Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Guardbar
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion
View previous topic :: View next topic  
Author Message
eburger68
SWW Distinguished Expert


Joined: 23 Jun 2004
Last Visit: 18 Nov 2008
Posts: 575
Location: Clearwater, FL

PostPosted: Fri Sep 17, 2004 12:55 am    Post subject: Reply with quote

GuardBar:

I've run two rounds of tests now with the latest versions of GuardBar and SpyBouncer.

Let me be perfectly frank: GuardBar is worthless. In two rounds of tests with different spyware installers and different circumstances, GuardBar merrily allowed a total of 31 different spyware applications to be installed on my test PC, including some of the worst out there. It blocked the installation of precisely ZERO. None. Zip. Zilch. Nada.

After testing GuardBar's blocking capabilities and finding them to be non-existent, I tested SpyBouncer 1.24. While SpyBouncer did detect some of the spyware on my PC, it missed a number of critical spyware executables and DLLs, leaving my test PC almost completely overrun with spyware as well as a hijacked web browser.

Let me summarize the GuardBar results first, since those are much easier to summarize. (The write-up of SpyBouncer's performance will have to wait until the weekend when I have more time.)

** Test #1 **

1. Installed GuardBar; no updates available.

2. Installed SpyBouncer 1.24; no updates available.

3. Downloaded and executed grokstersetup.exe from:

http://www.download.com/3000-2166-10237041.html

Note: downloaded through Internet Explorer 6.0 w/ SP1 with GuardBar active.

4. grokstersetup.exe is a stub downloader/installer -- it downloaded and executed a number of other installers.

Note: kept Internet Explorer open with GuardBar active. A number of the stub downloaders used the IE engine to download and install their components.

5. GuardBar stopped aboslutely nothing, allowing every single spyware application to be installed.

6. Installed were:

* 411Ferret
* AdRoar
* Altnet/BDE
* BookedSpace
* BroadCastPC (BTV)
* Claria/Gator/GAIN
* Cydoor
* Drsnsrch.com (browser hijack)
* FlashEnhancer
* ImIServer IEPlugin
* MySearch/MyWay
* Roings
* SearchLocate
* Topfivesearch.com (browser hijack)
* Topsearch (note: not completely installed)
* TV Media
* VX2/ClientMan
* WebRebates/TopMoxie
* WebSearch

** Test # 2 **

After removing the installed spyware with a combination of anti-spyware applications, I decided to try another test. Thinking that perhaps GuardBar was limited to blocking only spyware installed directly through the browser (i.e., ActiveX installations), I decided to test GuardBar against a web site that I know to be an auto-installing spyware nightmare.

1. Navigated to:

http://iowrestling.com/

Note: used Internet Explorer 6.0 w/ SP1 with GuardBar active.

2. After declining a home page change, encountered four different ActiveX warning boxes, requesting acceptance of installation of:

* AAA1Screensavers.com
* FunWeb/SmileyCentral
* GAIN Dashbar/Precision Time
* AT-Games (Addictive Technologies)

Clicked "Yes" to all of them.

3. The initial installers actually installed more applications than the names above might indicate, launching new installers for other applications not listed above.

4. GuardBar stopped neither the initial ActiveX-driven installations or the subsequently launched installers, of which there were many.

5. Installed were:

* AdDestroyer
* BroadCastPC
* Claria/Gator
* Dashbar
* Favoriteman
* FunWeb/SmileyCentral/MyWebSearch
* NetPal
* PrecisionTime
* ShopAtHomeSelect (SahAgent)
* WebRebates/TopMoxie
* TVMedia
* VirtualBouncer

** Summary **

GuardBar's performance was abysmal: of 31 different spyware/adware applications installed in two different tests, GuardBar stopped the installation of none of them, allowing my test PC to be completely overrun with spyware and my browser to be hijacked.

Although my write-up of the SpyBouncer scan results will have to wait until I have more time over the weekend, I can tell you that SpyBouncer's performance was not much better. Although it did detect some spyware related files and Registry keys, it completely failed to detect the browser hijacks and missed numerous spyware executables and DLL modules on my test PC -- spyware which was left to other anti-spyware applications to detect and remove.

