PUP.BoBrowser

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Ranking:	3,996
Threat Level:	10 % (Normal)
Infected Computers:	60,347

First Seen:	October 10, 2014
Last Seen:	June 2, 2025
OS(es) Affected:	Windows

Table of Contents

File System Details

PUP.BoBrowser may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	$R0EWC37.exe	05ad6dfec9d08f7b95a2b35c47a02f5b	3,787
Name: $R0EWC37.exe MD5: 05ad6dfec9d08f7b95a2b35c47a02f5b Size: 7.34 MB (7348224 bytes) Detections: 3,787 Type: Executable File Path: C:\$Recycle.Bin\S-1-5-21-194617704-2292787186-1676957016-1003\$R0EWC37.exe Group: Malware file Last Updated: February 5, 2025
2.	ebf87fa7-b488-487f-9971-c96f16e9c35d.exe	27a97ec4bbd8987cb29f91c6e962542d	3,577
Name: ebf87fa7-b488-487f-9971-c96f16e9c35d.exe MD5: 27a97ec4bbd8987cb29f91c6e962542d Size: 328.3 KB (328304 bytes) Detections: 3,577 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\OneDrive\Área de Trabalho\Backup - CCE\Windows7\Users\<username>\AppData\Local\Temp\ClaraDwl\ebf87fa7-b488-487f-9971-c96f16e9c35d.exe Group: Malware file Last Updated: August 22, 2024
3.	64602c96-051b-4d8a-8830-268df7c6347d[1].exe	fa8b58f49f253f326a45395c7d877f97	1,975
Name: 64602c96-051b-4d8a-8830-268df7c6347d[1].exe MD5: fa8b58f49f253f326a45395c7d877f97 Size: 325.74 KB (325744 bytes) Detections: 1,975 Type: Executable File Path: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PACSJHWG\64602c96-051b-4d8a-8830-268df7c6347d[1].exe Group: Malware file Last Updated: September 5, 2023
4.	5d28babe-55be-4a92-9019-4546fca07264.exe	b623c528c20ec47dc4bf81c1216f4ef1	1,424
Name: 5d28babe-55be-4a92-9019-4546fca07264.exe MD5: b623c528c20ec47dc4bf81c1216f4ef1 Size: 321.64 KB (321648 bytes) Detections: 1,424 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\ClaraDwl\5d28babe-55be-4a92-9019-4546fca07264.exe Group: Malware file Last Updated: November 9, 2022
5.	976dea09-70e4-46c4-be44-4abacd4f363c.exe	d657be6cb7dd57784742aed0bc303bbb	944
Name: 976dea09-70e4-46c4-be44-4abacd4f363c.exe MD5: d657be6cb7dd57784742aed0bc303bbb Size: 341.61 KB (341616 bytes) Detections: 944 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\ClaraDwl\976dea09-70e4-46c4-be44-4abacd4f363c.exe Group: Malware file Last Updated: May 3, 2023
6.	c2646b6d-4adc-4d7e-96e9-4d4fce8f2602[1].exe	c5d597dea24509ffa0c69e0dba391b01	330
Name: c2646b6d-4adc-4d7e-96e9-4d4fce8f2602[1].exe MD5: c5d597dea24509ffa0c69e0dba391b01 Size: 887.4 KB (887408 bytes) Detections: 330 Type: Executable File Path: %WINDIR%\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\c2646b6d-4adc-4d7e-96e9-4d4fce8f2602[1].exe Group: Malware file Last Updated: June 2, 2025
7.	YR4OWd1nXIOtrnSM83Kt9Lxtz99OBYR4OWd1nXIOtrnSM83Kt9Lxtz99OB_bb.exe	d8888771dcdea6b811d199c9b7193bcc	295
Name: YR4OWd1nXIOtrnSM83Kt9Lxtz99OBYR4OWd1nXIOtrnSM83Kt9Lxtz99OB_bb.exe MD5: d8888771dcdea6b811d199c9b7193bcc Size: 874.61 KB (874616 bytes) Detections: 295 Type: Executable File Path: %SYSTEMDRIVE%\os. 19621\Intel\os.17860\Jefther\AppData\Local\Temp\Temp\OYR4OWd1nXIOtrnSM83Kt9Lxtz99OBYR4OWd1nXIOtrnSM83Kt9Lxtz99OB\YR4OWd1nXIOtrnSM83Kt9Lxtz99OBYR4OWd1nXIOtrnSM83Kt9Lxtz99OB_bb.exe Group: Malware file Last Updated: May 22, 2025
8.	bobrowser_3010-10494ef2.exe	4d42a1035eff6126b2bd9c75310def8e	31
Name: bobrowser_3010-10494ef2.exe MD5: 4d42a1035eff6126b2bd9c75310def8e Size: 840.82 KB (840824 bytes) Detections: 31 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\n1862\bobrowser_3010-10494ef2.exe Group: Malware file Last Updated: February 5, 2025
9.	ClaraUpdater.exe.vir	09faa5eb732d7d4e2b38ce791bc6212e	27
Name: ClaraUpdater.exe.vir MD5: 09faa5eb732d7d4e2b38ce791bc6212e Size: 935.53 KB (935536 bytes) Detections: 27 Path: C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe.vir Group: Malware file Last Updated: July 13, 2022
10.	BoBrowser.exe	5300c9b559273485eb12e0d7678a0fa0	9
Name: BoBrowser.exe MD5: 5300c9b559273485eb12e0d7678a0fa0 Size: 705.16 KB (705168 bytes) Detections: 9 Type: Executable File Path: D:\Documentos Group: Malware file Last Updated: March 23, 2016
11.	BoBrowser(1).exe	9b8273408ac4d0b3b7d4ffbc9e7b8162	7
Name: BoBrowser(1).exe MD5: 9b8273408ac4d0b3b7d4ffbc9e7b8162 Size: 704.65 KB (704656 bytes) Detections: 7 Type: Executable File Path: %USERPROFILE%\Downloads Group: Malware file Last Updated: March 23, 2016
12.	ClaraUpdater.exe	70d5fdd21c8ac15c3ee8d2ab24e4e3cf	2
Name: ClaraUpdater.exe MD5: 70d5fdd21c8ac15c3ee8d2ab24e4e3cf Size: 940.76 KB (940760 bytes) Detections: 2 Type: Executable File Path: %SystemDrive%\Program Files (x86)\Common Files\ClaraUpdater Group: Malware file Last Updated: February 3, 2020

