trojan downloader, probably istbar

[anna]

hi
i'm having problems with the istbar removal. no matter how many different removals i've tried the problems still remain. you're my last hope.
here's my hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 09:11:08, on 2005-03-10
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\wucxt.exe
C:\Program\Grisoft\AVGFRE~1\avgcc.exe
C:\Program\Grisoft\AVGFRE~1\avgemc.exe
C:\Program\Java\jre1.5.0_01\bin\jusched.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\wpabaln.exe
C:\Program\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\notepad.exe
C:\GMx.exe
C:\GMx.exe
C:\GMx.exe
C:\Documents and Settings\arvid\Skrivbord\hijackthis.exe
C:\GMx.exe
C:\GMx.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\Program\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [*Microsoft Update] wucxt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Program\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\RunServices: [*Microsoft Update] wucxt.exe
O4 - HKCU\..\Run: [*Microsoft Update] wucxt.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8F1FDFD-C125-4D22-8DAC-DA612A82E736}: NameServer = 195.58.103.124 195.58.103.18
O23 - Service: *Microsoft Update - Unknown owner - C:\WINDOWS\System32\wucxt.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVGFRE~1\avgupsvc.exe

[sachin214]

hi even i had this ist bar nuisance

all antivirus software seem to detect it but not delete it

it was only after i tried kaspersky personnel pro i got rid of it

you can download kaspersky trial from there official website

remember to set max protection settings


even spysweeper is able to delete it but ist try kaspersky

cheers