Virus Removal.

[NotoriousM4^]

Im gonna keep this short, my computer has somehow been infected with a rogue virus named "Desktop Defender 2010", I have no idea how to remove it. Seeing as how we have quite a few tech savvy people around here I thought I might be able to get some help around here. I'm running Microsoft XP MCE 2002 SP3.

[Scotty]

First result on a Google search:

http://www.spywarevoid.com/remove-desktop-defender-2010-desktopdefender-2010-removal-help.html

[Mr Pwnage]

And just adding on to what Scotty said in case you don't know what to do with it. Pretty much for any documented virus, there are manual instructions. (meaning you, not a program removes the virus) and that is what you want to look for in scotty's link. Also, you'll most likely have to go and remove registry keys, so if there is anything like that in the instructions, in order to get into your registry you go to Run> Type "cmd" > than in the cmd type "regedit"....in case you already didn't know. And as always, be careful what you delete as many important files/etc are in your registry, so only delete what the instructions say. Hope that helps.

[Scotty]

And just adding on to what Scotty said in case you don't know what to do with it. Pretty much for any documented virus, there are manual instructions. (meaning you, not a program removes the virus) and that is what you want to look for in scotty's link. Also, you'll most likely have to go and remove registry keys, so if there is anything like that in the instructions, in order to get into your registry you go to Run> Type "cmd" > than in the cmd type "regedit"....in case you already didn't know. And as always, be careful what you delete as many important files/etc are in your registry, so only delete what the instructions say. Hope that helps.

I am going to go ahead and gauge (through his post) that M4 should absolutely not go into the registry.  Whenever there is a problem, I constantly see people here recommend they go into the registry and should start deleting stuff, throwing a prayer that they don't FUBAR their computer.  That's even AFTER they provide an automatic way that would prevent people from having to go to the registry editor.  I guess people like to think they are savvy and are incapable of making mistakes.

M4, DO NOT go into your registry, that should be last resort.  Rely on the recommended software in that link.  If that software does not do the trick, find another that will.  Just keep Googling until you find a program that removes it for you.  I typed in "Windows 2010 Removal" and I saw PAGES of links on how to remove it.

EDIT: Chaos just put it perfectly.  Going into the regedit right off the bat to fix the problem when a simple anti-virus program will do it for you, is like having a headache, and "You should do brain surgery on yourself and see what the problem is.  But be careful!"  Long story short, you should NEVER have to go into your registry for... just about anything...  Unless you work for Microsoft...  Or have a Masters in Computer Science...

EDIT 2: ... Pwnage, I just want to clarify, when you say regedit, you DO mean actual registry edit on your computer, and not the bathtub sitting in your back yard, acting as a make-shift ice pack, holding all your beer and your house's fuse box, while you sit around watching your neighbors play the age ol' game of "Spank the Bull" right?

[NotoriousM4^]

Thank you, I did see that link before, and had tried the manual version before I even posted here but many of the keys they point you to in the registry lead to dead ends, because the virus isn't located them. However after browsing through many other websites they all seem to point towards "Spyware Doctor". I'm downloading it now, but I'm still backing up some of my files in which worse case scenario I will have to wipe my computer clean.

Edit: And as for manually deleting the files, it wouldn't allow you to anyways because the virus is always running. Even as I type this :\ It wouldn't allow me to go on Firefox, Explorer, or Opera, so I've been using Chrome to get around it.

[Scotty]

and had tried the manual version before I even posted here but many of the keys they point you to in the registry lead to dead ends

That's EXACTLY why you don't do it.  People get curious and start snooping around thinking they gotta be there somewhere.  Trust in software to do it for you. 

[Jackabomb]

I think the above analogy of reg-edit as brain surgery is very good. Don't go in there, unless you have a computer you want to get rid of. If you plan to wipe your computer by inserting an OS re-installation disc(that's the only way I know of), messing with reg-edit can destroy even that precious fail-safe.

You could also compare it to bomb dismantlement. "Don't cut the red wire". "But their ALL red wires!" "Oh. Well, your screwed."---something like that.


By the way, I'm looking at a search page right now. I don't see that there's anything wrong with it, except being annoying. According to the site I'm on, it just tries to trick you into getting rid of good programs by calling them viruses.

[Chaos]

Or unless you're a brain surgeon.

[NotoriousM4^]

By the way, I'm looking at a search page right now. I don't see that there's anything wrong with it, except being annoying. According to the site I'm on, it just tries to trick you into getting rid of good programs by calling them viruses.

If you were to have gotten the virus yourself, I would have been glad to accept that "statement".

[ARTgames]

I don't know how to get ride of this and the best thing i can say use is google. But if anything (i know i will get hate for this) fromat and reinstall if you want to be 100% sure its gone.

Q: What should I do if I get a virus?

