CoolSavings
CoolSavings is an adware that displays pop-up ads on the compromised PC. When CoolSavings dll is registered, it creates numerous registry entries. CoolSavings controlls the website named CoolSavings.com, which seems to be a coupon delivery website. CoolSavings can lead to loss of important data.
Registry Details
CoolSavings may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\MiscStatus\1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957D-2F89-11D6-8CFE-00C04F52B225}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0\HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5.3\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0\HELPDIR "(Default)" = "[PATH TO ADWARE]\"
"{00020424-0000-0000-C000-000000000046}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957D-2F89-11D6-8CFE-00C04F52B225}\ProxyStubClsid "(Default)" =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957F-2F89-11D6-8CFE-00C04F52B225} "(Default)" = "_ICMV5Events"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5.3 "(Default)" = "CMV5 Class"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\Insertable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957F-2F89-11D6-8CFE-00C04F52B225}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0\FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\InprocServer32 "ThreadingModel" = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957F-2F89-11D6-8CFE-00C04F52B225}\ProxyStubClsid32 "(Default)" =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957D-2F89-11D6-8CFE-00C04F52B225}\ProxyStubClsid32 "(Default)" =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957D-2F89-11D6-8CFE-00C04F52B225} "(Default)" = "ICMV5"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5 "(Default)" = "CMV5 Class"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\ToolboxBitmap32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957F-2F89-11D6-8CFE-00C04F52B225}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957D-2F89-11D6-8CFE-00C04F52B225}\ProxyStubClsid3
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0\0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CpnMgr.CMV5.3
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0\FLAGS "(Default)" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225}\MiscStatus "(Default)" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{549F957F-2F89-11D6-8CFE-00C04F52B225}\ProxyStubClsid "(Default)" =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{549F9571-2F89-11D6-8CFE-00C04F52B225}\1.0 "(Default)" = "CpnMgr 1.0 Type Library"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{549F957E-2F89-11D6-8CFE-00C04F52B225} "(Default)" = "CMV5 Class"
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.