How to Remove Desktop Defender 2010 | Removal Guide



Desktop Defender 2010 is a rogue antivirus program. It will prompt you with popups complaining about various problems that it claim your system has as well as scanning your computer and consistently finding some files to complain about. It also claims that it cannot fix the problems with your system unless you purchase the program. Users are advised not to purchase the program, nor to trust it’s claims of problems as the files it finds as problematic could cause harm to your system if removed.

Read on for how to remove desktop defender 2010….


Among the other messages you may see on a system infested with Desktop Defender 2010….

You have been infected by a proxy-relay trojan server with new and danger “SpamBots”.
You have a computer with a virus that sends spam.
This is a mass-mailing worm with backdoor thus allowing un-authorized access to the infected system.
It spreads by mass-mailing itself to e-mail addresses harvested from the local computer or by querying on-line search engines such as google.com.
The IP address that YOU are getting from Internet Service Provider (ISP) for YOU personal computer is on some major blacklist, like SpamHaus.
Your computer has been used to send a huge amount of junk e-mail messages during the last days.
You IP will be marked in the Police log file as mass-mailing spam assist.
Upgrading to the full version Desktop Defender 2010 it will eliminate the majority of Spam attempts.

Go ahead and start by visiting the control panel, add/remove programs and see if you can remove it the traditional way. If so, congratulations this is the easiest rogue software removal possible. However, even if it uninstalls so neat and tidily this way I’d still want to run a scan with malwarebytes antimalware as well as a good reputable antivirus application (avira/avg for instance).

Anyway, moving along, go ahead and download malwarebytes antimalware (I have a link on the virus removal toolkit page.) You may want to go ahead and download process explorer as well. (It’s optional.)

Once this is downloaded, try installing, updating and running a scan with malwarebytes antimalware. If you are unable to run the installer you may try the following things to get it to run. 1) rename the installer file from mbam-setup.exe to something else…. bob.exe and retry the install. 2) reboot into safe mode and retry the install. 3) follow along with the manual removal step of killing off the running processes associated with Desktop Defender 2010 and then retry the install and scan with malwarebytes.

The following processes are associated with Desktop Defender 2010 and should be killed off using task manager (or process explorer.) If you are unable to run task manager, copy the program file for it (taskmgr.exe) and paste it to a new file name (rename it to something else….. larry.exe) The other option is to use process explorer to show the running processes and kill of the ones related to Desktop Defender 2010. If you are unable to run process explorer as you have downloaded it you may also be able to rename it to another file name and then retry running it. The processes associated with Desktop Defender 2010 are:

Desktop Defender 2010.exe
uninstall.exe

There may be other processes running that are associated with some of the files that Desktop Defender 2010 creates. There may be a random component to the filenames and you should use the list below as a guide for what to look for on your system. If you see anything similar (or following similar naming patterns) running in the process list, then you should terminate those processes too.

The following files and folders should be deleted to remove Desktop Defender 2010:

%docs%\All Users\Desktop\Desktop Defender 2010.lnk
%docs%\All Users\Start Menu\Programs\Desktop Defender 2010
%docs%\All Users\Start Menu\Programs\Desktop Defender 2010.lnk
%docs%\All Users\Start Menu\Programs\Desktop Defender 2010\Activate Desktop Defender 2010.lnk
%docs%\All Users\Start Menu\Programs\Desktop Defender 2010\Desktop Defender 2010.lnk
%docs%\All Users\Start Menu\Programs\Desktop Defender 2010\How to Activate Desktop Defender 2010.lnk
%userprof%\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Defender 2010.lnk
%progfiles%\Desktop Defender 2010
%progfiles%\Desktop Defender 2010\AF.dll
%progfiles%\Desktop Defender 2010\daily.cvd
%progfiles%\Desktop Defender 2010\Desktop Defender 2010.exe
%progfiles%\Desktop Defender 2010\guide.chm
%progfiles%\Desktop Defender 2010\hjengine.dll
%progfiles%\Desktop Defender 2010\IEAddon.dll
%progfiles%\Desktop Defender 2010\MFC71.dll
%progfiles%\Desktop Defender 2010\MFC71ENU.DLL
%progfiles%\Desktop Defender 2010\msvcp71.dll
%progfiles%\Desktop Defender 2010\msvcr71.dll
%progfiles%\Desktop Defender 2010\pthreadVC2.dll
%progfiles%\Desktop Defender 2010\shellext.dll
%progfiles%\Desktop Defender 2010\siglsp.dll
%progfiles%\Desktop Defender 2010\tdifw_drv_WLH.sys
%progfiles%\Desktop Defender 2010\tdifw_drv_WXP.sys
%progfiles%\Desktop Defender 2010\uninstall.exe
%win%\system32\drivers\tdifw_drv.sys
%win%\system32\LogFiles\tdifw
%win%\system32\LogFiles\tdifw\log.txt
%tmp%\gedx_ae09.exe
%tmp%\kgn.exe
%tmp%\kilslmd.exex
%tmp%\kn.a.exe

Even after a manual removal of the above files and folders I still recommend that you install, update and run a scan with malwarebytes antimalware as well as a scan with a reputable antivirus such as avira or avg for instance. After this you will have completed your removal of desktop defender 2010.

It should be noted that this particular rogue installs a dll into the Windows TCP stack c:\program files\desktop defender 2010\siglsp.dll which i used as a traffic logger and could be used to steal any information transmitted over your internet connection. Malwarebytes should be able to restore your TCP settings to a pre-infection state.

   Send article as PDF   

Similar Posts