Results 1 to 3 of 3

Thread: PartnerBHO Trojan Remove

  1. 30-07-2009 #1
    xing
    xing is offline Members
    Join Date
    Jul 2009
    Posts
    14

    PartnerBHO Trojan Remove

    Good evening,

    I have a Vista and spybot install in it, as i do complete scan with spbot it says that i have trojan called PartnerBHO , but it can't remove it, it says me to restart but this trojan doesn't get remove. How can i remove PartnerBHO completely from system. Please HELP !
    Reply With Quote Reply With Quote
  2. 30-07-2009 #2
    worm4u
    worm4u is offline Member
    Join Date
    Dec 2008
    Posts
    239

    Re: PartnerBHO Trojan Remove

    HI,

    Fix the following entries with hijackthis :

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.abc.com/
    This entry should be fixed by HijackThis!

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    This entry should be fixed

    O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\Documents and Settings\All Users\Application Data\Partner\partner.dll
    Malware should be fixed at reboot

    O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL Check this at virustotal.com

    O4 - HKLM\..\Run: [M3000Mnt] Rundll32.exe M3000Rmv.dll ,WinMainRmv /StartStillMnt

    O23 - Service: Partner Service - Google Inc. - C:\Documents and Settings\All Users\Application Data\Partner\partner.exe
    Malware should be fixed at reboot,
    Google Wave - The next big thing in Online Collaboration?
    Reply With Quote Reply With Quote
  3. 30-07-2009 #3
    SeCTor 1
    SeCTor 1 is offline Member
    Join Date
    Mar 2008
    Posts
    177

    Re: PartnerBHO Trojan Remove

    You can use regedit.exe (included in Windows) to locate and delete these registry entries.

    Delete the registry key "{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}" at "HKEY_CLASSES_ROOT\AppID\".
    Delete the registry key "kt_bho_dll.dll" at "HKEY_CLASSES_ROOT\AppID\".
    Delete the registry key "{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" at "HKEY_CLASSES_ROOT\CLSID\".
    A key in HKEY_CLASSES_ROOT\ named "kt_bho.KettleBho", plus associated values.
    A key in HKEY_CLASSES_ROOT\ named "kt_bho.KettleBho.1", plus associated values.
    Delete the registry key "{86676E13-D6D8-4652-9FCF-F2047F1FB000}" at "HKEY_CLASSES_ROOT\TypeLib\".
    Delete the registry key "{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\".
    If PartnerBHO uses rootkit technologies, use RegAlyzer, RootAlyzer or our Total Commander anti-rootkit plugins.

    Source: spybot.info
    Reply With Quote Reply With Quote
« How to put an IP address onto your network card | Cat5 Patch Panel »

Similar Threads

  1. How to remove Trojan: win32/fakesysdef and trojan@winnt/alureon.s.
    By Barnard in forum Networking & Security
    Replies: 8
    Last Post: 28-08-2011, 09:50 AM
  2. How I can remove trojan PSW.x-Vir ?
    By Custidio in forum Networking & Security
    Replies: 5
    Last Post: 28-01-2010, 09:28 PM
  3. How to remove Trojan.JS.QAF?
    By Felisha in forum Networking & Security
    Replies: 4
    Last Post: 28-01-2010, 12:35 AM
  4. How to remove Trojan-Downloader.Dadobra.CP trojan?
    By Harper 21 in forum Networking & Security
    Replies: 5
    Last Post: 13-01-2010, 02:25 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Page generated in 1,713,914,166.36275 seconds with 16 queries