Categories: BHO
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\s1ec
[%PROFILE_TEMP%]\s1rk
[%SYSTEM%]\br_rt.dll
[%WINDOWS%]\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
[%SYSTEM%]\br_rt-uninst.exe
[%PROFILE_TEMP%]\s1ec
[%PROFILE_TEMP%]\s1rk
[%SYSTEM%]\br_rt.dll
[%WINDOWS%]\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
[%SYSTEM%]\br_rt-uninst.exe
How to detect MyCpMads.Browser.Optimiser:
Files:
[%PROFILE_TEMP%]\s1ec
[%PROFILE_TEMP%]\s1rk
[%SYSTEM%]\br_rt.dll
[%WINDOWS%]\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
[%SYSTEM%]\br_rt-uninst.exe
[%PROFILE_TEMP%]\s1ec
[%PROFILE_TEMP%]\s1rk
[%SYSTEM%]\br_rt.dll
[%WINDOWS%]\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
[%SYSTEM%]\br_rt-uninst.exe
Registry Keys:
HKEY_CLASSES_ROOT\adspipe.adbot2
HKEY_CLASSES_ROOT\adspipe.adbot2.1
HKEY_CLASSES_ROOT\clsid\{582fdcf0-a82e-4fc1-a6f6-0d2f36881f63}
HKEY_CLASSES_ROOT\interface\{aedc088b-51de-4677-92df-ae0f978aac81}
HKEY_CLASSES_ROOT\typelib\{49570c69-425d-47a6-944d-5b035af58b09}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{582fdcf0-a82e-4fc1-a6f6-0d2f36881f63}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\br_rt
Removing MyCpMads.Browser.Optimiser:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Pigeon.FBB Trojan Removal
Bancos.GLA Trojan Removal
Link.DI.Residential.Gateways.Admin.login Trojan Information
Remove Pigeon.ERH Trojan
Talitum Downloader Removal
No comments:
Post a Comment