Sponsored By

Sign in to follow this  
Snaxe

Ibis Toolbar/huntbar

Recommended Posts

I have been finding this for a while. In Spybot it finds it as HuntBar and says its in use. I run Spybot in safe mode and it still says its in use. I let it run at startup, it's still in use. Today I started finding the DSO Exploit which Spybot says gets deleted but finds again in an immediate scan after. Ad-Aware finds the IBIS ToolBar which from a Google I found is the same as the HuntBar. Also, they both list the same registry entry which it won't let me delete. I found a few ways to delete it via Google, but they were either too complicated and something I felt risky or they said to delete certain things which didn't exist. I really have no idea what else to post like an HJT log or something; just tell me what to post, and I will. Oh, XP Home SP1

Share this post


Link to post
Share on other sites

Here's a couple of links that might help you out. I don't know if you've seen these or not.

doxdesk.com

kephyr.com

It looks like, depending on what variant you have; it could be easy

to remove, or a real pain in the butt.

Hopefully you've got the easy one.

Share this post


Link to post
Share on other sites

I don't recommend Noadware it is a rogue spyware program and not a good program to use. If anything is listed here that means it is bad.

Rogue Spyware Programs List

So, I don't think it is a good idea to use that scan. If you scroll down the page a little you will see it listed. Also download HijackThis and post a log in the proper forum for logfiles. TG I am going to remove that link for safety. I hope that's Ok.

B

Share this post


Link to post
Share on other sites

Hi snaxe, this is how I manually removed the DSO exploit, I'm sure that there are a couple other ways to do it, but this is the route I took.

Basically after you are done with your scan, the DSO exploits(5 for me) will come up.Before you do anything, since you will be in the registry, please back it up.

To backup your registry: start> run> regedit(enter)> right-click on the key you will be altering> export> save.

Once SpyBot S&D is done scanning, do not choose to fix the DSO exploits, expand the entries by clicking the "+" sign. Right-click on one of the keys brings up the menu> more details> jump to location, it will allow you to navigate to the key. You can also follow the path of the key in the registry.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

Go to the "1004" key under the "0" folder and if it says under type "REG_SZ" delete it. Right-click in the keys window> new> DWORD Value and name it "1004", like the previous key.

Select the new "1004" key> right-click> modify> value data> enter a 3 > click ok . Repeat for the other keys, reboot after altering a key to see if it works.

old key: "1004".......REG_SZ......... (no value)

new key: "1004".......REG_DWORD......0x00000000 (3)<-- added value of 3

I also believe since that is a native problem to Spybot S&D that is used identify knockoffs of Spybot. I believe I read that at the Spywarewarriors site, can't remember right now. Hope that helps

Share this post


Link to post
Share on other sites
I don't recommend Noadware it is a rogue spyware program and not a good program to use.  If anything is listed here that means it is bad.

Rogue Spyware Programs List

So, I don't think it is a good idea to use that scan.  If you scroll down the page a little you will see it listed.  Also download HijackThis and post a log in the proper forum for logfiles.  TG I am going to remove that link for safety.  I hope that's Ok.

B

No problem. Appreciate it.

Also, thanks for the link.

Share this post


Link to post
Share on other sites

See, the thing is, none of those work. It says to get rid of registry entries and a file, none of which are existing on my computer. The only remnant of it is HKEY_LOCAL_MACHINE\SOFTWARE\BTIEIN and any subkeys.

The DSO Exploit no longer appears.

Share this post


Link to post
Share on other sites

Did you have this problem before pete checked your log?

EDIT

Never mind, I see you already posted a log in the HJT forum.

Share this post


Link to post
Share on other sites

No I did not. Anyway, I'm getting a new computer so it doesn't really matter. It's now only going to be used rarely by my mom. My brother said he was going to reformat it also. Thanks for everyone's help.

I didn't know cats liked beer....

Share this post


Link to post
Share on other sites

If i have toolbars like mysearch stuff thats not really know and adaware spybot cant destroy you can just

-Adjust the settings of IE privacy to make it so you dont run any 3rd party stuff on your IE. This gets rid of toolbars and probably some stuff we cant see.

All of my comps have this setting done and i personally love it.

No problems. For people like me who are just attached to IE :D

Share this post


Link to post
Share on other sites

Firefox=awesome...IE=the opposite of awesome...

The toolbar doesn't even show up. The computers not connected to the internet anymore either. I also remember saying that the reg entry is the only trace of it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this