Multi-License Discount Quote

Change Region

English
Threat Database Adware Bubble Dock

Bubble Dock

By CagedTech in Adware

Threat Scorecard

Popularity Rank: 3,818
Threat Level: 20 % (Normal)
Infected Computers: 70,086
First Seen: April 11, 2013
Last Seen: January 24, 2026
OS(es) Affected: Windows

Bubble Dock is an adware program that can be installed onto any Internet browser. Bubble Dock is available in French, Swiss, Italian and Spanish. Bubble Dock provides PC users with access to news, games, Facebook, email, web TV, Youtube videos, shortcuts, apps, RSS, podcasts and many more by clicking on the desktop. As the toolbar of Bubble Dock is not paid, the company that owes it, makes money from advertisements shown involving pop-up ads, in text promotions, and numerous coupons and deals. Computer users can install Bubble Dock from the official website of the company, but usually, it is embedded into hijacked web browsers without a victim's consent to use it. Bubble Dock comes affiliated with other free applications. After downloading and installing such a free application, the computer user might install other insecure software products, such as Bubble Dock or even toolbars that take over and modify the home page and default search engine on the hacked web browser.

Aliases

8 security vendors flagged this file as malicious.

Antivirus Vendor Detection
AVG Generic.7EE
Ikarus PUA.BubbleDock
Panda PUP/Nosibay
McAfee-GW-Edition Artemis
Sophos Bubble Dock
McAfee Artemis!16BE7EB47D84
McAfee Artemis!A17CE8F64B69
AVG MalSign.Generic.AC5

SpyHunter Detects & Remove Bubble Dock

File System Details

Bubble Dock may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. WindApp Update.exe.vir 37e4f5f33befc9a114d2d36279076b1e 3,586
2. Deploy.exe 125327bb1c3cfe5d2e583afd5bd563af 258
3. axSurfMatch.dll 593edbf3334d80a84d5054732bdd134b 124
4. Bubble Dock.exe 5ed8a6036250326f5baf608df6aa5b16 99
5. AddonsUI.exe 5aaa2756420e158bca7e7b112469f06e 13
6. WindApp Update.exe 6c7b1b169202d812787e7e4394059a8e 1
More files

Registry Details

Bubble Dock may create the following registry entry or registry entries:
CLSID
{17734227-EAAA-4C5E-9AA3-036AD981B3A6}
{23AF19F7-1D5B-442c-B14C-3D1081953C94}
{8C973B84-E6DA-49D8-B786-9C93C2E587F5}
{B1DBD7F1-13D4-4FBE-8CC1-7BF878C10CDA}
File name without path
Bubble Dock.lnk
Install_BubbleDock.exe
store.bubbledock[1].xml
Regexp file mask
%APPDATA%\Bubble Ads.installation.log
%appdata%\Bubble Dock.boostrap.log
%appdata%\Bubble Dock.installation.log
%APPDATA%\Bubble Suite.installation.log
%temp%\Bubble Dock.txt
%temp%\LBubble Dock.txt
%WINDIR%\System32\Tasks\Bubble Ads Update
HKEY..\..\..\..{RegistryKeys}
Software\Classes\.bubbledock
SOFTWARE\Classes\AppID\IESurfMatch.DLL
Software\Classes\bubbledock
Software\Classes\MIME\Database\Content Type\application/x-bubbledock
SOFTWARE\Classes\Nosibay.SurfMatch
SOFTWARE\Classes\Nosibay.SurfMatch.1
SOFTWARE\Classes\Wow6432Node\AppID\IESurfMatch.DLL
Software\Microsoft\Internet Explorer\Approved Extensions\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Software\Microsoft\Internet Explorer\DOMStorage\bubbledock.us
SOFTWARE\Microsoft\Internet Explorer\DOMStorage\livesticker.com
Software\Microsoft\Internet Explorer\DOMStorage\store.bubbledock.us
Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\61599.Bubble_Dock.BBD023.no.exe
Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Bubble Dock.exe
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bubble Ads Update
SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}
Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock\Bubble Dock.lnk
Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442C-B14C-3D1081953C94}
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bubble Ads
Software\Microsoft\Windows\CurrentVersion\Run\Bubble Dock
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bubble Suite
Software\Microsoft\Windows\CurrentVersion\Uninstall\Bubble Dock
SOFTWARE\Mozilla\Firefox\Extensions\bubbledock@nosibay.com
Software\Nosibay
Software\Nosibay\Bubble Dock
Software\Nosibay\Bubble Dock Tag
SOFTWARE\Wow6432Node\Classes\AppID\IESurfMatch.DLL
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}
SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\bubbledock@nosibay.com
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
Bubble Ads
Bubble Suite

Directories

Bubble Dock may create the following directory or directories:

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Bubble Dock
%APPDATA%\Nosibay\Bubble Dock
%PROGRAMFILES%\Nosibay\Bubble Dock
%PROGRAMFILES(X86)%\Nosibay\Bubble Dock
%UserProfile%\Start Menu\Programs\Bubble Dock
%appdata%\Nosibay

Analysis Report

General information

Family Name: Adware.Bubble Dock
Signature status: Modified signature

Known Samples

MD5: 34ee8ac6364caff1e66174ffa649619f
SHA1: ed8ccbadbeae14bd73b31ec5426af5b52f523d3f
SHA256: 220D9589BFBD8727988D8215E0DB27105C9DB97E016FEFFA775C48D0AB20CA16
File Size: 6.33 MB, 6332416 bytes
MD5: bb7a46e368ef8a6a4999082262910785
SHA1: 44aaeb76e91ece4eb9b72ae50ff30136b2965734
SHA256: BD9CD059EEDBF826672221A6BBABE77AE787EFB337EBAC68C725C72663E817E9
File Size: 389.52 KB, 389520 bytes
MD5: e19a32166fca0a9c1594aa497fe141e4
SHA1: 379591b2ccd3f491aeb7df8405850b7d7617854a
SHA256: 94D26DBDF121813AD81469CC0D7A1CA0A796425F97E7F9F9325BB08CAAB2BBA8
File Size: 372.83 KB, 372832 bytes
MD5: 17d7caea650f0703b61459194d9ee7f1
SHA1: b3787dd88c3a030e3b00d3290d5c008e5da68d95
SHA256: CA8D78B7DB55878E089AAC26305B4751D372625196BD233C58687D72B56AC745
File Size: 372.89 KB, 372888 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Nosibay
File Description
  • Bubble Dock Installer
  • Bubble Dock installer
File Version
  • 3.0.705.0.63803
  • 3.0.705.0.63100
  • 3.0.639.0.59707
  • 3.0.633.0.59371
Legal Copyright © Nosibay
Product Name Bubble Dock

Files Modified

File Attributes
c:\users\user\appdata\local\temp\netlog.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\bubble dock bsetup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\bubble dock bsetup.exe_deleted_ Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\httprequest.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\httprequest.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\inetc.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\inetc.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\modern-header.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\modern-header.bmp Synchronize,Write Attributes
Show More
c:\users\user\appdata\local\temp\nscc02d.tmp\nsisdl.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\nsisdl.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\nsislog.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\nsislog.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\stdutils.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\stdutils.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\system.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\version.ini Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nscc02d.tmp\version.ini_deleted_ Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsg7c7b.tmp\nsislog.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsg7c7b.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\bubble dock bsetup.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\bubble dock bsetup.exe_deleted_ Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\httprequest.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\httprequest.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\inetc.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\inetc.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\modern-header.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\modern-header.bmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\nsisdl.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\nsisdl.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\nsislog.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\nsislog.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\system.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\version.ini Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsh59ae.tmp\version.ini_deleted_ Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsmc01c.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\users\user\appdata\local\temp\nsq7c6a.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\users\user\appdata\local\temp\nss59ad.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\users\user\appdata\roaming\bubble dock.boostrap.log Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\roaming\bubble dock.boostrap.log Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\nosibay\bubble dock tag::iid BB2_EB1CCB4D9BA94617B3EC032534074C39 RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\nosibay\bubble dock::tag RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Windows\SystemTemp\77e37ce0-8214-4414-aced-551c5ae204d7.tmp\??\C:\Windows\SystemTemp\e28eadcf-6ab0-4d8c-8821-7ce9a6aba1 RegNtPreCreateKey
HKCU\software\nosibay\bubble dock tag::iid BB2_A32A5DE1B1F94E30BB86D943C258F8FA RegNtPreCreateKey

Windows API Usage

Category API
Anti Debug
  • OutputDebugString
Network Winsock2
  • WSAStartup
Network Winsock
  • closesocket
  • gethostbyname
  • inet_addr
  • socket
Network Wininet
  • InternetOpen
  • InternetOpenUrl
  • InternetQueryOption
  • InternetReadFile
  • InternetSetOption

Trending

Most Viewed

Loading...