Home Malware Programs Browser Hijackers BarQuery.com

BarQuery.com

Posted: November 8, 2011

BarQuery.com (BarQuery) is a browser hijacker. BarQuery.com may infiltrate a system where it can change browser settings and redirect users to unwanted web sites. These unwanted sites sometimes redirected by BarQuery.com may attempt to steal personal information and sell malware. The BarQuery.com site itself appears to be a harmless search engine and cheap imitation of Google. Usually by a system automatically landing on the BarQuery.com site is a clear indication of the system being infected with a Trojan. To restore a BarQuery.com infected systems ability to surf the internet without interruption it may be necessary to use a spyware scan tool to safely detect and remove any infection related to BarQuery.com.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%AppData%BarQuerytoolbarversion.xml File name: %AppData%BarQuerytoolbarversion.xml
Mime Type: unknown/xml
%AppData%BarQuerytoolbaruninstallStatIE.dat File name: %AppData%BarQuerytoolbaruninstallStatIE.dat
File type: Data file
Mime Type: unknown/dat
%AppData%BarQuerytoolbaruninstallIE.dat File name: %AppData%BarQuerytoolbaruninstallIE.dat
File type: Data file
Mime Type: unknown/dat
%AppData%BarQuerytoolbarstats.dat File name: %AppData%BarQuerytoolbarstats.dat
File type: Data file
Mime Type: unknown/dat
%AppData%BarQuerytoolbarstat.log File name: %AppData%BarQuerytoolbarstat.log
Mime Type: unknown/log
%AppData%BarQuerytoolbarpreferences.dat File name: %AppData%BarQuerytoolbarpreferences.dat
File type: Data file
Mime Type: unknown/dat
%AppData%BarQuerytoolbarlog.txt File name: %AppData%BarQuerytoolbarlog.txt
Mime Type: unknown/txt
%AppData%BarQuerytoolbarguid.dat File name: %AppData%BarQuerytoolbarguid.dat
File type: Data file
Mime Type: unknown/dat
%AppData%BarQuerytoolbardtx.ini File name: %AppData%BarQuerytoolbardtx.ini
Mime Type: unknown/ini
%AppData%BarQuerytoolbarcouponsmerchants2.xml File name: %AppData%BarQuerytoolbarcouponsmerchants2.xml
Mime Type: unknown/xml
%AppData%BarQuerytoolbarcouponsmerchants.xml File name: %AppData%BarQuerytoolbarcouponsmerchants.xml
Mime Type: unknown/xml
%AppData%BarQuerytoolbarcouponscategories.xml File name: %AppData%BarQuerytoolbarcouponscategories.xml
Mime Type: unknown/xml
%Temp%BarQuerytoolbar-manifest.xml File name: %Temp%BarQuerytoolbar-manifest.xml
Mime Type: unknown/xml

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBarBarQuerydtx.dll"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "BarQuery Toolbar"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "BarQueryIEHelper.UrlHelper"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "BarQueryIEHelper.UrlHelper.1"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"HKEY_LOCAL_MACHINESOFTWAREClassesBarQueryIEHelper.DNSGuardCurVerHKEY_LOCAL_MACHINESOFTWAREClassesBarQueryIEHelper.DNSGuardCLSIDHKEY_LOCAL_MACHINESOFTWAREClassesBarQueryIEHelper.DNSGuardHKEY_LOCAL_MACHINESOFTWAREClassesBarQueryIEHelper.DNSGuard.1HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "BarQuery Toolbar"HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} " BarQuery BarQuery Toolbar"
Loading...