More files

Registry Details

PUP.BoBrowser may create the following registry entry or registry entries:

CLSID

{19041B6B-8F97-4669-BA21-C17572737ED2}

File name without path

BoBrowser.lnk

claraInstaller.txt

http_isearch.bobrowser.com_0.localstorage

http_isearch.bobrowser.com_0.localstorage-journal

http_www.bobrowser.com_0.localstorage

http_www.bobrowser.com_0.localstorage-journal

Regexp file mask

%windir%\System32\Tasks\Run_Bobby_Browser

HKEY..\..\..\..{RegistryKeys}

Software\BoBrowser

SOFTWARE\Classes\.htm\OpenWithProgIds\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.htm\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.html\OpenWithProgIds\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.html\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.shtml\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.shtml\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.webp\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.webp\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.xht\OpenWithProgIds\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.xht\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.xhtml\OpenWithProgIds\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Classes\.xhtml\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Classes\Applications\bobrowser.exe

Software\Classes\CLSID\19041B6B-8F97-4669-BA21-C17572737ED2

Software\Classes\Wow6432Node\CLSID\19041B6B-8F97-4669-BA21-C17572737ED2

SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\bobrowser.exe

SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\bobrowser.exe

SOFTWARE\Microsoft\Tracing\BoBrowser_RASAPI32

SOFTWARE\Microsoft\Tracing\BoBrowser_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser

SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\bobrowser.exe

SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ_http

SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ_https

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids\BoBrowsHTM.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids\BoBrowsHTML.NSJA6BHDA3NCFCFMXW3QSCUYUQ

Software\Microsoft\Windows\CurrentVersion\Run\BoBrowser

Software\Microsoft\Windows\CurrentVersion\Run\CrashService

SOFTWARE\RegisteredApplications\BoBrowser.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SOFTWARE\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\bobrowser.exe

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\bobrowser.exe

SOFTWARE\Wow6432Node\RegisteredApplications\BoBrowser.NSJA6BHDA3NCFCFMXW3QSCUYUQ

SYSTEM\ControlSet001\services\ClaraUpdater

SYSTEM\ControlSet002\services\ClaraUpdater

SYSTEM\CurrentControlSet\services\ClaraUpdater

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

BoBrowser

Directories

PUP.BoBrowser may create the following directory or directories:

%APPDATA%\Microsoft\Windows\Start Menu\Programs\BoBrowser

%COMMONPROGRAMFILES%\ClaraUpdater

%COMMONPROGRAMFILES(x86)%\ClaraUpdater

%LOCALAPPDATA%\BoBrowser

%LOCALAPPDATA%\BoBrowserUninstall

%PROGRAMFILES%\Bobrowsercm

%PROGRAMFILES(x86)%\Bobrowsercm

%TEMP%\BoBrowser

%UserProfile%\Local Settings\Application Data\BoBrowser

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.BoBrowser

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Registry Details

Directories

Submit Comment

Trending

Beach Wallpaper Browser Extension

ARROW Ransomware

RALEIGHRAD Ransomware

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen