Trojan Downloader Istbar.4.H... problems

Discussion in 'malware problems & news' started by jesseb, Jul 21, 2004.

Thread Status:
Not open for further replies.
  1. jesseb

    jesseb Registered Member

    Joined:
    Jul 21, 2004
    Posts:
    2
    Hello, I have AVG and when I run a scan the Trojan Downloader Istbar.4.H..
    Is found, When I try to get AVG to get rid of the virus, it sends me a message that says, "access to the file is denied"....

    How can I get rid of this trojan.....

    Thanks, Jesse... o_O
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas

    Close all programs.

    Turn off System Restore

    Run AVG Complete Scan

    Turn on System Restore.

    If you can't find Trojan horse Downloader.Istbar.4.G, AVG may have moved it to the Virus Vault. Check the Virus Vault
     
  3. jesseb

    jesseb Registered Member

    Joined:
    Jul 21, 2004
    Posts:
    2
    I did what you said Ron, and with no luck....

    AVG couldn't remove the virus to the Virus Vault...

    Do you have any other suggestions?

    Thanks, Jesse.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Can you try the safe mode to delete that file?

    safe mode
     
    Last edited: Jul 21, 2004
  5. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi jesseb,

    Does AVG give you a location of the file? And, what operating system do you have; version of IE too?
     
  6. lvelascow

    lvelascow Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    1
    I have the same problem, when I run AVG scan the Trojan Downloader Istbar.4.H. is found.
    They recommended "move to virus vault" When I try to get AVG to get rid of the virus, it sends me a message that says, the file can not be removed. what can I do?

    Luis
     
  7. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    Where does AVG say the file is:

    Most antiviruses are notoriously bad about fixing adware files and ISTbar is a particularly difficult one to remove

    the best way is to use a specific spyware/adware remover

    Download and unzip or install these programs/applications if you haven't already got them. If you have them, then make sure they are updated and configured as described

    Spybot - Search & Destroy from http://security.kolla.de
    AdAware SE from http://www.lavasoft.de/support/download


    Run Sybot S&D

    After installing, first press Online, press search for updates, then tick the updates it finds, then press download updates. Beside the download button is a little down pointed arrow, select one of the servers listed. If it doesn't work or you get an error message then try a different server

    Next, close all Internet Explorer and OE windows, press 'Check for Problems', and have SpyBot remove all it finds that is marked in RED.

    then reboot &

    Run ADAWARE

    Before you scan with AdAware, check for updates of the reference file by using the "webupdate".
    the current ref file should read at least SE1R4 16.08.2004 or a higher number/later date
    Then ........
    click the "Scan" button. and select full scan

    When scan is finished, mark everything for removal and get rid of it. (Right-click the window and choose"select all" from the drop down menu) then press next and then say yes to the prompt, do you want to remove all these entries. You can safely ignore any MRU entries though and not delete them

    reboot again
     
  8. maddawgz

    maddawgz Registered Member

    Joined:
    Aug 13, 2004
    Posts:
    1,277
    Location:
    Earth
    Hi jessb..I had that two..2 of them in my restore the a2 free scanner got them both !! :D
     
  9. loz100

    loz100 Guest

    Hi

    I have te trojan horse downloader. ist.4.h virus

    How can i get rid of it i need a step by step explanation i do not understand the above
     
Loading...
Thread Status:
Not open for further replies.