All in all GuardBar and SpyBouncer turned in a dismal performance. GuardBar simply cannot be regarded as anti-spyware protection whatsoever. SpyBouncer does detect some forms of spyware, however, its performance was so poor in my two tests with some of the most common and virulent spyware on the Net that users would be much better off using other, more trustworthy anti-spyware applications such as the ones listed here:

http://www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy

Regards,

Eric L. Howes


Last edited by eburger68 on Fri Sep 17, 2004 6:30 am; edited 2 times in total
Back to top
View user's profile Send private message Send e-mail Visit poster's website
TeMerc
Warrior Obsessed


Joined: 12 Feb 2004
Last Visit: 23 Jan 2014
Posts: 4953
Location: Phx. AZ.

PostPosted: Fri Sep 17, 2004 6:28 am    Post subject: Reply with quote

Quote:
Rest assured Guardbar, Eric and a few others will be all over your app, to see if it indeed has been improved.
Its always a nice challenge to have someone from a company come here and say they have no troubles with their apps, only to find nothing but troubles.
Lets hope your an exception.

Shocked Guess not.

Maybe its time to start a new classification, called:
Completely Useless Brick wall

But really, it seems you, GuardBar, have some work to do. Time to throw out the original format and start with a clean sheet.
_________________

Ultimate Countermeasures Page
Calendar Of Updates
Malware Advisor Blog
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Oct 2014
Posts: 10331
Location: at the beach

PostPosted: Fri Sep 17, 2004 7:45 am    Post subject: Reply with quote

It seems that Download.com's review essentially agrees with Eric's conclusions about Guardbar's ability to detect spyware:

http://www.download.com/Guard-Bar/3000-8022-10312618.html?tag=lst-0-18#cnetReview

Quote:
Though this free toolbar attempts to be a jack-of-all-trades, it fails to live up to its potential, due to mediocre functionality. Guard Bar's basic parts consist of a Web-search tool, a pop-up blocker, and a spyware monitor. In our tests, the pop-up blocker quashed most basic ads but couldn't handle some complex ones. The antiadware module didn't fare any better, as it was unsuccessful at detecting several spyware components we deliberately installed. Guard Bar does offer you quick access to a few popular search engines, such as Google, MSN, and Yahoo. The toolbar also offers a very simple tool for wiping your Internet Explorer history. Since Guard Bar is free, we can't say it's a terrible download, but since it tries to do more than it can capably handle, we can't give it our enthusiastic recommendation.

_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
guardbar
Junior Member


Joined: 09 Aug 2004
Last Visit: 03 Nov 2004
Posts: 10

PostPosted: Fri Sep 17, 2004 7:50 am    Post subject: Reply with quote

Hello,
I'm not saying we are flawless, I don't think there are many programs that are 100% flawless. I can tell you we have an excellent team working on Spybouncer to improve the functions and reliablity.
Joe
Back to top
View user's profile Send private message
eburger68
SWW Distinguished Expert


Joined: 23 Jun 2004
Last Visit: 18 Nov 2008
Posts: 575
Location: Clearwater, FL

PostPosted: Fri Sep 17, 2004 8:29 am    Post subject: Reply with quote

Joe/GuardBar:

That's not even the beginning of an adequate response. The question on the table isn't whether GuardBar is "flawless" -- that's a strawman argument. The question on the table is whether it's a worthwhile anti-spyware program, and any program that fails to block 31 of 31 of the most common, prevalent spyware apps on the Net is well nigh worthless.

As for SpyBouncer, the relevant question is: why should anyone pay for your anti-spyware scanner when they can get a more effective anti-spyware scanner for free (Ad-aware Personal, Spybot S&D) or for a roughly comparable price (Ad-aware Plus/Pro, Spy Sweeper, Pest Patrol) that will do a more thorough job of removing spyware?

Eric L. Howes
Back to top
View user's profile Send private message Send e-mail Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 14 Aug 2014
Posts: 1073
Location: CenTex

PostPosted: Fri Sep 17, 2004 8:40 am    Post subject: Reply with quote

Hey Eric, very impressive review. Top notch.

Most don't have a clue to the amount of work involved. Well, I do and I say; ATTABOY Smile

"That's not even the beginning of an adequate response."

Not sure you left him any room for more than that. Smile
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
guardbar
Junior Member


Joined: 09 Aug 2004
Last Visit: 03 Nov 2004
Posts: 10

PostPosted: Fri Sep 17, 2004 9:22 am    Post subject: Reply with quote

our customers are reporting that we find 40% more spyware than other companies..do the test.
Back to top
View user's profile Send private message
guardbar
Junior Member


Joined: 09 Aug 2004
Last Visit: 03 Nov 2004
Posts: 10

PostPosted: Fri Sep 17, 2004 9:27 am    Post subject: Reply with quote

why use something for free if it doesn't clean your system...bottom line is all of the companies that have free versions are making money selling something, donations, monitor charge, whatever the case may be money is being made up front or on the backend of a product.
Back to top
View user's profile Send private message
TeMerc
Warrior Obsessed


Joined: 12 Feb 2004
Last Visit: 23 Jan 2014
Posts: 4953
Location: Phx. AZ.

