Mortgage Toolbar

MortgageToolbar.comThe Mortgage Toolbar provides user with new links, information, one-click web search etc. The toolbar has links to other pages also. From the host website “The secrets pages features information on how to negotiate the best loan rate, how to spot a shady or over-priced broker, and is updated regularly with new information.”The toolbar collects the information about the user’s browsing and search terms, the toolbar shows popup ads related to the finance and loans. Also there is no privacy policy associated with the toolbar.Characteristics/Symptoms: Collects information about the pages visitedSlows the browser Can change the default IE settingsCommunicates with the host serverShows finance and loan related popup adsContains link to other sites also.Date of Found: 2006-03-06Security Level: HighOperating OS: WIN XPInstallation Type: Installed through ActiveXOperation: After InstallationTime of Operation: After Browser Restart.Screenshot:2. Installation Sample and Image2.1. Installation SampleOrigin URL: http://mortgagebar.com/toolbar/install.html 3. Changes after installation 3.1. Process: Files and Location: 3.2 Directories:Mortgage Toolbar does not create any directories:3.3. ActiveX Information ActiveX Screenshot:File location

General information:

Malware Name:	Mortgage Toolbar
Malware Type:	Toolbar
Company Name:	MortgageToolbar.com
Company URL:	http://mortgagebar.com/
Threat Level:	High
Operating System:	WIN XP
Installation Type:	Installed through ActiveX
Operation:	Time of After Browser Restart.

Company Description:

The Mortgage Toolbar provides user with new links, information, one-click web search etc. The toolbar has links to other pages also. From the host website “The secrets pages features information on how to negotiate the best loan rate, how to spot a shady or over-priced broker, and is updated regularly with new information.”

Spyware Description:

MortgageToolbar.comThe Mortgage Toolbar provides user with new links, information, one-click web search etc. The toolbar has links to other pages also. From the host website “The secrets pages features information on how to negotiate the best loan rate, how to spot a shady or over-priced broker, and is updated regularly with new information.”The toolbar collects the information about the user’s browsing and search terms, the toolbar shows popup ads related to the finance and loans. Also there is no privacy policy associated with the toolbar.Characteristics/Symptoms: Collects information about the pages visitedSlows the browser Can change the default IE settingsCommunicates with the host serverShows finance and loan related popup adsContains link to other sites also.Date of Found: 2006-03-06Security Level: HighOperating OS: WIN XPInstallation Type: Installed through ActiveXOperation: After InstallationTime of Operation: After Browser Restart.Screenshot:2. Installation Sample and Image2.1. Installation SampleOrigin URL: http://mortgagebar.com/toolbar/install.html 3. Changes after installation 3.1. Process: Files and Location: 3.2 Directories:Mortgage Toolbar does not create any directories:3.3. ActiveX Information ActiveX Screenshot:File location

Characteristics/Symptoms:

    -> Collects information about the pages visited -> Slows the browser -> Can change the default IE settings -> Communicates with the host server -> Shows finance and loan related popup ads -> Contains link to other sites also.0

Additional information might be found here:

	Search at Google for Mortgage Toolbar
	Search at Bing for Mortgage Toolbar
	Search at Yahoo for Mortgage Toolbar

Processes Running:

File information Created after Installation:

File Location	Size (Bytes)	Type

Folder information Created after Installation:

Folder Location

Registry information Created after Installation: