Desktop Security 2010

Desktop Security 2010 Description

ScreenshotDesktop Security 2010 is not a real security program. In fact, Desktop Security 2010 is a highly-developed, well-promoted fraud, and Desktop Security 2010 laid the ground work for a large family of rogue anti-virus programs that have followed Desktop Security 2010, the UnVirex family. It is important to remember that whatever Desktop Security 2010 may say about a computer's security, you can't rely on Desktop Security 2010 to be accurate or true. Also, even though Desktop Security 2010 is by now a rather dated threat, Desktop Security 2010 should not be overlooked or ignored, because many other fake security applications are based on Desktop Security 2010. Desktop Security 2010 causes severe symptoms, and Desktop Security 2010 can disable any PC Desktop Security 2010 infects. Among the many changes that Desktop Security 2010 will make to the Registry is a change that sets Desktop Security 2010 up to run every time you start Windows. So, as Windows loads, you will see the phony home screen for Desktop Security 2010, which uses the Windows logo and is styled to look like the interface of a real security application. Every time the interface loads, Desktop Security 2010 will play a scan progress animation in order to simulate a scan of your PC.

To top it off, when the fake scan finishes, Desktop Security 2010 will play an audio clip of a woman saying, "New virus found! Please activate your anti-virus software!" These bogus scans always turn up lists of threats that Desktop Security 2010 claims to have found, but most or all of the reported threats are harmless, empty files that Desktop Security 2010 created so that Desktop Security 2010 could "find" them later. Nonetheless, Desktop Security 2010 will urge you to remove these so-called threats, and when you try to remove them, Desktop Security 2010 will tell you that you can't do that unless you purchase a license for the full version of its software. If you refuse Desktop Security 2010's offers for the purchase of a license, the malware will lock down your PC and hold it hostage.

After the fake scan is over, and the phony home screen has cleared, Desktop Security 2010 will continue to try to scare you into purchasing a fake security program license by generating a large number of fake security alerts. Most of the alerts say things that are very vague, for example "spyware has been detected on your computer", and everything the alerts warn you about spyware is made up. One of the most common alerts caused by Desktop Security 2010, which appears in malware that is based on Desktop Security 2010, is an alert that says that Security Center detected a threat called Win64.BIT.Looker.exe, to which Desktop Security 2010 basically ascribes every kind of malware or virus characteristic, as well as claiming that Win64.BIT.Looker.exe can exert physical wear on your PC.

Desktop Security 2010 also creates warnings about a nonexistent infection called Sft.dez.Wien frequently, as well as warnings that make the ridiculous claim that Desktop Security 2010 has found malware on your computer that could physically damage the BIOS (the Basic Input Output System, which is housed in its own chip on the motherboard). In addition to its scare tactics, Desktop Security 2010 does a few things to try to make sure that you can't remove the malware from your computer. Desktop Security 2010 will disable any real anti-virus software that you have, along with most of your other programs. Earlier versions of Desktop Security 2010 disabled Task Manager, but later on, Desktop Security 2010 began altering Task Manager so that it would display a column of information next to each running application or process, labeling each one as infected or clean. Although your web browser may remain available, Desktop Security 2010 will hijack it, so when you try to visit Internet, you will only be able to view the websites that claim to sell Desktop Security 2010. Often, you will be presented with a variety of "special offers" that will try to lure you into handing over the money that the malware demands, by lowering its price.

Desktop Security 2010 has a history of using a wide variety of distribution methods in order to infect as many computers as possible. At first, it was common for Desktop Security 2010 to be installed by a Trojan, that was disguised as a video codec downloaded from a malicious or sketchy website. Then, the crooks behind Desktop Security 2010 got a bit more sophisticated. Desktop Security 2010 began to be distributed through attachments to spam emails, which claimed to be from McAfee, offering some amount of free anti-virus service. Then Desktop Security 2010 began to be distributed through Google groups, using a combination of malicious or fake Google groups pages and phishing emails send to Google groups users in order to draw people into Desktop Security 2010's scam. Also, as is the case with most fake security programs, Desktop Security 2010 is (or was) supported by browser hijackers and malicious websites, such as httpswork,, and, which offered paid downloads of Desktop Security 2010 in a still malicious, but less aggressive form.

