{"id":128,"date":"2005-03-11T13:01:27","date_gmt":"2005-03-11T18:01:27","guid":{"rendered":"http:\/\/mancide.net\/wordpress\/2005\/03\/11\/more-nasty-spyware-ist-bar\/"},"modified":"2005-03-11T13:01:27","modified_gmt":"2005-03-11T18:01:27","slug":"more-nasty-spyware-ist-bar","status":"publish","type":"post","link":"https:\/\/mancide.net\/blog\/2005\/03\/11\/more-nasty-spyware-ist-bar\/","title":{"rendered":"More Nasty Spyware: IST Bar"},"content":{"rendered":"<p>Ran across another nasty spyware today, and again, <a href=\"http:\/\/castlecops.com\/\">Castle Cops<\/a> was able to help me figure out how to get it out. <a href=\"http:\/\/castlecops.com\/postt54165.html\">IST Bar<\/a> seems to be a rather nasty little bugger and most spyware can&#8217;t help you get it out. However, there is a tool you can use, Process Explorer from <a href=\"http:\/\/www.sysinternals.com\/\">sysinternals.com<\/a> that will help you get rid of it. Instructions from the thread have been copied below:<\/p>\n<blockquote><p>\n1. Download a freeware Process Explorer for Windows from www.sysinternals.com, install and run it<br \/>\n2. Find the mother of ISTsvc.exe, for my case, it was c:\\Windows\\yagoumc.exe<br \/>\n3. Fire up TaskManager, stop the mother process<br \/>\n4. Delete the mother .exe<br \/>\n5. Again, stop the ISTsvc.exe<br \/>\n6. Delete the ISTsvc.exe<br \/>\n7. Run Ad-Aware to clean up Registry entries\n<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Ran across another nasty spyware today, and again, Castle Cops was able to help me figure out how to get it out. IST Bar seems to be a rather nasty little bugger and most spyware can&#8217;t help you get it out. However, there is a tool you can use, Process Explorer from sysinternals.com that will [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-128","post","type-post","status-publish","format-standard","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/posts\/128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/comments?post=128"}],"version-history":[{"count":0,"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/posts\/128\/revisions"}],"wp:attachment":[{"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/media?parent=128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/categories?post=128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mancide.net\/blog\/wp-json\/wp\/v2\/tags?post=128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}