Saturday, May 22, 2010

How to remove Desktop Security 2010?

This rogue software blocks installation and execution of other software to protect itself. Preferably use another computer to download the following free tools to a removable drive:

• HijackThis Executable
• MalwareBytes’s Anti-Malware (mbam-setup.exe Direct download)
• Start HijackThis by clicking on HijackThis.exe.
• Click on Do a system scan only. In the results of the HijackThis scan, carefully select only the following entries by placing a checkmark in the box provided:

1. R1 -- HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555;
2. O4 -- HKLM\..\Run: [Desktop Security 2010] C:\Program Files\Desktop Security 2010\Desktop Security 2010.exe
3. O4 -- HKLM\..\Run: [SecurityCenter] C:\WINDOWS\system32\p9tdwlvru6ww.exe
4. O4 -- HKLM\..\Run: [p9tdwlvru6ww] C:\WINDOWS\system32\p9tdwlvru6ww.exe

The file name in the last two entries above are made up of random 12 digit alpha-numeric characters.

• Click Fix Checked. Choose Yes to confirm your selection. Close HijackThis. This would have killed the Desktop Security 2010 executable and the “fake task manager”.
• Right-click on the Taskbar and open Task Manager, select Securitycenter.exe and click End Process. Confirm Yes in the Task Manager Warning. Now you are likely to have a “scare message free” desktop.
• Install MalwareBytes’s Anti-Malware (mbam-setup.exe Direct download), Open and choose a full-scan. Once the scan is completed, click “Show results“, confirm that all instances of the rogue security software are check-marked and then click “Remove Selected” to delete them. If prompted restart immediately to complete the removal process.
• Turn System Restore off and on

0 comments :

Post a Comment