1. Symantec/
  2. Security Response/
  3. PUA.RoclaToolbar

PUA.RoclaToolbar

Updated:
January 11, 2013 7:29:14 PM
Type:
Potentially Unwanted App
Name:
Claro
Version:
1.8.8.5
Publisher:
Claro LTD
Risk Impact:
Low
Systems Affected:
Windows
The program may be embedded in third party application installers.

When the program is executed, it may create the following folders:
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com
  • C:\Documents and Settings\Administrator\Application Data\Claro
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD\.
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD\..
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD\claro
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD\claro\.
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD\claro\..
  • C:\Documents and Settings\Administrator\Local Settings\Temp\Claro LTD\claro\1.8.8.5
  • C:\Program Files\Claro LTD
  • C:\Program Files\Claro LTD\.
  • C:\Program Files\Claro LTD\..
  • C:\Program Files\Claro LTD\claro
  • C:\Program Files\Claro LTD\claro\.
  • C:\Program Files\Claro LTD\claro\..
  • C:\Program Files\Claro LTD\claro\1.8.8.5
  • C:\Program Files\Claro LTD\claro\1.8.8.5\.
  • C:\Program Files\Claro LTD\claro\1.8.8.5\..
  • C:\Program Files\Claro LTD\claro\1.8.8.5\bh
  • C:\Program Files\Claro LTD\claro\1.8.8.5\bh\.
  • C:\Program Files\Claro LTD\claro\1.8.8.5\bh\..

When the program is executed, it may drop the following files:
  • C:\Program Files\Claro LTD\claro\1.8.8.5\bh\claro.dll
  • C:\Program Files\Claro LTD\claro\1.8.8.5\claroApp.dll
  • C:\Program Files\Claro LTD\claro\1.8.8.5\claroEng.dll
  • C:\Program Files\Claro LTD\claro\1.8.8.5\clarosrv.exe
  • C:\Program Files\Claro LTD\claro\1.8.8.5\claroTlbr.dll
  • C:\Program Files\Claro LTD\claro\1.8.8.5\escortShld.dll
  • C:\Program Files\Claro LTD\claro\1.8.8.5\uninstall.exe
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\chrome.manifest
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\components\acplus-autocomplete.js
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\components\FFDisp.dll
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\claro.css
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\claro.xul
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\dpk.htm
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\hlprs.js
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\arwDwn.gif
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\closeo.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\ae.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\bg.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\ch.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\cn.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\cz.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\de.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\eg.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\en.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\es.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\fr.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\gr.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\he.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\il.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\it.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\ja.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\jp.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\nl.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\no.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\pl.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\pt.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\ro.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\ru.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\sa.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\se.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\sv.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\tr.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\ua.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\flgs\us.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\help_16.gif
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\home.gif
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\icon_seperator.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\logo.png
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\privecy_16_hot.gif
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\sign.jpg
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\specialoffer.gif
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\imgs\tellafriend.gif
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\loader.xul
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\mtstart.js
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\serp.js
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\content\tmplt.js
  • C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\[PROFILE FOLDER]\extensions\ffxtlbr@claro.com\install.rdf

The program may install a toolbar for Internet Explorer and Firefox that performs the following actions:
  • Displays a search box, advertisements, and links to third party products and services
  • Uses its own search engine
  • Sets up a new home page
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube