IST BAR infections

[qrius2noall]

Before i start my new problem,many thanks for addressing and suggesting remedies for my last query.thanks to you guys,that issue is resolved ,hopefully for ever.

After a scan by antispyware,the report says about IST bar gives its location as;

HKCU/SOFTWARE/MICROSOFT/WINDOWS/CURRENTVERSION/INTERNETSETTINGS/ZONEMAP/DOMAINS/SEARCHMIRACLE.COM AND 5 MORE NAMES OF DIFFERENT SITES

In the registry,under DOMAIN ,I found lot more sites addresses which are very offensive and I wish these sites urls were not there, so I spent lot of time to remove these names from the registry manually by deleting each name manually and thought the problem should be over.......,but to my surprise those names are still there....SO I W'D LIKE TO KNOW FROM YOU GUYS ,HOW TO REMOVE THESE ISTBARS.

What can happen if instead of deleting each name one by one manually,can I just delete the whole DOMAIN entry in the registry.....If it means a bit slow browsing next time ,I dont mind that so long as these offensive entries are gone for ever.

OR THERE IS A BETTER WAY OF DOING THAT?THANKS IN ANTICIPATION FOR YOUR HELP

CHEERS

[polonus]

Hi grius2noall,

There is removal instruction here: http://www.kephyr.com/spywarescanner/library/istbar/index.phtml

You could also use toolbar cop from here: http://windowsxp.mvps.org/toolbarcop.htm

polonus

[qrius2noall]

Thanks for your help POLONUS !

Sometimes we have to learn the hardway.

The scan was done with an antispyware,which listed these 5 entries as IST bars and wated me to buy their product to be able to remove these entries.That is when my curiousity went overboard and i wanted to learn to remove these myself,that i posted this topic.

Removing these entries from registry manually was frustrating AS THESE WERE COMING BACK ON EVERY REBOOT AND RIGHTLY SO BECAUSE THE DOMAIN KEY CONTAINS DEFINITIONS OF SPYWARE BLASTER-so it should not be removed in the first place.

That leaves me in very curious situation -the scan by SPYERASER was just a false positive or a trick to lure people by way of a free scan and later asking people to buy their product in the name of removing false entries which shouldn't be there in the first place.

STRANGE ARE THE WORKING S OF THIS WORLD....

AT LAST THE ISSUE SEEMS TO HAVE BEEN RESOLVED

[FreewheelinFrank]

Hi qrius2noall,

SpyEraser is not listed as a rogue product, but a quick Google reveals it performs very poorly:

http://www.pcmag.com/article2/0,1759,2091004,00.asp

Get yourself some good anti-spyware scanners:

AVG Anti-Spyware (Requires Win2k/XP):

http://www.ewido.net/en/

a-Squared Free:

http://www.emsisoft.com/en/software/free/

Ad-Aware:

http://www.download.com/3000-2144-10045910.html

Spybot Search & Destroy:

http://www.safer-networking.org/en/download/index.html

These should remove any malware registry entries automatically.

As you've realised, SpywareBlaster puts a lot of bad sites in the registry so they are blocked in Internet Exporer. Open Internet Explorer and you will see the bad sites in the restricted zone; just make sure non appear in the trusted zone.

[qrius2noall]

Thanks for your input FreewheelinFrank !

In fact you may perhaps call me a paranoid,because I have AVAST(Resident as well as periodical scan-at least once a week,automatic updates),SPYBOT-S&D(TEATIME,RESIDENT AND WEEKLY SCAN)INSTALLED IN THE SYSTEM TRAY(In fact these two are the only applications in start up.
But besides that almost daily use of CCLEANER,ROGUE REMOVER,SPYWARE BLASTER,ADAWARE are the additional .
And once a week kind of scans by additional safety productslike SPYSWEEPER.,REGSEEKER,ROOTKIT REVEALER ,SUPERANTISPYWARE.ETC

It was as a trial of occasional use of SPYERASER THAT I ran into a situation mentioned above,which is a learning exercise for newbie like me

I HOPE WITH THE GUIDANCE AND HELP EXTENDED BY THE EVANGELISTS HERE,I CAN LEARN HOW TO GET OUT OF TOUGH SITUATIONS WHICH I LAND INTO BECAUSE OF (AS MY NAME SUGGESTS) BEING QRIUS2NOALL

CHEERS