Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting (click here to read the full text RU/EN)   09/20/2017

      Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published. || По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.
Sign in to follow this  
Gaius

Spyware found - is it dangerous?

Recommended Posts

Dear all,

 

I just found 12 spyware under the name "Partner BHO" or "PartnerBHO" in a brand new Toshiba laptop.

The spyware were only found by Spybot which I only use occasionally.

 

Any ideas how harmful they can be?

A search on the internet and the Kaspersky forum did not help alot.

Edited by Gaius Flavius Grecus

Share this post


Link to post

Dear richbuff and everybody,

 

I believe this is the full report that you requested. Any ideas now as to what these are?

 

 

--- Search result list ---

PartnerBHO: [sBI $2FE4A5BE] Application ID (Registry key, fixed)

HKEY_CLASSES_ROOT\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}

 

PartnerBHO: [sBI $BE743C00] Application ID (Registry key, fixed)

HKEY_CLASSES_ROOT\AppID\kt_bho_dll.dll

 

PartnerBHO: [sBI $F3EE08ED] Class ID (Registry key, fixed)

HKEY_CLASSES_ROOT\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho.1

 

PartnerBHO: [sBI $14904C60] Class ID (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Browser helper object (Registry key, fixed)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho.1

 

PartnerBHO: [sBI $14904C60] Class ID (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Browser helper object (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho

 

PartnerBHO: [sBI $6B47FF4E] Type library (Registry key, fixed)

HKEY_CLASSES_ROOT\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}

 

 

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

 

2009-01-26 blindman.exe (1.0.0.8)

2009-01-26 SDFiles.exe (1.6.1.7)

2009-01-26 SDMain.exe (1.0.0.6)

2009-01-26 SDUpdate.exe (1.6.0.12)

2009-01-26 SpybotSD.exe (1.6.2.46)

2009-01-26 TeaTimer.exe (1.6.4.26)

2009-01-26 Update.exe (1.6.0.7)

2009-01-26 advcheck.dll (1.6.2.15)

2007-04-02 aports.dll (2.1.0.0)

2008-06-14 DelZip179.dll (1.79.11.1)

2009-01-26 SDHelper.dll (1.6.2.14)

2008-06-19 sqlite3.dll

2009-01-26 Tools.dll (2.1.6.10)

2009-05-19 Includes\Adware.sbi (*)

2009-07-14 Includes\AdwareC.sbi (*)

2009-01-22 Includes\Cookies.sbi (*)

2009-05-19 Includes\Dialer.sbi (*)

2009-07-14 Includes\DialerC.sbi (*)

2009-01-22 Includes\HeavyDuty.sbi (*)

2009-05-26 Includes\Hijackers.sbi (*)

2009-07-14 Includes\HijackersC.sbi (*)

2009-06-23 Includes\Keyloggers.sbi (*)

2009-07-14 Includes\KeyloggersC.sbi (*)

2004-11-29 Includes\LSP.sbi (*)

2009-07-14 Includes\Malware.sbi (*)

2009-07-14 Includes\MalwareC.sbi (*)

2009-03-25 Includes\PUPS.sbi (*)

2009-07-14 Includes\PUPSC.sbi (*)

2009-01-22 Includes\Revision.sbi (*)

2009-01-13 Includes\Security.sbi (*)

2009-06-02 Includes\SecurityC.sbi (*)

2008-06-03 Includes\Spybots.sbi (*)

2008-06-03 Includes\SpybotsC.sbi (*)

2009-04-07 Includes\Spyware.sbi (*)

2009-07-07 Includes\SpywareC.sbi (*)

2009-06-08 Includes\Tracks.uti

2009-07-14 Includes\Trojans.sbi (*)

2009-07-14 Includes\TrojansC.sbi (*)

2008-03-04 Plugins\Chai.dll

2008-03-05 Plugins\Fennel.dll

2008-02-26 Plugins\Mate.dll

2007-12-24 Plugins\TCPIPAddress.dll

 

 

 

--- System information ---Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)

/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)

/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)

 

Share this post


Link to post
Guest
This topic is now closed to further replies.
Sign in to follow this  

×