PostPosted: Fri Sep 17, 2004 9:37 am    Post subject: Reply with quote

GuardBar said:
Quote:
our customers are reporting that we find 40% more spyware than other companies..do the test

Didn't you see Erics post?

Your customers must be finding the only percentage that your app actually removes, and I guess they we're not loaded in Erics test machine. Maybe if we knew exactly what you remove, we could go out and find those infections to see if thats true.

GuardBar said:
Quote:
why use something for free if it doesn't clean your system...bottom line is all of the companies that have free versions are making money selling something, donations, monitor charge, whatever the case may be money is being made up front or on the backend of a product.


Who said anything about an app not cleaning your system, free or not? The only thing I saw, was a test of your app, which removed NOTHING!

And so what if the other companies offer other products they sell and how they make money? Whats the point of that argument?

The real problem is your app has failed completely in its effort to reomve a single known threat on a test, which, btw, was done twice to give you the benifit of the doubt.

Admit it sir, there is no possible reason for such a poorly performing product. Its fairly apparent your R&D deptarment missed a few items, and its target base leaves much to be desired.
_________________

Ultimate Countermeasures Page
Calendar Of Updates
Malware Advisor Blog
Back to top
View user's profile Send private message Visit poster's website
wjhonson
Newbie


Joined: 12 Oct 2004
Last Visit: 12 Oct 2004
Posts: 1
Location: Santa Cruz, CA

PostPosted: Tue Oct 12, 2004 9:56 pm    Post subject: Why SpyBouncer finds more malware Reply with quote

I might be able to answer the point that SpyBouncer finds more malware. I also, like some of you, have a number of anti-Spyware programs running, including SpyBouncer.

After running them and cleaning all the things they found, I run SpyBouncer.... which comes up with 132 new things to clean, mostly in my Registry.

I am running the apparent latest version 1.24

I believe this might be the same problem as the "setting of the kill bit" that was discussed. I didn't pay for SpyBouncer, I'm just not completely unfamiliar with RegEdit so I merrily went along deleting entries. SpyBouncer shows you the complete path of the entry, so if you can use RegEdit you can clean the item yourself.

At any rate, I'm not clear on how to tell if the "kill bit" has been set or not set. If someone could explain that part to me, I could check to see if this is still the case with this version of SpyBouncer.

Thanks
Will
Back to top
View user's profile Send private message
IndianaSpam1
Newbie


Joined: 01 Nov 2004
Last Visit: 01 Nov 2004
Posts: 1
Location: Columbus, Ohio USA

PostPosted: Mon Nov 01, 2004 12:58 am    Post subject: Reply with quote

guardbar wrote:
Hello Everyone,

As per your questions reguarding the lawsuit we have open,
We do own PostalManager.com

PostalManager.com is an email list management and delivery service. Our service provides email list owners and publishers complete control and ownership over their database, message delivery and advertising space. Our customers will include opt-in list owners, publishers and marketers who use the service for distributing subscriber-based newsletters, e-zines, promotions and informational digests.

Our no spam policy is here
http://www.postalmanager.com/emailpolicy.htm

The lawsuit is being handled by our lawyer. The email that was sent was a client using PostalManager that has been a client of our for 2 years with no other issues. When dealing with Email Marketing you will always have someone that claims to be spammed when infact they signed up to recieve mailings.
Sadly, there are people out there who just sue for a living.
------------------
Now about Spybouncer and Guardbar...

We do apprecaite your honesty in this forum and take everything you say seriously. We are a very open minded company and respect all critism, positive or negative.

I guess to start, the false positives in Spybouncer will be resolved very shortly through our Live Update system. All of the issues stated above in spybouncer are either being re-worked or in beta for our next release. Keep your eye out for our next couple of releases, these issues will be straightened out shortly. We know that these are some very negative things about our application, but SpyBouncer and Guardbar are always going to be ongoing projects that we will always be developing and continuing to correct flaws and make better.

As per the forums, we are currently in the process of putting up a public forum. I agree with you 100% suzi about the forum issue and wish it has not been put off as long as it has.


