Computer Tips -Tech Info



« | »

How to Remove Desktop Defender 2010 | Removal Guide

Desktop Defender 2010 is a rogue antivirus program. It will prompt you with popups complaining about various problems that it claim your system has as well as scanning your computer and consistently finding some files to complain about. It also claims that it cannot fix the problems with your system unless you purchase the program. Users are advised not to purchase the program, nor to trust it’s claims of problems as the files it finds as problematic could cause harm to your system if removed.

Read on for how to remove desktop defender 2010….


Among the other messages you may see on a system infested with Desktop Defender 2010….

You have been infected by a proxy-relay trojan server with new and danger “SpamBots”.
You have a computer with a virus that sends spam.
This is a mass-mailing worm with backdoor thus allowing un-authorized access to the infected system.
It spreads by mass-mailing itself to e-mail addresses harvested from the local computer or by querying on-line search engines such as google.com.
The IP address that YOU are getting from Internet Service Provider (ISP) for YOU personal computer is on some major blacklist, like SpamHaus.
Your computer has been used to send a huge amount of junk e-mail messages during the last days.
You IP will be marked in the Police log file as mass-mailing spam assist.
Upgrading to the full version Desktop Defender 2010 it will eliminate the majority of Spam attempts.

Go ahead and start by visiting the control panel, add/remove programs and see if you can remove it the traditional way. If so, congratulations this is the easiest rogue software removal possible. However, even if it uninstalls so neat and tidily this way I’d still want to run a scan with malwarebytes antimalware as well as a good reputable antivirus application (avira/avg for instance).

Anyway, moving along, go ahead and download malwarebytes antimalware (I have a link on the virus removal toolkit page.) You may want to go ahead and download process explorer as well. (It’s optional.)

Once this is downloaded, try installing, updating and running a scan with malwarebytes antimalware. If you are unable to run the installer you may try the following things to get it to run. 1) rename the installer file from mbam-setup.exe to something else…. bob.exe and retry the install. 2) reboot into safe mode and retry the install. 3) follow along with the manual removal step of killing off the running processes associated with Desktop Defender 2010 and then retry the install and scan with malwarebytes.

The following processes are associated with Desktop Defender 2010 and should be killed off using task manager (or process explorer.) If you are unable to run task manager, copy the program file for it (taskmgr.exe) and paste it to a new file name (rename it to something else….. larry.exe) The other option is to use process explorer to show the running processes and kill of the ones related to Desktop Defender 2010. If you are unable to run process explorer as you have downloaded it you may also be able to rename it to another file name and then retry running it. The processes associated with Desktop Defender 2010 are:

Desktop Defender 2010.exe
uninstall.exe

There may be other processes running that are associated with some of the files that Desktop Defender 2010 creates. There may be a random component to the filenames and you should use the list below as a guide for what to look for on your system. If you see anything similar (or following similar naming patterns) running in the process list, then you should terminate those processes too.

The following files and folders should be deleted to remove Desktop Defender 2010:

%docs%All UsersDesktopDesktop Defender 2010.lnk
%docs%All UsersStart MenuProgramsDesktop Defender 2010
%docs%All UsersStart MenuProgramsDesktop Defender 2010.lnk
%docs%All UsersStart MenuProgramsDesktop Defender 2010Activate Desktop Defender 2010.lnk
%docs%All UsersStart MenuProgramsDesktop Defender 2010Desktop Defender 2010.lnk
%docs%All UsersStart MenuProgramsDesktop Defender 2010How to Activate Desktop Defender 2010.lnk
%userprof%Application DataMicrosoftInternet ExplorerQuick LaunchDesktop Defender 2010.lnk
%progfiles%Desktop Defender 2010
%progfiles%Desktop Defender 2010AF.dll
%progfiles%Desktop Defender 2010daily.cvd
%progfiles%Desktop Defender 2010Desktop Defender 2010.exe
%progfiles%Desktop Defender 2010guide.chm
%progfiles%Desktop Defender 2010hjengine.dll
%progfiles%Desktop Defender 2010IEAddon.dll
%progfiles%Desktop Defender 2010MFC71.dll
%progfiles%Desktop Defender 2010MFC71ENU.DLL
%progfiles%Desktop Defender 2010msvcp71.dll
%progfiles%Desktop Defender 2010msvcr71.dll
%progfiles%Desktop Defender 2010pthreadVC2.dll
%progfiles%Desktop Defender 2010shellext.dll
%progfiles%Desktop Defender 2010siglsp.dll
%progfiles%Desktop Defender 2010tdifw_drv_WLH.sys
%progfiles%Desktop Defender 2010tdifw_drv_WXP.sys
%progfiles%Desktop Defender 2010uninstall.exe
%win%system32driverstdifw_drv.sys
%win%system32LogFilestdifw
%win%system32LogFilestdifwlog.txt
%tmp%gedx_ae09.exe
%tmp%kgn.exe
%tmp%kilslmd.exex
%tmp%kn.a.exe

Even after a manual removal of the above files and folders I still recommend that you install, update and run a scan with malwarebytes antimalware as well as a scan with a reputable antivirus such as avira or avg for instance. After this you will have completed your removal of desktop defender 2010.

It should be noted that this particular rogue installs a dll into the Windows TCP stack c:program filesdesktop defender 2010siglsp.dll which i used as a traffic logger and could be used to steal any information transmitted over your internet connection. Malwarebytes should be able to restore your TCP settings to a pre-infection state.

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
www.pdf24.org    Send article as PDF   

Posted by on October 28, 2009.

Tags: , , , , , , , , , ,

Categories: antivirus, malware, Rogue Security Software

« | »




Recent Posts


Pages



Switch to our desktop site