Istbar help!

I've followed the how to guide and I can't get rid of this. I've tried the removal tools through symantec and it still comes back. I've got the latest version of hijack this, and analyzed the log through help2go and hijack this analysis; followed their suggestions, but it keeps coming back. Can anyone help?

 

Hi Zombie,

I assume you looked in Add or Remove Programs for IstSvc and removed it? Did you do the same in your Program Files folder?

Please send us a HijackThis Log. Please be sure to follow the instructions below:

Note that your HijackThis should be up-to-date (v1.99.1) and MUST be extracted to its own safe folder – C:\Program Files\HijackThis! Should you need a Fresh Download of HJT, get it HERE: HijackThis v1.99.1

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log as a .txt File and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

Somebody will try to take a look as soon as they get a chance.

PP

 

I removed it from add/remove but it comes back, here is the hjt log. Thank you.

 

Hi Zombie,

Before you start the instructions below, you MUST disable SpyBotSD's "Tea Timer" function as it may interfere with the fixing process!!


Please print out these instructions so that you can operate with All Browser Windows CLOSED.
Please make sure System Restore is OFF and the Viewing of Hidden Files is Enabled as per the tutorial.


Now, look in Task Manager (Ctrl-Alt-Del) for the following running processes and, if you see them, try to END them:

istsvc.exe
bsfgx.exe

Now scan with HijackThis and Check the Boxes for the following:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch

O4 - HKLM\..\Run: [LoGV8ep3L] C:\WINDOWS\bsfgx.exe
O4 - HKLM\..\Run: [LoGV80°¿ÔÇs]µ9Ó3âC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\bsfgx.exe
O4 - HKLM\..\Run: [LoÈ´0°¿ÔÇs]µ9Ó3âÕC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\bsfgx.exe

O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Please boot into Safe Mode with the Viewing of Hidden Files Enabled and navigate to and DELETE the following if they should remain:

C:\Program Files\ISTsvc ---> The Folder
C:\WINDOWS\bsfgx.exe

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Reboot to Normal Windows and Scan with HijackThis and attach that log.
Let me know of any problems you may have encountered with the above instructions and how your computer is running now. I will try to check back when time permits.

Best luck
PP

 

Hi PP, I followed your instructions and had no problems with them. My PC is running better now. None of the scanners are showing the ist, so I am assuming that it is gone. Thanks, here is the hjt log.

 

Oopsie.. i don't know what has happened, but the button to attach files is not showing up. I've reloaded this page a few times. Is there another way to attach files?

 

I had hjt fix the O23 lines, but when I ran it again they came back. No audio or video problems.

I've never used those media music servers, so I can't say.

 

I'm having a brain fart right now..but where is the go advanced button? Sorry.

 

Are you trying to add an attachment to your post?

 

Jus copy and paste the complete new log into your post and I'll deal with it.

PP

 

Here it is, sorry guys.

 

Your HJT Log looks OK to me!

If you desire, you can clean this McAfee Remnant:
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

And this line if not using Kaspersky:
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize

I saw nothing evil remaining. I trust things are running well?

While you're here, have a peek at Chaslang's Recommendations!!

PP

 

Everything is fine now. Thank you PP!

 

You're Welcome!