Cargo Info Toolbar
The Cargo Info Toolbar is a search toolbar from which a user can easily access the Cargo Info from any page on the web.The toolbar installs through an exe installer which when executed installs the toolbar at once without showing any sign of installing
and the installer also does not asks the user whether he wants to install the toolbar or not.The toolbar installs some other features when user connects to the host site of the toolbar. The toolbar does not contain any EULA or Privacy Policy associated
with it.The toolbar works in a suspect manner, the toolbar shows search results from Google (http://www.google.com/), the toolbar shows information about freight, freight tariff and port information for African continent.0
General information:
| Malware Name: |
Cargo Info Toolbar |
| Malware Type: |
Toolbar |
| Company Name: |
Now Media |
| Company URL: |
http://www.nowmedia.co.za/
|
| Threat Level: |
High |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE (Installs after running the installer EXE, without showing any sign of installation) |
| Operation: |
Time of After restarting browser. |
Company Description:
Now Media (Pty) Ltd is a privately owned organisation founded in 1953 committed to promoting travel and trade to and from the Southern African region. Now Media is based in Johannesburg, South Africa.
Spyware Description:
The Cargo Info Toolbar is a search toolbar from which a user can easily access the Cargo Info from any page on the web.The toolbar installs through an exe installer which when executed installs the toolbar at once without showing any sign of installing
and the installer also does not asks the user whether he wants to install the toolbar or not.The toolbar installs some other features when user connects to the host site of the toolbar. The toolbar does not contain any EULA or Privacy Policy associated
with it.The toolbar works in a suspect manner, the toolbar shows search results from Google (http://www.google.com/), the toolbar shows information about freight, freight tariff and port information for African continent.0
Characteristics/Symptoms:
-> Keeps watch on the users browsing activity -> Creates cookies to track user -> Slows the browser -> Shows travel related popup ads0
Additional information might be found here:
Processes Running:
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Cargo Info Toolbar\Cargo_Info1.bmp |
5454 |
Bitmap Image |
| C:\Program Files\Cargo Info Toolbar\toolbar.crc |
101 |
CRC File |
| C:\Program Files\Cargo Info Toolbar\version.txt |
25 |
Text Document |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Cargo Info Toolbar |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Classes\XBTB04181.XBTB04181 |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Classes\XBTB04181.XBTB04181.1 |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB04181.XBTB04181IEToolbar |
|
