Home Malware Programs Browser Plugins Bocai Toolbar

Bocai Toolbar

Posted: March 28, 2006

Bocai Toolbar is an Internet Explorer plugin that shows the additional button and extra menu in Chinese. The threat sends the web browser to undesirable web sites and shows unsolicited pop-up advertisements. Bocai Toolbar must be manually installed. It automatically runs on every Windows startup.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 bocaitoolbar.dll
    2 msaddon.dll
    3 msplug.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOTBCCommunication.HTTPAPIHKEY_CLASSES_ROOTBCCommunication.HTTPAPI.1HKEY_CLASSES_ROOTBoCaiToolBar.StockBarHKEY_CLASSES_ROOTBoCaiToolBar.StockBar.1HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunRegBar=regsvr32.exe/uC:ProgramFileslogmarkocaitoolbar.dll/s/i/nHKEY_LOCAL_MACHINESOFTWAREClassesBCCommunication.HTTPAPIHKEY_LOCAL_MACHINESOFTWAREClassesBCCommunication.HTTPAPI.1HKEY_LOCAL_MACHINESOFTWAREClassesBoCaiToolBar.StockBarHKEY_LOCAL_MACHINESOFTWAREClassesBoCaiToolBar.StockBar.1HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstalllogmarkHKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRunAboutSys=regsvr32.exemsaddon.dll/sHKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRunRegBar=regsvr32.exe/uC:ProgramFileslogmarkocaitoolbar.dll/s/i/nHKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRunAboutSys=regsvr32.exemsaddon.dll/s
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path}693A1E03-7B1B-41D8-8803-CF9ED9D860701729F6BB-0CE7-4D3C-BD08-B271D7CB3D635BD85147-1218-442D-980B-86E56860350B3855CF44-363B-4E48-B3FD-25736207B27FBF4D0BCA-6FE4-4FA2-BEBE-87A72B3B77F14DA2EE61-6399-4C39-AEB9-0D990E610D29

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Bocai Toolbar may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner*

* See Free Trial offer below. EULA and Privacy/Cookie Policy.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Loading...