Sign in to follow this  
Followers 0
Gaius

Spyware found - is it dangerous?

6 posts in this topic

Dear all,

 

I just found 12 spyware under the name "Partner BHO" or "PartnerBHO" in a brand new Toshiba laptop.

The spyware were only found by Spybot which I only use occasionally.

 

Any ideas how harmful they can be?

A search on the internet and the Kaspersky forum did not help alot.

Edited by Gaius Flavius Grecus

Share this post


Link to post
Share on other sites

Dear richbuff and everybody,

 

I believe this is the full report that you requested. Any ideas now as to what these are?

 

 

--- Search result list ---

PartnerBHO: [sBI $2FE4A5BE] Application ID (Registry key, fixed)

HKEY_CLASSES_ROOT\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}

 

PartnerBHO: [sBI $BE743C00] Application ID (Registry key, fixed)

HKEY_CLASSES_ROOT\AppID\kt_bho_dll.dll

 

PartnerBHO: [sBI $F3EE08ED] Class ID (Registry key, fixed)

HKEY_CLASSES_ROOT\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho.1

 

PartnerBHO: [sBI $14904C60] Class ID (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Browser helper object (Registry key, fixed)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho.1

 

PartnerBHO: [sBI $14904C60] Class ID (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Browser helper object (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

 

PartnerBHO: [sBI $14904C60] Root class (Registry key, fixing failed)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kt_bho.KettleBho

 

PartnerBHO: [sBI $6B47FF4E] Type library (Registry key, fixed)

HKEY_CLASSES_ROOT\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}

 

 

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

 

2009-01-26 blindman.exe (1.0.0.8)

2009-01-26 SDFiles.exe (1.6.1.7)

2009-01-26 SDMain.exe (1.0.0.6)

2009-01-26 SDUpdate.exe (1.6.0.12)

2009-01-26 SpybotSD.exe (1.6.2.46)

2009-01-26 TeaTimer.exe (1.6.4.26)

2009-01-26 Update.exe (1.6.0.7)

2009-01-26 advcheck.dll (1.6.2.15)

2007-04-02 aports.dll (2.1.0.0)

2008-06-14 DelZip179.dll (1.79.11.1)

2009-01-26 SDHelper.dll (1.6.2.14)

2008-06-19 sqlite3.dll

2009-01-26 Tools.dll (2.1.6.10)

2009-05-19 Includes\Adware.sbi (*)

2009-07-14 Includes\AdwareC.sbi (*)

2009-01-22 Includes\Cookies.sbi (*)

2009-05-19 Includes\Dialer.sbi (*)

2009-07-14 Includes\DialerC.sbi (*)

2009-01-22 Includes\HeavyDuty.sbi (*)

2009-05-26 Includes\Hijackers.sbi (*)

2009-07-14 Includes\HijackersC.sbi (*)

2009-06-23 Includes\Keyloggers.sbi (*)

2009-07-14 Includes\KeyloggersC.sbi (*)

2004-11-29 Includes\LSP.sbi (*)

2009-07-14 Includes\Malware.sbi (*)

2009-07-14 Includes\MalwareC.sbi (*)

2009-03-25 Includes\PUPS.sbi (*)

2009-07-14 Includes\PUPSC.sbi (*)

2009-01-22 Includes\Revision.sbi (*)

2009-01-13 Includes\Security.sbi (*)

2009-06-02 Includes\SecurityC.sbi (*)

2008-06-03 Includes\Spybots.sbi (*)

2008-06-03 Includes\SpybotsC.sbi (*)

2009-04-07 Includes\Spyware.sbi (*)

2009-07-07 Includes\SpywareC.sbi (*)

2009-06-08 Includes\Tracks.uti

2009-07-14 Includes\Trojans.sbi (*)

2009-07-14 Includes\TrojansC.sbi (*)

2008-03-04 Plugins\Chai.dll

2008-03-05 Plugins\Fennel.dll

2008-02-26 Plugins\Mate.dll

2007-12-24 Plugins\TCPIPAddress.dll

 

 

 

--- System information ---Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)

/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)

/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)

 

Share this post


Link to post
Share on other sites

That comes pre installed on some new PCs. Remove or keep, either way is ok.

Share this post


Link to post
Share on other sites

Thanks very much richbuff. Much appreciated.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0