Candybar Toolbar

The cndybar is an internet explorer toolbar promet by a Portuguese site. The toolbar gives a keyword search option that searches the results with http://pesquisa.sapo.pt/. The toolbar keeps a watch on the users browsing and collects data about the search. It can also show popup ads and change IE settings.0

General information:

Malware Name:	Candybar Toolbar
Malware Type:	Toolbar
Company Name:	PTM.Com
Company URL:	http://netbi.sapo.pt/
Threat Level:	High
Operating System:	WIN XP
Installation Type:	Installed through ActiveX (At the installation it doesn’t show a security certificate)
Operation:	Time of After restarting browser.

Company Description:

The cndybar is an internet explorer toolbar promet by a Portuguese site. The toolbar gives a keyword search option that searches the results with http://pesquisa.sapo.pt/. The toolbar keeps a watch on the users browsing and collects data about the search. It can also show popup ads and change IE settings.

Spyware Description:

The cndybar is an internet explorer toolbar promet by a Portuguese site. The toolbar gives a keyword search option that searches the results with http://pesquisa.sapo.pt/. The toolbar keeps a watch on the users browsing and collects data about the search. It can also show popup ads and change IE settings.0

Characteristics/Symptoms:

    -> Keeps watch on the users browsing activity -> Works in background -> Slows the browser -> Changes the default search settings0

Additional information might be found here:

	Search at Google for Candybar Toolbar
	Search at Bing for Candybar Toolbar
	Search at Yahoo for Candybar Toolbar

Processes Running:

File information Created after Installation:

File Location	Size (Bytes)	Type

Folder information Created after Installation:

Folder Location

Registry information Created after Installation: