Toolbar888

Toolbar888 is an adware plugin for Microsoft Internet Explorer.

When Toolbar888 is installed the following files are typically created:

<Common Files>\(1CFB7DCA-0AE9-2057-1020-03091803002c)
<Common Files>\(1CFB7DCA-0AE9-2057-1020-03091803002c)\services.dll
<Common Files>\(1CFB7DCA-0AE9-2057-1020-03091803002c)\Update.exe
<Common Files>\(3CFB7DCA-0AE9-2057-1020-03091803002c)
<Common Files>\(3CFB7DCA-0AE9-2057-1020-03091803002c)\Activate.exe
<Common Files>\(3CFB7DCA-0AE9-2057-1020-03091803002c)\MyToolBar.dll
<Common Files>\(3CFB7DCA-0AE9-2057-1020-03091803002c)\Uninst.exe

The following registry entry is created to run Update.exe on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
(1CFB7DCA-0AE9-2057-1020-03091803002c)
<Common Files>\(1CFB7DCA-0AE9-2057-1020-03091803002c)\
Update.exe" mc-110-12-0000272

The file MyToolBar.dll is registered as a COM object, toolbar and Browser Helper Object (BHO) for Microsoft Internet Explorer, creating registry entries under:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Browser Helper Objects\(C004DEC2-2623-438e-9CA2-C9043AB28508)
HKCU\Software\Microsoft\Internet Explorer\Toolbar\
WebBrowser\(C004DEC2-2623-438E-9CA2-C9043AB28508)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
(C004DEC2-2623-438e-9CA2-C9043AB28508)
HKCR\TypeLib\(569304BA-83ED-4CFF-AC26-BE3E482F7208)
HKCR\MyToolBar.MyToolBarObj
HKCR\MyToolBar.MyToolBarObj.1
HKCR\Interface\(C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B)
HKCR\CLSID\(C004DEC2-2623-438e-9CA2-C9043AB28508)

Registry entries are created under:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToolBar888
HKCU\Software\Classes\CLSID\(1CFB7DCA-0AE9-2057-1020-03091803002c)

Toolbar888 provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "ToolBar888".