Desktop Defender 2010 is a rogue antivirus application that has lately appeared in the world of rogues. Came from the same creators produced Contraviro an UnVirex this malicious badware uses brand new interface that can be very powerful method of preventing its detection. This rogue antivirus software uses GUI (Graphical Users Interface) that looks like Windows Vista style, so people can be easily tricked by this badware. You can pick up this infection while visiting unreliable websites which requires some updates of video codecs to be allowed to use their sources. After you computer has been invaded, Desktop Defender 2010 will run fake system scan. The results of this scan should be ignored as they contain untruthful information about your security and shows threats that do not actually exist. Moreover, some of the files Desktop Defender 2010 stated as infections can be important Windows parts and their removing will cause huge troubles with your PC. You will not be able to get rid of those threats without purchased license, but indeed it will not even help and is worthless. One more reason that Desktop Defender 2010 should not be trusted is huge amount of bogus notifications coming from this badware that will interrupt you computer productivity and will make it unbelievably hard to do any work on your PC. Such pop-ups will inform about tons of new infections found or about your privacy violations. All these bogus screens like fake system scans should be ignored at once and Desktop Defender 2010 is highly recommended to be removed immediately. In case you have already purchased it worthless license please contact your credit card company and dispute your purchasing immediately. Remember, gambling with hackers will never bring you any profits. Moreover, it will cause damages so great that it will be very doubtful to change anything afterwards.
Type: Rogue Anti-Spyware
Malware Author: Unknown
Threat Level: Critical
Screenshot:
How to remove Desktop Defender 2010 manually:
It's possible to remove Desktop Defender 2010 manually, but you have to be very experienced in dealing with registry entries, program files and .dll files.
The files to be deleted:
%Program Files%\Desktop Protector 2010\hjengine.dll
%Program Files%\Desktop Protector 2010\MFC71ENU.DLL
%Program Files%\Desktop Protector 2010\MyTaskMgrDll.dll
%Program Files%\Desktop Protector 2010\siglsp.dll
%Program Files%\Desktop Protector 2010\uninstall.exe
%Program Files%\Desktop Protector 2010\Desktop Protector 2010.exe
%Program Files%\Desktop Protector 2010\MFC71.dll
%Program Files%\Desktop Protector 2010\msvcr71.dll
%Program Files%\Desktop Protector 2010\shellext.dll
%Program Files%\Desktop Protector 2010\tdifw_drv_WXP.sys
%Program Files%\Desktop Protector 2010\AF.dll
%Program Files%\Desktop Protector 2010\IEAddon.dll
%Program Files%\Desktop Protector 2010\msvcp71.dll
%Program Files%\Desktop Protector 2010\pthreadVC2.dll
%Program Files%\Desktop Protector 2010\tdifw_drv_WLH.sys
%WINDOWS%\System32\tdidis32.sys
Remove registry entries:
HKEY_CLASSES_ROOT\AppID\IEAddon.DLL
HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\antivirus_contextscan
HKEY_CLASSES_ROOT\IEAddon.StatusBarPane.1
HKEY_LOCAL_MACHINE\SOFTWARE\Desktop Protector 2010
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdifw_drv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\tdidis32.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tdidis32.sys
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “C:\Program Files\Desktop Protector 2010\Desktop Protector 2010.exe”
HKEY_CLASSES_ROOT\AppID\{C0E56AC2-9F72-436E-B6E7-AEC28AF9E4EB}
HKEY_CLASSES_ROOT\CLSID\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}
HKEY_CLASSES_ROOT\IEAddon.StatusBarPane
HKEY_CLASSES_ROOT\TypeLib\{3ED0E410-5C8E-47B6-A75D-D10B886E903C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desktop Protector 2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Desktop Protector 2010″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TDIDIS32.SYS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run “”
HKEY_CLASSES_ROOT\shellex\ContextMenuHandlers\antivirus_contextscan
HKEY_CLASSES_ROOT\CLSID\{08EEC6AD-7486-487F-89B7-5A3716DDAE14}
HKEY_CLASSES_ROOT\Drives\shellex\ContextMenuHandlers\antivirus_contextscan
HKEY_CLASSES_ROOT\Interface\{5B184B9D-B7BD-4FEA-8D1F-5E27182206A5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform “Desktop Protector 2010″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDIDIS32.SYS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDIDIS32.SYS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDIDIS32.sys
HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\antivirus_contextscan
HKEY_CLASSES_ROOT\IEAddon.StatusBarPane.1
HKEY_LOCAL_MACHINE\SOFTWARE\Desktop Protector 2010
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdifw_drv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\tdidis32.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tdidis32.sys
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “C:\Program Files\Desktop Protector 2010\Desktop Protector 2010.exe”
HKEY_CLASSES_ROOT\AppID\{C0E56AC2-9F72-436E-B6E7-AEC28AF9E4EB}
HKEY_CLASSES_ROOT\CLSID\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}
HKEY_CLASSES_ROOT\IEAddon.StatusBarPane
HKEY_CLASSES_ROOT\TypeLib\{3ED0E410-5C8E-47B6-A75D-D10B886E903C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desktop Protector 2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Desktop Protector 2010″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TDIDIS32.SYS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run “”
HKEY_CLASSES_ROOT\shellex\ContextMenuHandlers\antivirus_contextscan
HKEY_CLASSES_ROOT\CLSID\{08EEC6AD-7486-487F-89B7-5A3716DDAE14}
HKEY_CLASSES_ROOT\Drives\shellex\ContextMenuHandlers\antivirus_contextscan
HKEY_CLASSES_ROOT\Interface\{5B184B9D-B7BD-4FEA-8D1F-5E27182206A5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform “Desktop Protector 2010″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDIDIS32.SYS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDIDIS32.SYS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDIDIS32.sys
Please be careful because manual removal of Desktop Defender 2010 may seriously damage operational system and sensitive data. Also there is a big possibility of incomplete removal, because some files could be hidden and program could re-install itself after you delete files and registry entries. So we strongly recommend you to use automatical removal tool.
No comments:
Post a Comment