I am the person who filed the lawsuit against this company and also the person that runs the indianaspam.com website.

I can tell you that without a doubt, SRC has engaged in spamming activities since at least 2003 from several different domains. I have personally received more than 500 messages from them since 2003. If any of the board admins wish for me to substantiate this claim, they are welcome to contact me.

Its not like I am the only one complaining of spam from SRC domains. Most of SRC's domains are (or were the last time I checked) listed on Spamcop.net's block lists. Do a google search for postalmanager.com and you'll come up with a huge list of spam complaints.

Some examples:

http://news.spamcop.net/pipermail/spamcop-help/2003-April/030763.html
http://www.duntemann.com/knownspamdomains.txt
http://www.hostingandbeyond.com/blocked_domains.php
http://georgi.unixsol.org/programs/spam-filters/badmailpatterns
http://www.tenon.com/lists/html/Post.Office/2003-08/msg00078.html

http://www.occcn.org/visitorbook/book.html - You can see them spamming guestbooks here.

Additionally, I would like to point out that I do have a job that I work about 60 hours each week at. That's in addition to the business I run from my home. I do NOT make my living suing people, as the SRC representative asserts.

Joe should be careful about how much spouting off he does on public forums. Both Indiana and Ohio have slander/libel laws and we'll be happy to draw up a complaint based on that and file it. Not all judges are internet savvy which means some of them will be fooled by a spammer's arguments of innocence, but they have all tried plenty of libel cases and wont be as easily fooled.


PM claims that their lists are opt-in mailings which is nothing short of crap. Every spammer sends to only "opt-in" lists and they all have a "no-spam" policy if you listen to them. But PM has loads of spamming complaints. This is no accident. That's because they send spam. They can rant and rave that they don't spam both inside of court and out of it, but until they can prove otherwise I am not going to buy it nor should any of you.

If you buy someone's opt-in list and start sending to it, you're a spammer. Its not opt-in anymore once it changes hands. In the letter of the Indiana Spam law (IC 24-5-22), the only time it is legal to spam someone is if you have an established business relationship (EBR) with that person. Now, if company ABC has an EBR with you and they sell that list to company XYZ, that doesn't give company XYZ the right to spam you. I have never done business with SRC and contrary to their assertion, I have never signed up to receive any of their crap.

I do, however, have an incredible amount of disdain for spammers, junk faxers and other parasites of that ilk. I take a great amount of pleasure in enforcing the LAWS we have AGAINST sending unsolicited commercial electronic mail messages aka "spam". That is why SRC was sued and why I have filed with The Indiana Court of Appeals seeking to have the verdict entered by the trial court overturned.

If any of you are going to use this Guardian Bar or whatever it is they are trying to sell you on, someone send the program to a competent computer programmer and have it decompiled and examined very carefully. I wouldn't be surprised if this bar does nothing more than collect your e-mail address for another one of their "opt-in" lists.
_________________
..:: http://www.indianaspam.com ::..
Back to top
View user's profile Send private message Visit poster's website
guardbar
Junior Member


Joined: 09 Aug 2004
Last Visit: 03 Nov 2004
Posts: 10

PostPosted: Wed Nov 03, 2004 7:15 am    Post subject: PostalManager Reply with quote

PostalManager does not buy email list or rent them. We built the software and sell the bandwidth. We have had shopping sites use our service, Government sites and many other companies that use our service as a means of communicating to their customers through email. Their users will Opt-In to receive more information or just to keep informed on new information regarding the company.

PostalManager only offers service to customers practicing permission based email marketing with 100% opt-in list. We do not allow our system to be used for unsolicited commercial email.

You can look up any company that is similar to PostalManager and you will see that they also get spam complaints, it doesn't mean they are spammers. I get spam from Yahoo, AOL, MSN and many other hosting companies but it doesn't mean they are spammers and I can't sue AOL just because someone spammed me using an email address that has AOL in it.

They have an abuse stystem set up so they can terminate accounts that are spamming. You can go to any major ISP and you will a complete section on their spam policy and how they try to keep it at a minimum. We also have an abuse system set up so when a complaint comes in we know what username is assocciated with the mailing and we terminate that account.

All of our users must have an IP Stamp, time stamp assocciated with every email address they have hosted with us.

When a list owner uploads a list we look for addresses that have possibly been harvested from the net or generated using software. When our system detects this, it will automatically shut down their account.
Back to top
View user's profile Send private message
JeanInMontana
Warrior


Joined: 16 Jan 2005
Last Visit: 22 Dec 2008
Posts: 177
Location: South Central Montana, USA

PostPosted: Sat Jan 22, 2005 3:13 pm    Post subject: Reply with quote

What has happened to this issue? We have a user on XP Central that has been duped by this program. Is Joe in jail now?
_________________

Hoax~Slayer * hpHosts * T.I.C. * Malwarebytes
* A.S.A.P. Member 2004
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Oct 2014
Posts: 10331
Location: at the beach

PostPosted: Sat Jan 22, 2005 11:28 pm    Post subject: Reply with quote

JeanInMontana wrote:
What has happened to this issue? We have a user on XP Central that has been duped by this program. Is Joe in jail now?


Hmm... that's interesting. We haven't heard anything for a while. Their website is still there.

http://www.guardbar.com/

not much help in the whois info:

http://www.whois.sc/guardbar.com

but this is interesting

guardbar.com = 199.218.5.134

9 domains found on 199.218.5.134
Showing all 9.

Website
www.Canoee.com
www.Confemail.com
www.G00ggle.com
www.Guardbar.com
www.Leadsponsors.com
www.Lsimg.com
www.Nextaag.com
www.Untdd.com
www.Yahooofs.com

The whois info for g00ggle.com has some info:

Quote:
Registrant:
SRC Technologies (BJDIPDDMUD)
PMB 256- 2545 Hilliard Rome Rd
Hilliard, OH 43026
US

Domain Name: G00GGLE.COM

Administrative Contact:
SRC Technologies, SRC Technologies (29603853I)
PMB 256- 2545 Hilliard Rome Rd
Hilliard, OH 43026
US
614-777-8803 fax: 123 123 1234

Technical Contact:
Network Solutions, LLC. (HOST-ORG)
13200 Woodland Park Drive
Herndon, VA 20171-3025
US
1-888-642-9675 fax: 571-434-4620

Record expires on 05-May-2005.
Record created on 05-May-2004.

Domain servers in listed order:

NS1.POSTALMANAGER.COM 199.218.5.162
NS2.POSTALMANAGER.COM 199.218.5.131


Well, that's obviously a fake fax number.

Google is showing the phone number is correct:

http://www.google.com/search?sa=X&oi=fwp&pb=f&q=614-777-8803

Google search results for the phone number are interesting:

http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLD,GGLD:2004-20,GGLD:en&q=614%2D777%2D8803

It might be useful for your member to call that phone number. Let us know what happens if you can.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
JeanInMontana
Warrior


Joined: 16 Jan 2005
Last Visit: 22 Dec 2008
Posts: 177
Location: South Central Montana, USA

PostPosted: Sun Jan 23, 2005 7:59 am    Post subject: Reply with quote

I will post a link to this entire thread and point out this last post of yours Suzi. I had warned them previously about rogue programs and this was the second one he installed! Rolling Eyes We have a section of free, trusted removal programs listed on site.

I am now trying to convince him that he can't pick one and be protected. I gave him a list of 5 for bare bones protection/prevention. If he does anything I find out about I will let you know.
_________________

Hoax~Slayer * hpHosts * T.I.C. * Malwarebytes
* A.S.A.P. Member 2004
Back to top
View user's profile Send private message Visit poster's website
Exodus
Warrior


Joined: 09 Oct 2004
Last Visit: 08 Mar 2006
Posts: 112

PostPosted: Wed Feb 02, 2005 6:26 pm    Post subject: Reply with quote

Well I think "guardbar/Joe" here hit the old dusty trail... Chances are he's long gone. After a bit of searching, I've noticed actual, trusted companies classify Guardbar as Malware. Everything about it is suspicious and in any event I never trust toolbars. I find them an annoyance. I'd also like to congratulate Eric on his flawless tests. I think Guardbar is just another worthless scam.
_________________
http://www.ytmnd.com/
Back to top
View user's profile Send private message Send e-mail AIM Address
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Thu Feb 03, 2005 5:31 am    Post subject: Reply with quote

I am skeptical of toolbars myself but there are two that have been in use for a few months which protects you from online fraud scams (phishing) and allow you to see where different websites are located geographically.

1. SpoofStick1.02 for Internet Explorer 8/18/04
http://www.corestreet.com/spoofstick/internet_explorer.html

2. FraudEliminator
http://www.fraudeliminator.com/download.htm

Both have been discussed in other forums such as:
http://computercops.biz/forum122.html
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion All times are GMT - 8 Hours
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group