Ibis Toolbar/huntbar


Recommended Posts

I have been finding this for a while. In Spybot it finds it as HuntBar and says its in use. I run Spybot in safe mode and it still says its in use. I let it run at startup, it's still in use. Today I started finding the DSO Exploit which Spybot says gets deleted but finds again in an immediate scan after. Ad-Aware finds the IBIS ToolBar which from a Google I found is the same as the HuntBar. Also, they both list the same registry entry which it won't let me delete. I found a few ways to delete it via Google, but they were either too complicated and something I felt risky or they said to delete certain things which didn't exist. I really have no idea what else to post like an HJT log or something; just tell me what to post, and I will. Oh, XP Home SP1

Link to post
Share on other sites

I don't recommend Noadware it is a rogue spyware program and not a good program to use. If anything is listed here that means it is bad.

Rogue Spyware Programs List

So, I don't think it is a good idea to use that scan. If you scroll down the page a little you will see it listed. Also download HijackThis and post a log in the proper forum for logfiles. TG I am going to remove that link for safety. I hope that's Ok.

B

Link to post
Share on other sites

Hi snaxe, this is how I manually removed the DSO exploit, I'm sure that there are a couple other ways to do it, but this is the route I took.

Basically after you are done with your scan, the DSO exploits(5 for me) will come up.Before you do anything, since you will be in the registry, please back it up.

To backup your registry: start> run> regedit(enter)> right-click on the key you will be altering> export> save.

Once SpyBot S&D is done scanning, do not choose to fix the DSO exploits, expand the entries by clicking the "+" sign. Right-click on one of the keys brings up the menu> more details> jump to location, it will allow you to navigate to the key. You can also follow the path of the key in the registry.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

Go to the "1004" key under the "0" folder and if it says under type "REG_SZ" delete it. Right-click in the keys window> new> DWORD Value and name it "1004", like the previous key.

Select the new "1004" key> right-click> modify> value data> enter a 3 > click ok . Repeat for the other keys, reboot after altering a key to see if it works.

old key: "1004".......REG_SZ......... (no value)

new key: "1004".......REG_DWORD......0x00000000 (3)<-- added value of 3

I also believe since that is a native problem to Spybot S&D that is used identify knockoffs of Spybot. I believe I read that at the Spywarewarriors site, can't remember right now. Hope that helps

Link to post
Share on other sites
I don't recommend Noadware it is a rogue spyware program and not a good program to use.  If anything is listed here that means it is bad.

Rogue Spyware Programs List

So, I don't think it is a good idea to use that scan.  If you scroll down the page a little you will see it listed.  Also download HijackThis and post a log in the proper forum for logfiles.  TG I am going to remove that link for safety.  I hope that's Ok.

B

No problem. Appreciate it.

Also, thanks for the link.

Link to post
Share on other sites
  • 2 weeks later...

See, the thing is, none of those work. It says to get rid of registry entries and a file, none of which are existing on my computer. The only remnant of it is HKEY_LOCAL_MACHINE\SOFTWARE\BTIEIN and any subkeys.

The DSO Exploit no longer appears.

Link to post
Share on other sites
  • 2 weeks later...

No I did not. Anyway, I'm getting a new computer so it doesn't really matter. It's now only going to be used rarely by my mom. My brother said he was going to reformat it also. Thanks for everyone's help.

I didn't know cats liked beer....

Link to post
Share on other sites
  • 2 weeks later...

If i have toolbars like mysearch stuff thats not really know and adaware spybot cant destroy you can just

-Adjust the settings of IE privacy to make it so you dont run any 3rd party stuff on your IE. This gets rid of toolbars and probably some stuff we cant see.

All of my comps have this setting done and i personally love it.

No problems. For people like me who are just attached to IE :D

Link to post
Share on other sites

Firefox=awesome...IE=the opposite of awesome...

The toolbar doesn't even show up. The computers not connected to the internet anymore either. I also remember saying that the reg entry is the only trace of it.

Link to post
Share on other sites
  • 19 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...