| |
 |  Software Networking & Security Networking & Security Discuss AVG Free - help with Virus/Trojan Horse please.... in the Software forums; Hi All, I'm having a spot of bother locating and removing a Trojan Horse which has been detected by ... |
|
Welcome to the ABXZone Computer Forums forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact us. |
 |
| | LinkBack | Thread Tools | Display Modes |
12-23-2004, 08:10 AM
| #1 |
| Registered User  Join Date: Nov 2003 Location: LONDON
Posts: 162
| AVG Free - help with Virus/Trojan Horse please.... Hi All, I'm having a spot of bother locating and removing a Trojan Horse which has been detected by AVG Free (latest version) Basically AVG tell me that it has located a Trojan Horse: "Trojan Horse Downloader.lstbar.4.AZ" - not sure whether thats an I or an L in "lstbar". and it says it's located in: C:\Documents and Settings\DrRedD\local settings\Temporary Internet Files\Content.IE5\8LAZW9Y3\UniDistIO(1).CAB:\UniDist.ocx I've unhidden my files and even the system files, but i cannot locate this file - AVG does not even give me the option to Clean it or Remove it - or even move it to the Vault. Not sure what's going on - Spybot / Adaware / Adware spy - do not detect it at all. Can't even find a trace of it in the AVG Encyclopedia, which is really strange as it has detected it! I'd really appreciate any thoughts on this - as i'm finding it highly annoying! could it be something that's in a "restore point"? - i just read something to that effect, but i'm at work so i can't try to turn it off and wipe the restore points........... anyone have any ideas? DrRedD......
__________________ ASUS P4C800-E Deluxe (1020b BIOS) P4 3 Ghz (O/C'd to 3.3Ghz) 1024 Corsair XMS 3500 ASUS 9800XT HERCULES PROPHETVIEW 920DVi Monitor 2 x M-Audio Audiophile PRO Soundcards, Universal Audio UAD-1 card Zalman Flower CNPS6500B-AlCu Silent Cooler Zalman ZM400A-APF 400W PSU Carillon Audio Case - Rack Mountable 1 x Seagate 80gig IDE, 1 x Seagate 160gig SATA MSI CDR/W, Samsung DVD ROM MSI DVDR/W DR8-A2 XP Pro |
| (Offline) |  |
| | |||
| |
|
12-23-2004, 08:18 AM
| #2 |
| Registered User  Join Date: Sep 2003 Location: Charlotte NC
Posts: 807
|
__________________ My Toys LANPARTY LP-PRO 875B REV B1, Intel 2.8E, 2x512 3500 OCZ, GIGABYTE GV-N57L128DP XFX 6600GT, 80G Seagate SATA SERVER Giga-Byte GA-8KNXP(non ultra)Bios F5,P4-2.6c 800, 2x512MB, PMI 32Mx64 PC3700, Asus Video Card V9280 128mb, 4x80GB Seagate SATA Raid 1 / 5, 1x120gig IDE backup, Test Box: Supermicro P4SBA+, Intel 1.5A, 384mb PC133, 60G IDE Wifes Toys DFI 875P Infinity, Intel 2.4c, Geil PC3500 2x256, 1 80g IDE, 128mb vid, Aopen AX4GPRO, Intel 2.0a, 512mb, 40g IDE, 64mb vid, |
| (Offline) | |
|
12-23-2004, 08:20 AM
| #3 |
| Registered User Join Date: Sep 2003 Location: Charlotte NC
Posts: 807
|
__________________ My Toys LANPARTY LP-PRO 875B REV B1, Intel 2.8E, 2x512 3500 OCZ, GIGABYTE GV-N57L128DP XFX 6600GT, 80G Seagate SATA SERVER Giga-Byte GA-8KNXP(non ultra)Bios F5,P4-2.6c 800, 2x512MB, PMI 32Mx64 PC3700, Asus Video Card V9280 128mb, 4x80GB Seagate SATA Raid 1 / 5, 1x120gig IDE backup, Test Box: Supermicro P4SBA+, Intel 1.5A, 384mb PC133, 60G IDE Wifes Toys DFI 875P Infinity, Intel 2.4c, Geil PC3500 2x256, 1 80g IDE, 128mb vid, Aopen AX4GPRO, Intel 2.0a, 512mb, 40g IDE, 64mb vid, |
| (Offline) | |
|
12-23-2004, 08:24 AM
| #4 |
| Registered User Join Date: Nov 2003 Location: LONDON
Posts: 162
| Thanks Markim for such a speedy reply ! I'll give it all a go tonight when i get home, and let you know how i do.... Thanks again  ...........DrRedD
__________________ ASUS P4C800-E Deluxe (1020b BIOS) P4 3 Ghz (O/C'd to 3.3Ghz) 1024 Corsair XMS 3500 ASUS 9800XT HERCULES PROPHETVIEW 920DVi Monitor 2 x M-Audio Audiophile PRO Soundcards, Universal Audio UAD-1 card Zalman Flower CNPS6500B-AlCu Silent Cooler Zalman ZM400A-APF 400W PSU Carillon Audio Case - Rack Mountable 1 x Seagate 80gig IDE, 1 x Seagate 160gig SATA MSI CDR/W, Samsung DVD ROM MSI DVDR/W DR8-A2 XP Pro |
| (Offline) | |
|
12-29-2004, 06:11 AM
| #5 |
| Registered User Join Date: Nov 2003 Location: LONDON
Posts: 162
| Hi, Oh well - it's a no go - still can't get rid of this sucker! Apparently it's in the Browser Cache - and i have no idea how to get rid of it - I tried all my adware killers in Safe Mode - but still no joy. Just don't understand why AVG detects it and then won't do anything about it. Anyone able to help out anymore - I've tried all the things on the listed threads above - but nothing seems to work...............  Cheers, DrRedD......
