# Desktop Security 2010 Malware



## DangerMouse

Have you tried Avast? www.avast.com
Kaspersky?

You can set avast to do an initial dos scan at reboot.

DM


----------



## 3 legged dog

My son got malware called system defender. Very anoying.
I used the system restore to a week before and that worked.


----------



## Thurman

"Desktop Security 2010" is the _new_ version of "System Defender", according to what I've found out. "Desktop Security 2010" _will not allow_ you to use System Restore. It will tell you there is no restore point nor allow you to set one, I've tried. I have not tried www.avast.com YET! Believe me I will if the three I have written down (now four) do not work in the A.M. I'm tired of fighting this thing tonight. Post results tomorrow, David


----------



## Caromsoft

If it is something new you may need to run your anti-malware programs every day for a while until they catch up. Be sure to do an update every time before running them. I have a client that picked up some malware and it took a week of running Malwarebytes, AVG, and Trend Micro's Housecall every day before it was completely gone. Good Luck.


----------



## Jim F

They guys at my local computer store swear by Malwarebytes.com. I have the free version which worked well but need to upgrade to the paid version in order to get definition updates. That will be my next move since I also have the annyoyng pest.


----------



## poppameth

You don't pay for Malwarebytes to get definition updates. Updates are completely free. You only have to pay if you want to enable real time shields, meaning MBAM will run in the background at all times and catch things as they happen instead of needing to execute a manual scan.


----------



## Thurman

Well, come to find out-there is, no was, a program called www.rkill.com which would stop the process of "Desktop Security 2010" from running so you could at least use your computer. "rkill" would not remove the Malware, just stop the process from running temporarily. Then "DS 2010" got smarter and would not let "rkill" do it's thing. Finally, today Friday, there was an updated version of "MalWarebytes" which did find and remove this Malware--hopefully and so far. David


----------



## Scuba_Dave

I've used regedit to go in & find & get rid of stuff like this in the past
Then after regedit use some of the spyware utilities to fully remove
This stuff gets worse all the time
They download little re-install links
So you remove it, reboot....& it re-installs itself


----------



## Jim F

poppameth said:


> You don't pay for Malwarebytes to get definition updates. Updates are completely free. You only have to pay if you want to enable real time shields, meaning MBAM will run in the background at all times and catch things as they happen instead of needing to execute a manual scan.


Something must be quirky with my version of it then because it won't let me update. Thanks for the info though. That saves me from an unnecessary subscription purchase.


----------



## poppameth

I ran into an issue once where MBAM wouldn't run an update correctly. I had to download and install the newest version over top the existing one and it started updating fine after that.


----------



## 3 legged dog

I put Microsoft security essentials in my kids computers and have not had 
a problem since.(Knocking on wood). Its free, updates itself, and seems to work.


----------



## cellophane

use a live-boot linux CD and nuke away. there are a couple roms specifically for AV issues. give me a bit and i'll try to find some.

http://lifehacker.com/5492593/use-linux-to-scan-unusable-windows-drives-for-viruses

http://lifehacker.com/5504531/the-complete-guide-to-saving-your-windows-system-with-a-thumb-drive


----------



## chenzarino

system restore will fix it with minimal effort. 

I would suggest using Firefox with AdBlock and NoScript addons, will prevent this and many other problems.


----------



## DUDE!

my sister's puter has the anti virus GT, she had avast running, still got it,, ran malwarebytes, got rid of 14 infected files, restarted, still has the virus, my son is going to reformat the computer this weekend, at a loss to get rid of the virus.


----------



## DangerMouse

DUDE! said:


> reformat the computer


You called it! Be sure he does fdisk /mbr to clean the master boot record too.

DM


----------



## DUDE!

Being that I have no idea what the means mouse,, I'll be sure to pass that info along to my son, thanks for helping.


----------



## .chris.

Download and then run ComboFix in safe mode with networking (it has to be safe mode with networking to download the most recent updates, etc.). If you'd like then run MalwareBytes while in safe mode just to be sure. Then reboot anbd run your antivirus to be sure.


----------



## DUDE!

In my sister's case, she can't even get on a site, big red box comes up saying she is infected with a virus and not allowed access to the site, of course its false but she still can't go anywhere. I haven't heard from her yet but I'm guessing my brother in law has her shopping for a new puter, I"ll let you know how it turns out.


----------



## VBT

OK, this is some of the "scareware" that's out there these days. Some info for you on this.

C&P

A clone of Total PC Defender 2010, this scareware uses authentic looking fake Windows security center alerts and audio “virus found” alerts in addition to the usual system alert messages to scam the users to purchase a subscription. The system is rendered unusable due to many alert messages about non-existent infections.

The Desktop Security 2010 scareware causes fake blue screen of death (BSOD), initiates random system restart, blocks installation and execution of security programs, installs Fake Windows Security Center and a Fake Task Manager. It interferes with normal restart/shutdown operations.


end C&P


Now these are notoriously hard to get rid of, since they will block your usual Antivirus/Antispyware software quite often as well, leading to further infections.


You can use a combination of the Hijackthis executable and Malwarebytes as well as a lot of manual removal to successfully remove it if you caught it early enough. This requires quite a bit of experience with your computers file system and registry though.


Removal Guide Here


If you don't feel comfortable with doing that though, the quickest way as has been suggested if you have your system disks available is to do a complete wipe of the hard drive including the partitions and boot record.


Guide for that here


----------



## DUDE!

Well, my sister told me today,, her new laptop from Dell is on the way. She's blaming my brother in law for picking up the virus surfing the web. I think any excuse would of worked to get her a new laptop, something she wanted anyway, instead of the tower.


----------

