Ok here's how to detect it. If you have downloaded an exe file or zip file which gave you the ISTsvc Virus, then there is a big possibility that your UPLOAD File is flooded with 3,000 more of this same exe file or zip file disguised with some other software names. Eventually, these files are open for downloading by other unsuspecting users. No one will know since the file name is camouflaged to some other filenames such as those which they would want to download. Worst, this file will keep on multiplying and it would perhaps make LIMEWIRE have the same fate as what KAZAA had... FULL OF CRAPS!!

So if

1. You have downloaded an exe or zip that can't be installed (Normally it will give you a message that says: Software outdated, contact vendor for copy" or something to that effect.

2. You are infected with ISTsvc spyware

3. The total numbers of files you share to LIMEWIRE for upload suddenly went up to hundreds (You can find that below Quality indicator bar)

4. When you scan for virus or adwares you notice that you suddenly have C:\Uploads and it takes a long time to scan it because of the large no. of files which you never thought of having

Then you are victimized!!!!


To remove these annoying files is to simply type C:\Uploads in your location bar and type enter OR unhide ALL hidden folders and locate C:\Uploads and delete them

Remember these are "hidden files" and the size of each file is 765.5 kb

and you have to remove the ISTsvc Spyware and other IST spywares (they come in group) with Spybot, Ad-aware and Spyware doctor that can all be downloaded for free.

The 765.5Mb files and similarly the 399.9Mb files are tainted with viruses and intrusions! If you are looking to download a file of these lengths don’t waste the bandwidth, these files are not what they claim to be anyway! If you are sharing files with these exact sizes, you are probably infected, please check them and at least don’t share them until you are sure!

McAfee 8.0 Pro is available here and does a great job protecting against the viruses without eating up resources; scanreg /restore, when set to a date before the infection is probably the best way to undo the damage to your system and get away from the pop-ups!

(In Win98/ME go to Start, then Run then type scanreg /restore and press enter, (the space between scanreg and /restore is important,) choose a date where your system wasn’t infested…) (Win/XP launch the System Restore Utitlty, if you can’t find it try: Start, then Run then type msconfig press enter you'll se the Launch System Restore 3D button here, again choose a date where your system wasn’t infested…)

The problem here is getting ridiculous!

Thanks for the advice...

But deleting the files and running scans (Microsoft Antispyware, Adaware and Norton) haven't fixed it. Each time I reboot my computer there are hundreds of new files in c:/uploads! And I get the same trojans, etc, showing up in my scans.

It's driving me mad as my computer is now soooo slow and I can't concentrate on my work. Does anyone have any other advice?

I also tried System Restore, going back several weeks several times, but each time it failed. Grrrr!

Any other advice is much appreciated!

cheers

i would say that reformatting your computer could be the last resort. You can still save your computer w/o reformatting.

If you have a Norton Antivirus then that would perhaps solve your problem. The virus that may be lurking inside your computer right now is the IST viruses. They come in all sorts of forms. One of which is the IST bar in your Interner browser. If this bar appears in your IE screen then you are infected with the IST virus that hides in some other parts of your computer.

Update your Norton then scan somputer. It will eliminate all these IST viruses. Norton may ask you to run your computer in the safemode but don't worry 'cause it will lead you to its technical support site which will give the step by step procedure

I have been dealing with this problem for some time now..I've found that what works best for me is to use NORTON GoBack! as soon as your anti-virus finds one of these viruses..Don't wait!..GoBack 10 or 20 mins. then clean all you cache files and go to your Incomplete folder in C: and remove the file if its still there!...Of course this don't help those who already got the Cooties!!..Nice thread..Im sure it will be a very popular subject soon...This virus thing has almost takin over already!..It must be stopped by us the users or forget P2P on this network..Post warnings under every program file name you can think of and lets inform the un-knowing of this problem!!

I think its the same virus as this one

http://www.gnutellaforums.com/showth...threadid=39692

just put avg on my computer and found "1495" virus's and trogen horse's. Just picked them up last nite. noticed i had an upload file all of the sudden and had adde 700 new files to my shared. thanks for the info. got rid of all of them. I will sure be on the watch out from now on.

Would this be classed a Worm or a Trojan? In search of other information I happened upon this forum and this thread and had to lend what I knew. Yes, I had it. My version I felt was so below the belt, even for the creeps making a living at this type of code. (Lets face it, they are the same ones that are on LW looking for/perpetuating kiddie porn....and likely kick dogs) Being semi new to LW and very new to the 'winrar' comp. format, the file size cue deceived me totally. By the sounds of it I may have gotten off easier then some here. Likely due to my stubborn curiosity as apposed to actual knowledge. That actually led me to a few other tid bits. **To Note**: Be aware of Actual anti-virus apps. on LW. That's the kicker! and/or Their respective '******s'!!! Hiding in the form of a setup file in anti-virus.zip is one thing but a lot of key genskey gens are right about the size of this virus. Don't wait for your auto protect to catch up and do a specific file scan on everything you get for free. **Also** This virus 'can' give you a false poss. when updating your definitions to your primary and secondary scanner (no joke), so having 3 or 4 'different types geared to slightly different things can pick them out. Even the light ****** freebie can show a differing result, that's the cue. This is strange - for me it was "NERO" that "FOUND" these inevitable files and it wasn't due to it's on board VS. LOL I was simply making a compilation CD and looking to fill some space at the end. As I'm clicking through the file tree I come across this folder that was filled with files that matched perfectly my search/download behavier on LW. There was 'Almost' no reason to question them at all. 585 of them. That # did tweak to me as "NORTON 2007!!!!" (obtained directly through the Norton download site) said that it had dealt with them! Well it didn't. It just saw fit to make them invisable now, 100% of the time. Till I'm browsing through Nero instead. It was nutty I tells ya!

first turn off system restore restart in safe mode then run antivirus to get rid of it.

do your own homework for the how to's

There isn't a quote so I am confused if this was directed at me???? I still don't know much but I'm the homeworking-ist-ist---ist