Updated: February 13, 2007 11:40:29 AM
Type: Adware
Version: N/A
Publisher: www.browserpal.com
Risk Impact: Low
File Names:
browserpal.exe
adblck.dll
adblck.exe
BABarWnd.dll
blckbho.dll
bp.exe
bptlb.dll
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Adware.BrowserPal is installed, it performs the following actions:
- Creates the following files:
- %ProgramFiles%\Browser Pal\ABLK.tlb
- %ProgramFiles%\Browser Pal\adblck.dll
- %ProgramFiles%\Browser Pal\adblck.exe
- %ProgramFiles%\Browser Pal\BABarWnd.dll
- %ProgramFiles%\Browser Pal\blckbho.dll
- %ProgramFiles%\Browser Pal\blckhk.dll
- %ProgramFiles%\Browser Pal\bp.exe
- %ProgramFiles%\Browser Pal\bptlb.dll
- %ProgramFiles%\Browser Pal\close.wav
- %ProgramFiles%\Browser Pal\common\0.pict
- %ProgramFiles%\Browser Pal\common\1.pict
- %ProgramFiles%\Browser Pal\common\181.pict
- %ProgramFiles%\Browser Pal\common\2.pict
- %ProgramFiles%\Browser Pal\common\3.pict
- %ProgramFiles%\Browser Pal\common\4.pict
- %ProgramFiles%\Browser Pal\common\5.pict
- %ProgramFiles%\Browser Pal\common\6.pict
- %ProgramFiles%\Browser Pal\common\bpcfg.xml
- %ProgramFiles%\Browser Pal\common\browserpal.name
- %ProgramFiles%\Browser Pal\License.txt
- %ProgramFiles%\Browser Pal\Startium.url
- %ProgramFiles%\Browser Pal\uninstall.exe
- %ProgramFiles%\Browser Pal\uninstall.ini
- %Userprofile%\Start Menu\Programs\Browser Pal\Browser Pal - Ad Blocker.lnk
- %Userprofile%\Start Menu\Programs\Browser Pal\Startium- Start Here!.lnk
Notes:
- %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
- %Userprofile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\<Current User> (Windows NT/2000/XP).
- Adds the value:
"Browser Pal" = "%ProgramFiles%\Browser Pal\adblck.exe -s"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
so that the Adware runs when Windows starts.
- Creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunWindowsUpdate
HKEY_LOCAL_MACHINE\Software\Browser Pal
HKEY_CURRENT_USER\Software\Browser Pal
HKEY_CLASSES_ROOT\Bho.BhoIE.1
HKEY_CLASSES_ROOT\Bho.BhoIE
HKEY_CLASSES_ROOT\CLSID\{D34F641F-5210-4EB0-8ED5-9179F47E15B7}
HKEY_CLASSES_ROOT\TypeLib\{3A72022E-22A8-4554-A8A4-D5C70C5D444B}
HKEY_CLASSES_ROOT\Interface\{8004F640-BC6B-410A-8054-DF43D93D06E3}
HKEY_CLASSES_ROOT\Startium.IEToolBar.1
HKEY_CLASSES_ROOT\Startium.IEToolBar
HKEY_CLASSES_ROOT\CLSID\{337D0C1D-4053-4FAB-AF2B-45C2F7B0FAA7}
HKEY_CLASSES_ROOT\BrowserPalToolbar.IEShower.1
HKEY_CLASSES_ROOT\BrowserPalToolbar.IEShower
HKEY_CLASSES_ROOT\CLSID\{5F5564AC-DE7A-4DCD-9296-32E71A35DCB7}
HKEY_CLASSES_ROOT\BrowserPalToolbar.Helper.1
HKEY_CLASSES_ROOT\BrowserPalToolbar.Helper
HKEY_CLASSES_ROOT\CLSID\{F20AE630-6DE2-43CA-A988-7CD40C36EF0C}
HKEY_CLASSES_ROOT\TypeLib\{7313BFD0-62C4-40F4-8041-3FBDBC80AC08}
HKEY_CLASSES_ROOT\Interface\{8A7D38BE-849D-478F-A7CF-55EC95722359}
HKEY_CLASSES_ROOT\Interface\{4A2563C7-FC68-4EE8-A11C-2022EBCC1B10}
HKEY_CLASSES_ROOT\Interface\{2A167E61-D100-450D-A1B0-6EAF394BCB89}
HKEY_CLASSES_ROOT\Component Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\BrowserPalToolbar.IEToolBar.1
HKEY_CLASSES_ROOT\BrowserPalToolbar.IEToolBar
HKEY_CLASSES_ROOT\CLSID\{337D0C1D-4053-4FAB-AF2B-45C2F7B0FAA7}
HKEY_CLASSES_ROOT\TypeLib\{7EB64065-DFD1-41B0-99D7-6BA3E0A15916}
HKEY_CLASSES_ROOT\Interface\{FF1954C1-D2EC-489A-A156-2F56A6D945C0}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browser Pal
HKEY_CLASSES_ROOT\TypeLib\{3A72022E-22A8-4554-A8A4-D5C70C5D444B}
- Once installed, the following toolbar will be added to the Internet Explorer:
and the Adware will be able to perform the following actions:
- Displays advertising content
- Installs software upgrade
- Installs third-party application
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
