I have a Good Friend....almost like a father. :angel:
I owe this fellow my life.

I've determined that he's got a keystoke logger named:
BRONTOK.A[18].NorBet

In.....C:\Documents and Settings\HP_Administrator\My Documents\My Pictures\about.Brontok.A.html

It's only in the pic file because he moved it. :lip:

(this thing evidently has several names...depending on what program you prefer)

Kaspersky Internet Security version 7.0.325 even can't
Quarantine it.
My opinion..The best Paid for $uite available.

Has anyone here had this infection, and .... does anyone think SpyBot might remove it?

I'm no genius...but this poor fellow is totally clueless and is ready to just junk a 4month old HP desktop and go buy a new one. :clown:

Too much $$, and not enough knowledge.

Any advice or suggestion are much appreciated.

I could post a hijackthis log...but it'd be SO fubared...everyone would be laughing for months + it'd take a 75 mile round trip to his HP 'puter.

If that's what's required..Oh WELL? :sad:

Groucho
(yep..I searched first...no relevant results)
BTW: Googling this will yield..little.

http://i143.photobucket.com/albums/r131/tk_it_ez/buried.gif

Hello groucho,



I've determined that he's got a keystoke logger named:
BRONTOK.A[18].NorBet

In.....C:\Documents and Settings\HP_Administrator\My Documents\My Pictures\about.Brontok.A.html
<snip>
I'm no genius...but this poor fellow is totally clueless and is ready to just junk a 4month old HP desktop and go buy a new one. :clown:
<snip>

I could post a hijackthis log...but it'd be SO fubared...everyone would be laughing for months + it'd take a 75 mile round trip to his HP 'puter.

If that's what's required..Oh WELL? :sad:


Why do you believe your friend has a keylogger, about.Brontok.A.html is a worm. There may be other malware on the computer.

We would need to see a log and it is pretty simple to produce one, so he could probably do it himself without you driving 75 miles. ;)

http://forums.spybot.info/showpost.php?p=1150&postcount=2
Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22)

Best regards.

Thanks for the fast reply tashi!

I only know that Kaspersky Internet Security tagged it as a: keystroke logger.

I can't remember exactly, but there were many variations of the same evil thing when I googled that entire phrase.

I'd send him the .exe file for version 1.6 (nice upgrade: btw), but I'm certain his email would strip any .exe file.

I'll just call Jim and tell him how to install the program.
No big deal....I Hope.

Think Spybot would catch it?
I wouldn't do without it! :nono:

Groucho....from Africa....a Country with many states:
Courtesy of our (almost) Vice President.
TOO close to --> :crowned:

Hi groucho, :)




Think Spybot would catch it?
I wouldn't do without it! :nono:


If your friend manages to install, update and run Spybot-S&D, which detects certain variants of Brontok, we could go from there.

Cheers.