdoor.Win32.UltimateDefender [Ikarus]
Downloader.MisleadApp [Symantec]
Generic Downloader.x [McAfee]
Generic Dropper.bu [McAfee]
Generic FakeAlert.d [McAfee]
Mal/EncPk-EQ [Sophos]
Mal/TinyDL-T [Sophos]
Troj/FakeVir-GL [Sophos]
Trojan.Fakeavalert [Symantec]
Trojan.Virantix!sd6 [PC Tools]
Trojan.Virantix.C [Symantec]
Trojan.Win32.FakePowav [Ikarus]
Trojan-Clicker.Win32.Klik [Ikarus]
Trojan-Downloader.Win32.Small [Ikarus]
Trojan-Downloader.Win32.Small.agdo [Kaspersky Lab]
VirTool.Win32.Obfuscator.DF [Ikarus]
Virus.Win32.FakeAlert.AJ [Ikarus]
Virus.Win32.Virut.au [Ikarus]
Virus.Win32.Zbot.AQM [Ikarus]
Trojan Horse [Symantec]
Virus.Win32.Lighty [Ikarus]
TrojanDropper:Win32/Olmarik.A [Microsoft]
Trojan-Downloader.MisleadApp!sd6 [PC Tools]
Trojan:Win32/Renos.I [Microsoft]
Trojan:Win32/FakePowav [Microsoft]
Trojan.Virantix [Symantec]
Packer.Malware.Lighty.O [Ikarus]
Packer.Malware.Lighty.I [Ikarus]
Mal/Heuri-E, Mal/Emogen-G [Sophos]
Hoax.Win32.Renos.ffk [Kaspersky Lab]
Hoax.Win32.Renos.fei [Kaspersky Lab]
Downloader-BKK [McAfee]
Backdoor.Win32.TDSS.bnk [Kaspersky Lab]
Troj/FakeAle-ID [Sophos]
Backdoor.Win32.TDSS.bnh [Kaspersky Lab]
Backdoor.Win32.TDSS.bot [Kaspersky Lab]
Backdoor.Win32.UltimateDefender.gml [Kaspersky Lab]
Downloader [Symantec]
Generic FakeAlert.a [McAfee]
Generic.dx [McAfee]
Hoax.Win32.Renos.fef [Kaspersky Lab]
Hoax.Win32.Renos.fge [Kaspersky Lab]
Hoax.Win32.Renos.vbmz [Kaspersky Lab]
Mal/Generic-A [Sophos]
Troj/Dloadr-BVH [Sophos]
Troj/FakeAle-IH [Sophos]
Troj/FakeAle-IW [Sophos]
Trojan.Win32.Agent.apwo [Kaspersky Lab]
Trojan.Win32.Agent.anxj [Kaspersky Lab]
Troj/FakeAle-JW [Sophos]
Troj/FakeAle-JK [Sophos]
Trojan.Win32.Pakes.lcy [Kaspersky Lab]
Trojan.Win32.Pakes.lel [Kaspersky Lab]
Trojan.Win32.Pakes.lgf [Kaspersky Lab]
Trojan-Downloader.Win32.Agent.ajgl [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.veih [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.veif [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vega [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vdzy [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vdxe [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vdub [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vdpa [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vdoj [Kaspersky Lab]
Trojan-Downloader.Win32.FraudLoad.vdlg [Kaspersky Lab]
Trojan-Downloader.Win32.Agent.ajiw [Kaspersky Lab]
Win32.SuspectCrc [Ikarus]
Win-Trojan/Xema.variant [AhnLab]
Backdoor.Trojan [Symantec]
Trojan-Downloader.Win32.Agent.ajis [Kaspersky Lab]
Trojan-Downloader.FakeAlert.C [PC Tools]
Trojan.Win32.StartPage.dgv [Kaspersky Lab]
Trojan.Win32.Agent.aojn [Kaspersky Lab]
Trojan.Pakes!sd6 [PC Tools]
Trojan.Fakeavalert!sd6 [PC Tools]
TROJ_FAKEAV.RZ [Trend Micro]
Troj/FakeAV-FM [Sophos]
Troj/FakeAV-EZ [Sophos]
Troj/FakeAle-JB [Sophos]
Troj/FakeAle-IG [Sophos]
Rootkit.Win32.TDSS.aos [Kaspersky Lab]
PWS:Win32/Ldpinch.BO [Microsoft]
New Malware.h [McAfee]
Hoax.Win32.Renos.vazr [Kaspersky Lab]
Hoax.Win32.Renos.vaym [Kaspersky Lab]
Hoax.Win32.Renos.vate [Kaspersky Lab]
Hoax.Win32.Renos.fgh [Kaspersky Lab]
Hoax.Win32.Renos.fgg [Kaspersky Lab]
Hoax.Win32.Renos.ffl [Kaspersky Lab]
Hoax.Win32.Renos.fez [Kaspersky Lab]
Hoax.Win32.Renos.fen [Kaspersky Lab]
Hoax.Win32.Renos.fdc [Kaspersky Lab]
Hoax.Win32.Renos.evy [Kaspersky Lab]
FakeAlert-AB [McAfee]
Backdoor.Win32.TDSS.boc [Kaspersky Lab]
Backdoor.Win32.TDSS.bnr [Kaspersky Lab]
Backdoor.Win32.TDSS.bnq [Kaspersky Lab]

Does brastk.exe have any filename aliases?

Yes, it does. Brastk.exe is known to use the following file names:


Brastk.exe ? File Behavior

The brastk.exe process is recorded to perform the following behavior:

  • It contains User Mode Rootkit Functionality that enables it to hide itself from the current running processes list.
  • It can disable the Notification Balloon for the Windows Security Center.
  • It alters Internet Explorer?s home page.
  • It alters Internet Explorer search page.
  • It disables the built-in Windows Firewall, thus enables the malicious process to access the Internet without the user?s consent or knowledge.
  • It has the ability to communicate with other computers using the HTTP protocol.
  • It creates several other malicious processes.
  • It registers harmful DLLs (Dynamic Link Library).
  • It can inject codes into all legitimate running processes to allow itself to take control of the system or monitor keyboard and mouse activities.
  • It reads the user?s email address and phone address book details.
  • Modifies the registry to load itself automatically upon system boot.
  • It establishes outbound connections with other computers, using the NETBIOSOUT protocols.

Does brastk.exe appear in the current running processes list?

Brastk.exe may not appear in your list of currently running processes because it has the ability to hide itself from the list that shows all the current running processes on a computer.

Note: To view the list of current running processes on your computer, press Ctrl+Alt+Del, and then click on the Processes tab in the Windows Task Manager Window.

Brastk.exe ? Removal Process

To remove brastk.exe and its associated malware program, perform a thorough malware scan on your entire computer using advanced and top-rated security tools, such as STOPzilla Antivirus and Spyware Cease.