SuperBar is an IE toolbar offering search and form-filling features.

Variants

SuperBar/GC is an IE Browser Helper Object.

SuperBar/Rnd adds a process that starts up and runs with Windows, and uses pseudo-random class IDs to try to avoid detection.

Distribution

Bundled with downloads from Blue Haven Media. BHM software is downloaded by ActiveX drive-by-download from affiliate webmasters' sites, typically describing itself as MP3-related software.

Advertising

Yes.

GC: Adds links to the results of other search engines, dressed up to look as if they come from the search engine itself; in fact they are from the site greasycow.com.

Rnd: Opens a full-screen pop-up window containing paid links from findwhat.com each time a search engine is used.

Privacy violation

No.

Security issues

Yes. The software can download and execute arbitrary code silently from its controlling servers. The SuperBar licence includes a clause stating that third-party software may be installed through this mechanism.

Stability problems

None known.

Removal

SuperBar/GC can be removed from the 'SuperBar IE Plugin' entry in the Control Panel's Add/Remove Programs option. SuperBar/Rnd has to be removed manually.

Manual removal

Open the registry (click 'Start', choose 'Run', and enter 'regedit'), and find the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Delete the 'SBHC' entry.

Now open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands:

Restart the computer and you should be able to delete the 'SuperBar' folder inside Program Files.