QUEPASA Toolbar

Quepasa.comQuepasa Toolbar lets user to use the links at Quepasa.com from any page on the web. The toolbar shows related links to the page, traffic based ranking, news, translator and a search box etc.The toolbar collects information about the user’s browsing activity and also collects the search terms entered on the toolbar, the toolbar also shows popup ads related to different advertisers. Characteristics/Symptoms: Collects information about the pages visited and entered search termsSlows the browser Changes the default search settingsCommunicates with the host serverShows popup adsWorks in backgroundCreates Cookies Date of Found: 2006-03-06Security Level: HighOperating OS: WIN XPInstallation Type: Installed through EXEOperation: After InstallationTime of Operation: After Browser Restart.Screenshot:2. Installation Sample and Image2.1. Installation SampleOrigin URL: http://www.quepasa.com/toolbar/Quepasa.exe 3. Changes after installation 3.1. Process: Files and Location: 3.2 Directories:Quepasa Toolbar creates following directories:C:\Program Files\QUEPASA ToolbarC:\Program Files\QUEPASA Toolbar\CacheC:\Program Files\QUEPASA Toolbar\Cache\NewCfg3.3. ActiveX Information ActiveX Screenshot:File location

General information:

Malware Name:	QUEPASA Toolbar
Malware Type:	Toolbar
Company Name:	Quepasa.com
Company URL:	http://www.quepasa.com/
Threat Level:	High
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Browser Restart.

Company Description:

Quepasa Toolbar lets user to use the links at Quepasa.com from any page on the web. The toolbar shows related links to the page, traffic based ranking, news, translator and a search box etc.

Spyware Description:

Quepasa.comQuepasa Toolbar lets user to use the links at Quepasa.com from any page on the web. The toolbar shows related links to the page, traffic based ranking, news, translator and a search box etc.The toolbar collects information about the user’s browsing activity and also collects the search terms entered on the toolbar, the toolbar also shows popup ads related to different advertisers. Characteristics/Symptoms: Collects information about the pages visited and entered search termsSlows the browser Changes the default search settingsCommunicates with the host serverShows popup adsWorks in backgroundCreates Cookies Date of Found: 2006-03-06Security Level: HighOperating OS: WIN XPInstallation Type: Installed through EXEOperation: After InstallationTime of Operation: After Browser Restart.Screenshot:2. Installation Sample and Image2.1. Installation SampleOrigin URL: http://www.quepasa.com/toolbar/Quepasa.exe 3. Changes after installation 3.1. Process: Files and Location: 3.2 Directories:Quepasa Toolbar creates following directories:C:\Program Files\QUEPASA ToolbarC:\Program Files\QUEPASA Toolbar\CacheC:\Program Files\QUEPASA Toolbar\Cache\NewCfg3.3. ActiveX Information ActiveX Screenshot:File location

Characteristics/Symptoms:

    -> Collects information about the pages visited and entered search terms -> Slows the browser -> Changes the default search settings -> Communicates with the host server -> Shows popup ads -> Works in background -> Creates Cookies0

Additional information might be found here:

	Search at Google for QUEPASA Toolbar
	Search at Bing for QUEPASA Toolbar
	Search at Yahoo for QUEPASA Toolbar

Processes Running:

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Program Files\QUEPASA Toolbar\Cache\qpcorreo-button.bmp	3320	Bitmap Image
C:\Program Files\QUEPASA Toolbar\Cache\qpemail-button.bmp	3320	Bitmap Image
C:\Program Files\QUEPASA Toolbar\Cache\qpforums-button.bmp	3320	Bitmap Image

Folder information Created after Installation:

Folder Location
C:\Program Files\QUEPASA Toolbar
C:\Program Files\QUEPASA Toolbar\Cache

Registry information Created after Installation: