allentech.net

Home > Browser Parasites > Parasite Database > SuperBar

About Us

Online Stores

TQ Support

Web Services

Database Help

Tech Links

Projects

Online Manual

Browser Parasites

Privacy Policy

Contact us

Send Page

Limited Time!
Totally FREE Web Design!
Click here!

Blue Host

Parasite: SuperBar

This record last updated Tue Sep 20 2005 00:34:15

PLEASE NOTE: Due to the overwhelming extent of this problem and the unbelievable volume of email we have received, we regret that we cannot respond to questions about browser parasites at this time. If you have attempted to contact us about this parasite please accept our apology for not responding. "Thank you's" are always appreciated ;-)

Description

SuperBar is an IE toolbar offering search and form-filling features.

Variants

SuperBar/GC is an IE Browser Helper Object.

SuperBar/Rnd adds a process that starts up and runs with Windows, and uses pseudo-random class IDs to try to avoid detection.

Distribution

Bundled with downloads from Blue Haven Media. BHM software is downloaded by ActiveX drive-by-download from affiliate webmasters’ sites, typically describing itself as MP3-related software.

Installed by the WildMedia parasite.

What it does

Advertising

Yes.

GC: Adds links to the results of other search engines, dressed up to look as if they come from the search engine itself; in fact they are from the site greasycow.com.

Rnd: Opens a full-screen pop-up window containing paid links from findwhat.com each time a search engine is used.

Privacy violation

No.

Security issues

Yes. The software can download and execute arbitrary code silently from its controlling servers. The SuperBar licence includes a clause stating that third-party software may be installed through this mechanism.

Stability problems

None known.

Removal

SuperBar/GC can be removed from the ‘SuperBar IE Plugin’ entry in the Control Panel’s Add/Remove Programs option. SuperBar/Rnd has to be removed manually.

Manual removal

Open the registry (click ‘Start’, choose ‘Run’, and enter ‘regedit’), and find the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Delete the ‘SBHC’ entry.

Now open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands:

cd "%WinDir%\System"
regsvr32 /u "\Program Files\SuperBar\SuperBar.Dll"
regsvr32 /u "\Program Files\SuperBar\SuperBarExts.Dll"

Restart the computer and you should be able to delete the ‘SuperBar’ folder inside Program Files.

Links

* Parasite information and detection script by Andrew Clover - www.doxdesk.com, used with permission.

For more information about Scumware, Spyware and Parasites, their sources and their cure, visit our About Parasites page and related Tech Links.

Visit our new services portal at Allen One for a completely new parasite database format, comming November 2005!

webmaster@allentech.net
Tech Bench
Web Analytics by My-OLAP!

Top