Just installed spyware blaster and have spybot search and destroy. I had this problem before I installed spyblaster,and cant get rid of it. Any help please. C:\WINDOWS\SYSTEM32\Desire-uninstall.exe\DESIRE-UNINSTALL.EXE Can not delete file.
Hi JLH60, Can you go into the task manager (ctrl alt del) and check to see if that file is actually a running task? If it is, you should be able to kill it from there then go and try to delete the file.
Looks like you have a variant of this exploit that seems to be running around in many versions....last time i looked it was up to Q in the alphabet. ************************** Istbar.C follows the routine below: When the user accesses certain web pages, a message appears to ask for permission to run an ActiveX code. If the user agrees, the ActiveX code installs several spyware programs and dialers, downloads other programs from the Internet and displays advertisements from adult sites. Other Details Istbar.C is written in the programming language Visual C++ v 6.0. The Trojan is 176,128 bytes in size. Some of the files are compressed with UPX. RB32.EXE and LP.EXE. RB32.EXE drops the file LP.EXE. These Trojan components download dialers and display advertising pop-up windows of adult content. These files are detected by Panda Antivirus as Trj/Istbar.I. GM.EXE. This component downloads dialers and spyware programs to the affected computer, such as Rapid Blaster, 180Solutions, Igetnet, etc. It is able to update itself whenever new versions are available. LOADER.EXE and IGETNET.EXE. These files are detected by Panda Antivirus as Bck/Ruledor.A. Istbar.H could also create any of the following files: MSCACHE.EXE, AUPDATE.EXE, AUPDATE_UNINSTALL.EXE or MSCACHE.DLL. Istbar.H creates the following entry in the Windows Registry: HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Run IST Service %programfiles%istsvc.exe By creating this entry, Istbar.H ensures that it is run whenever Windows is started. Istbar.H modifies the following entry in the Windows Registry: HKEY_LOCAL_MACHINE\ Software\ Internet Explorer\ Main Start page http://www.slotch.com By modifying this entry, Istbar.H changes the home page of Internet Explorer. http://www.virusportal.com/com/virusinfo/encyclopedia/overview.aspx?idvirus=41127
This is what Symantec is calling the dialer portion... Dialer.Desire http://www.symantec.com/avcenter/venc/data/dialer.desire.html So that may help you clean it off. Good luck aand let us know how you make out.