First, don't panic!  Resist the urge to reformat or erase everything in sight.  Write down everything you do in the order that you do it.  This will help you to be thorough and not duplicate your efforts.  Your main actions will be to contain the virus, so it does not spread elsewhere, and then to eradicate it.

If you work in a networked environment, where you share information and resources with others, do not be silent.  If you have a system administrator, tell her what has happened.  It is possible that the virus has infected more than one machine in your workgroup or organization.  If you are on a local area network, remove yourself physically from it immediately.

Once you have contained the virus, you will need to disinfect your system, and then work carefully outwards to deal with any problems beyond your system itself (for example, you should meticulously and methodically look at  your system backups, and any removable media that you use).  If you are on a network, any networked computers and servers will also need to be checked.

Any good anti-virus software will help you to identify the virus and then remove it from your system.  Viruses are designed to spread, so don't stop at the first one you find, continue looking until you are sure you've checked every possible source.  It is entirely possible that you could find several hundred copies of the virus throughout your system and media!

To disinfect your system, shut down all applications and shut down your computer right away.  Then, if you have Fix-It Utilities 99, boot off your System Rescue Disk.  Use the virus scanner on this rescue disk to scan your system for viruses.  Because the virus definitions on your Rescue Disk may be out of date and is not as comprehensive as the full Virus Scanner in Fix-It, once you have used it and it has cleared your system of known viruses, boot into Windows and use the full Virus Scanner to do an "On Demand" scan set to scan all files.  If you haven't run Easy Update recently to get the most current virus definition files, do so now.

If the virus scanner can remove the virus from an infected file, go ahead and clean the file.  If the cleaning operation fails, or the virus software cannot remove it, either delete the file or isolate it.  The best way to isolate such a file is to put it on a clearly marked floppy disk and then delete it from your system.

Once you have dealt with your system, you will need to look beyond it at things like floppy disks, backups and removable media.  This way you can make sure that you won't accidentally re-infect your computer.  Check all of the diskettes, zip disks, and CD-ROMs that may have been used on the system.

Finally, ask yourself who has used the computer in the last few weeks.  If there are others, they may have inadvertently carried the infection to their computer, and be in need of help.  Viruses can also infect other computers through files you may have shared with other people.  Ask yourself if you have sent any files as email attachments, or copied any files from your machine to a server, web site or FTP site recently.  If so, scan them to see if they are infected, and if they are, inform other people who may now have a copy of the infected file on their machine.

This is also some info and try asking here

http://answers.yahoo.com/

you can also try

http://onecare.live.com/site/en-za/center/whatsnew.htm

[Scotty]

Or unless you're a brain surgeon.

And if you WERE a brain surgeon, you would hopefully (I use that term lightly here, I never underestimate humanity's stupidity) be smart enough to realize cracking open your noggin for a headache is a BAD idea!

[Mr Pwnage]

Well yeah...don't go into your registry and delete shit for shits and giggles... Honestly though, I've never had a problem as far as doing it that method...before I got antivirus software on this new comp I got about 5 viruses...all I was able to remove them all manually, which all involved registry keys.
Sure, the registry is a vital part of your machine, but I wouldn't consider handling it rocket science like you seem to be making it to be. Now granted, I have a lot of experience when it comes to the core system files...but I still don't think it is THAT hard to not !@#$ up. Use cation though by all means.

[JoEL]

you dont need to run regedit by using cmd, you can just go to run then type regedit, well atleast it works on XP for me.

I recommend having some knowledge about registries before deleting them, but I always delete registries for viruses like these, guarantees them to not come back or run anything on start-up etc...

[Jackabomb]

At least you can do stuff to solve your problem. In case nobody here knows, yesterday(12/31/2009) at about 1700(-6 GMT), I installed an antivirus(Symantec Endpoint Protection). Now, the minute I start my computer, it starts a scan that I can't figure out how to stop. I get roughly sixty seconds in which the machine functions, after which the system freezes. The only option I know of at that point is to hit the power button to turn it off. Any clues? I don't think this is an actual virus.

[Mr Pwnage]

At least you can do stuff to solve your problem. In case nobody here knows, yesterday(12/31/2009) at about 1700(-6 GMT), I installed an antivirus(Symantec Endpoint Protection). Now, the minute I start my computer, it starts a scan that I can't figure out how to stop. I get roughly ten seconds in which the machine functions, after which the system freezes. The only option I know of at that point is to hit the power button to turn it off. Any clues?

Well what you downloaded was probably a virus...and it sounds like the virus is occurring your start up files. I recommend you start windows in safe mode. I think you rapidly press F12 or something like that...it tells you what to do as your comp is loading up. The whole point behind that is that you only want to launch your computers core files when booting the machine so the viruses files aren't started. You should have some control over your PC at that point.