KoolBar
KoolBar is an adware that registers itself as a toolbar that is capable of controlling search queries. It also downloads files without the consent of the affected users.
General information:
| Malware Name: |
KoolBar |
| Malware Type: |
Adware |
| Company Name: |
The Amazing Toolbar |
| Company URL: |
http://www.koolbar.net/
|
| Threat Level: |
Moderate Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
The Amazing Toolbar provides you the software KoolBar that is a pop up blocker and highlight text within an html document. It provides you some of the best deals on products and also provides you the links to the hottest entertainment on the net.
You can highlight text within an html document. It is one of the most powerful toolbars on the internet to date.
Spyware Description:
KoolBar is an adware that registers itself as a toolbar that is capable of controlling search queries. It also downloads files without the consent of the affected users.
Characteristics/Symptoms:
-> It registers itself as a toolbar that is capable of controlling search queries. -> It also downloads files without the consent of the affected users.
Additional information might be found here:
Processes Running:
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\WINDOWS\system32\nsq49.dll |
151552 |
Application Extension |
| C:\WINDOWS\system32\nsr37.dll |
151552 |
Application Extension |
Folder information Created after Installation:
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\nsq49.dll |
ffafid |
| HKEY_CURRENT_USER |
\Software\nsr37.dll |
llupdtim |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Classes\btnetw.iiittt |
|
