A simple plea
Today, while removing a trojan from Iria's computer, I discovered a pastime previously known only to computer geeks: registry editing.
I would just like to remind everyone to be careful out there on the internet. Spare yourself the pain of decoding techspeak and making 'registry edits'...
i. Navigate to and delete the following subkeys if they exist:Holy hell. Note that this was step 'i'.
HKEY_LOCAL_MACHINE\SOFTWARE\ISTbar
HKEY_CURRENT_USER\Software\ISTbar
HKEY_CURRENT_USER\Software\IST
HKEY_LOCAL_MACHINE\SOFTWARE\ISTsvc
HKEY_CLASSES_ROOT\ISTbar.BarObj
HKEY_CLASSES_ROOT\Pugi.PugiObj.1
HKEY_CLASSES_ROOT\Pugi.PugiObj
HKEY_CLASSES_ROOT\
TestContentMatchControl1.ContentMatchTag
HKEY_CLASSES_ROOT\
TestContentMatchControl1.ContentMatchTag.1
HKEY_CLASSES_ROOT\CLSID\
{018B7EC3-EECA-11D3-8E71-0000E82C6C0D}
HKEY_CLASSES_ROOT\CLSID\
{386A771C-E96A-421f-8BA7-32F1B706892F}
HKEY_CLASSES_ROOT\CLSID\
{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\CLSID\
{5F1ABCDB-A875-46c1-8345-B72A4567E486}
HKEY_CLASSES_ROOT\CLSID\
{771A1334-6B08-4a6b-AEDC-CF994BA2CEBE}
HKEY_CLASSES_ROOT\CLSID\
{7C559105-9ECF-42b8-B3F7-832E75EDD959}
HKEY_CLASSES_ROOT\CLSID\
{DC341F1B-EC77-47BE-8F58-96E83861CC5A}
HKEY_CLASSES_ROOT\CLSID\
{FAA356E4-D317-42A6-AB41-A3021C6E7D52}
HKEY_CLASSES_ROOT\Interface\
{0985C112-2562-46F2-8DA6-92648BA4630F}
HKEY_CLASSES_ROOT\Interface\
{0E704BA4-C517-4BE7-A1CD-C3FFDA1E1FFE}
HKEY_CLASSES_ROOT\Interface\
{7B178417-3CDA-444F-94FF-312C0A3A78A8}
HKEY_CLASSES_ROOT\Interface\
{7B9A715E-9D87-4C21-BF9E-F914F2FA953F}
HKEY_CLASSES_ROOT\Interface\
{90CE74CC-788A-4A00-B38D-CBCA08CC9E8F}
HKEY_CLASSES_ROOT\Interface\
{9388907F-82F5-434D-A941-BB802C6DD7C1}
HKEY_CLASSES_ROOT\Interface\
{A36A5936-CFD9-4B41-86BD-319A1931887F}
HKEY_CLASSES_ROOT\Interface\
{BF06DA8E-2BEB-4816-9BBD-F7625246E245}
HKEY_CLASSES_ROOT\Interface\
{DC065FA6-08F9-4C50-99DC-275D16CFC5BD}
HKEY_CLASSES_ROOT\Interface\
{EAF2CCEE-21A1-4203-9F36-4929FD104D43}
HKEY_CLASSES_ROOT\TypeLib\
{67907B3C-A6EF-4A01-99AD-3FCD5F526429}
HKEY_CLASSES_ROOT\Typelib\
{68BF4626-D66B-4383-A6AF-62E57E9B6CD4}
HKEY_CLASSES_ROOT\Typelib\
{6D3F5DE4-E980-4407-A10F-9AC771ABAAE6}
HKEY_CLASSES_ROOT\TypeLib\
{89A10D64-83BF-41A4-86A3-7AAF1F8F3D1B}
HKEY_CLASSES_ROOT\TypeLib\
{8C752C5E-3C10-4076-AF0A-FFC69FA20D1B}
HKEY_CLASSES_ROOT\TypeLib\
{CC257918-F435-4A33-8231-2B8195990CCA}
HKEY_CLASSES_ROOT\TypeLib\
{DB447818-96B4-40DF-8A55-720DA496F514}
HKEY_CLASSES_ROOT\TypeLib\
{E9A5B71C-093B-4F34-AF07-34FCA89BA0DF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Code Store Database
\Distribution Units\
{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Code Store Database
\Distribution Units\
{7C559105-9ECF-42B8-B3F7-832E75EDD959}
HKEY_CLASSES_ROOT\Component Categories
\
{00021494-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion
\Uninstall\ISTbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion
\Uninstall\ISTbarISTbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion
\Uninstall\ISTsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer
\Browser Helper Objects\
{A3FDD654-A057-4971-9844-4ED8E67DBBB8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion
\Internet Settings\ZoneMap\Domains\contentmatch.net
HKEY_CLASSES_ROOT\ISTx.Installer
HKEY_CLASSES_ROOT\ISTx.Installer.2
HKEY_CLASSES_ROOT\ISTactivex.Installer
HKEY_CLASSES_ROOT\ISTactivex.Installer.1
HKEY_CLASSES_ROOT\ISTactivex.Installer.2
HKEY_CLASSES_ROOT\YSBactivex.Installer.1
HKEY_CLASSES_ROOT\YSBactivex.Installer
I would just like to remind everyone to be careful out there on the internet. Spare yourself the pain of decoding techspeak and making 'registry edits'...
Remember: Use protection.