__________________ ASUS P4C800-E Deluxe (1020b BIOS) P4 3 Ghz (O/C'd to 3.3Ghz) 1024 Corsair XMS 3500 ASUS 9800XT HERCULES PROPHETVIEW 920DVi Monitor 2 x M-Audio Audiophile PRO Soundcards, Universal Audio UAD-1 card Zalman Flower CNPS6500B-AlCu Silent Cooler Zalman ZM400A-APF 400W PSU Carillon Audio Case - Rack Mountable 1 x Seagate 80gig IDE, 1 x Seagate 160gig SATA MSI CDR/W, Samsung DVD ROM MSI DVDR/W DR8-A2 XP Pro |
| (Offline) | |
|
12-31-2004, 09:02 AM
| #6 |
| Registered User Join Date: Nov 2004 Location: Farmington, Michigan
Posts: 38
| the way I got rid of it was to buy Norton antivirus 2005! I was using AVG but when it wouldnt let me remove ISTBAR that was it! I guess you get what you pay for! Also this is a link for the removal tool from symantic http://sarc.com/avcenter/venc/data/adware.istbar.html
__________________ asus p4pe 2.5 ghz@ 3040 fsb 160 34c/ 55c/stock cooling 512 corsair/2.5 3 3 7 ati 9000 pro |
| (Offline) | |
|
12-31-2004, 09:15 AM
| #7 | |
| Resident ABX Wizard  Join Date: May 2003 Location: London, Ontario
Posts: 8,814
| Quote:
Can you see it when you boot in Safe Mode? Regarding System Restore, you have to turn it off and wipe out previous restores to get rid of this infection. System Restore will contain a copy of the trojan (it maintains copies of all your installed programs and settings) and if you restore from an infected restore point you will be infected again. Only once you are clean should you turn System Restore back on. Do a search on Norton Antivirus (NAV) here at ABXZone though...most users find it as bad as the trojan itself.  | |
| (Offline) | |
|
12-31-2004, 09:36 AM
| #8 |
| Private User Join Date: May 2003
Posts: 640
| Trend Micro's HouseCall: http://housecall.trendmicro.com and yes, this does mean using IE but given that Trend Micro is really good - the risk is worth it. |
| (Offline) | |
|
12-31-2004, 10:49 AM
| #9 |
| Virus? What I am not sick  Join Date: Jan 2003 Location: Central Florida
Posts: 1,965
| I ran in to this when I had a network PC drive shared and attached to my system. I ended up browsing to the IE cahe and deleting all the mutiple copies of the cache folders. I have never really figured out why IE keeps so many copies of it's cache. After deleting rerun your AV prog. I even had to browse the network neighborhood and get to the folder thru the networkneighborhood drive which really is the same drive but gone after thru the network pc name. It would not showup via the normal browse but only thru the neighborhood browse. Delete and it should all go away.
__________________ Giga ga-ep45-ud3p 2.8 E8400 4mb Ram WDC 500Gb XP pro Win7 32 Win7 64 Asus P4S8x 2.0 Ghz Celeron Ram 512MB WDC 80GB HD SATA WDC 80GB SATA Memorex DUAL DVD/RW Win98SE/XP pro Asus P2b-F Cel 450 Ram 256MB W98 SE Optorite CDRW WD 40GB Asrock P4combo P4 346 Xp Pro Sp 3 SATA HD SATA DVD/RW Foxconn 925EX 550 XP Media SP2 Sata HD Sata DVD/RW Foxconn 925EX 550 Xp SP2 Asrock 775Dual 550 Xp pro SP2 IBM T23 1.3hz RAM 512MB XP pro SP2 All systems are networked Konica Minolta Color Laser Samsung clp-315 Color laser Dlink 655 Dlink G650 Wireless Dlink DNS-323 1TB NAS |
| (Offline) | |
|
12-31-2004, 01:16 PM
| #10 |
| Wisdom Will Always Linger  Join Date: May 2004 Location: Belize, The Jewel
Posts: 3,191
| I recall downloading a dos version of fsecure and that did the job.
__________________ **************************************************************************************************** ******************************************************************************** Knowledge: Either you have it or know where to get it! **************************************************************************************************** ******************************************************************************** You need to have the right question to obtain the right answer. **************************************************************************************************** ******************************************************************************** The greatest right any nation can afford its people is the right to be left alone. **************************************************************************************************** ******************************************************************************** BIOSTAR - P4M80-M4, P4-2.8E HT, MSI NX6200AX-TD256 DDR, 2X512 PC3200 MICRON DDR 400, HITACHI 80G & SAMSUNG 40G, LITEON 20XDVDR, MOTOROLA SB5100 CABLE MODEM, 56K V92 AGERE FAX MODEM, X TECH OPTICAL MOUSE, AIR COOLED - 5 FANS, JAUNTY JACKALOPE 9.04 **************************************************************************************************** ********************************************************************************  |
| (Offline) | |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
