Tuesday, February 3, 2009

CommonName.Browser BHO

Click here to remove CommonName.Browser malware
CommonName.Browser description:
CommonName.Browser Category:BHO
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.

Detection CommonName.Browser :

CommonName.Browser Registry Keys:
HKEY_CLASSES_ROOT\babeie.agentie
HKEY_CLASSES_ROOT\babeie.agentie.1
HKEY_CLASSES_ROOT\babeie.handler
HKEY_CLASSES_ROOT\babeie.handler.1
HKEY_CLASSES_ROOT\babeie.helper
HKEY_CLASSES_ROOT\babeie.helper.1
HKEY_CLASSES_ROOT\clsid\{6656b666-992f-4d74-8588-8ca69e97d90c}
HKEY_CLASSES_ROOT\CLSID\{9346A6BB-1ED0-4174-AFB4-13CD4EC0AA40}
HKEY_CLASSES_ROOT\interface\{2d0f5208-3198-49a4-86a7-d65e9e582751}
HKEY_CLASSES_ROOT\interface\{99908473-1135-4009-be4f-32b921f86ed9}
HKEY_CLASSES_ROOT\PROTOCOLS\Handler\cn
HKEY_CLASSES_ROOT\typelib\{d879d743-e2cc-4161-8034-2234203681c9}
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\add a page note
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\bookmark this page
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\email this link
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\search using commonname
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\advancedoptions\commonname
HKEY_CLASSES_ROOT\clsid\{00d0cfe2-8fdf-4fee-b396-cd42c0b9663a}
HKEY_CLASSES_ROOT\clsid\{9346a6bb-1ed0-4174-afb4-13cd4ec0aa40}
HKEY_CLASSES_ROOT\protocols\handler\cn
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00d0cfe2-8fdf-4fee-b396-cd42c0b9663a}

Removing CommonName.Browser:

you can run trial version of ExterminateIt, or remove CommonName.Browser manually.

To completely manually remove CommonName.Browser malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with CommonName.Browser.

Read also:
Remove Zaphod Backdoor
Win32.Except Trojan Information
Calego Trojan Symptoms
Alicia.version Backdoor Cleaner
persianstat.com Tracking Cookie Removal

Posted by kohanucyesigol at 1:48 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)