GuardBar Toolbar

GuardBar Toolbar has a search function and provides search results for paid advertisers. It adds a third-party utility bar to the web browser. It also change the browser and shows the advertisements.0

General information:

Malware Name:	GuardBar Toolbar
Malware Type:	Browser Helper Object
Company Name:	GuardBar
Company URL:	http://www.guardbar.com/
Threat Level:	High
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Browser Restart.

Company Description:

The Guard Bar is an Internet Explorer Toolbar that blocks incoming Spyware and Adware from infecting userâs computer. The toolbar also clean Cookies, Temporary Internet Files, and Recent Files & History Files.

Spyware Description:

Characteristics/Symptoms:

-> Collects information about the pages visited -> Slows the browser -> Uses false detection techniques -> Communicates with the host server -> Shows popup ads -> Creates Cookies0

Additional information might be found here:

	Search at Google for GuardBar Toolbar
	Search at Bing for GuardBar Toolbar
	Search at Yahoo for GuardBar Toolbar

Processes Running:

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Program Files\GuardBar\gbdb.dll	171936	Application Extension
C:\Program Files\GuardBar\html\index.html	4688	HTML File
C:\Program Files\GuardBar\html\ss.jpg	32650	JPEG Image

Folder information Created after Installation:

Folder Location
C:\Program Files\GuardBar
C:\Program Files\GuardBar\html

Registry information Created after Installation:

Main Registry Key	Sub Registry Key	Key Value Name
HKEY_LOCAL_MACHINE	\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8CF81C5E4EC085409BCC75CF461B571
HKEY_LOCAL_MACHINE	\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64435616E344B214C99FD612E589A563\InstallProperties
HKEY_LOCAL_MACHINE	\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{61653446-443E-412B-9CF9-6D215E985A36}