Since the appearance of Desktop Security 2010 in January 2010, many more rogue anti-virus programs that are based on Desktop Security 2010 have been released and are essentially a continuation of its malware family. Some of these other fake security programs are UnVirex, Antivirus Studio 2010, Securityinspector2010, Antivirus System 2011, Antivirus Antispyware 2011, Security Solution 2011, Antivirus Protection 2012.

Aliases: SHeur3.ARJW [AVG], Heuristic.BehavesLike.Win32.Suspicious.P [McAfee-GW-Edition], Heuristic.BehavesLike.Win32.Suspicious.A [McAfee-GW-Edition], Trojan.Siggen2.350 [DrWeb], Trojan.Win32.Generic.52227724, TR/Crypt.XPACK.Gen [AntiVir], a variant of Win32/Kryptik.FSY [NOD32], Gen:Trojan.Heur.FU.IDW@aaZ@ovo [BitDefender], Trojan.Win32.Generic.52219C71, W32/Suspicious_Gen2.BSUZY, a variant of Win32/Kryptik.FOA [NOD32], Generic FakeAlert!jw [McAfee], Trojan.ATRAPS [Ikarus], Trojan.ATRAPS!IK and Trojan.Siggen2.48 [DrWeb].

Technical Information

Screenshots & Other Imagery

Desktop Security 2010 Image 1 Desktop Security 2010 Image 2 Desktop Security 2010 Image 3 Desktop Security 2010 Image 4

File System Details

Desktop Security 2010 creates the following file(s):
# File Name Size MD5 Detection Count
1 %SYSTEMDRIVE%\System Volume Information\_restore{90805DDC-128E-4683-A703-502E91307F17}\RP25\A0007420.exe\A0007420.exe 140,800 a3a11eb30cc8cb2fa9669534fdf74f6e 13
2 %APPDATA%\Desktop Security\securitycenter .exe 36,872 b1d1dcd0aa9c72844133f7748d77d4d9 5
3 SoftwareInstall[1].exe 5,341,184 14c54dc822a59ccbd436ef226ddb648b 4
4 Desktop_Security_2010.exe 19,865,600 1670eaae21284baa7efc19941264af9b 2
5 kgn.exe 34,816 8ea5e1281ec4d7a3aef11e968326aa6a 2
6 kn.a.exe 4,096 0644c773c548fe5ecf90adf30df26fe2 2
7 gedx_ae09.exe 13,312 5d7c89d18bc84bd76568c6e1f134ce5a 2
8 %APPDATA%\Desktop Security\taskmgr.dll 91,136 ec60d64c94ae48466e8f4a7cce027855 2
9 %APPDATA%\Desktop Security 2010\securitycenter .exe 35,852 2da71b597e34fe12e612fbaac42ff1d1 1
10 kjdh_gf_jjdhgd.exe 51,200 5063d007675316bc57fd1366b19e3ff6 0
11 wrfwe_di.exe 61,440 7bb4bfaf5134883364fc7242f745d682 0
12 al3erfa3.exe 26,624 5c26b4987c2108457f669e9c301107a2 0
13 securitycenter.exe 3,665,920 01ba17d51bd20d3382a8e8e41835a98c 0
14 Desktop Security 2010.exe 19,865,600 16e92a60400a97bb52ff4789e819cb4b 0
More files

Registry Details

Desktop Security 2010 creates the following registry entry or registry entries:
File name without path
Activate Desktop Security 2010.lnk
Desktop Security 2010.lnk
Help Desktop Security 2010.lnk
How to Activate Desktop Security 2010.lnk
%ProgramFiles%\Desktop Security 2010

More Details on Desktop Security 2010

The following messages associated with Desktop Security 2010 were found:
Security Center Alert
To help protect your computer, Desktop Security 2010 has blocked some features of this program.
Name Sft.dez.Wien
Risk High
Description Sft.dez.Wien is a virus attempts to spread itself by attaching to a host program, and can damage hardware, software or data in the process. This worm can be blocked from firewall and antivirus software.
Spyware Warning
Your online guard helps to stop unauthorized changes to your computer
Details: Spyware detected on your computer
Warning! You computer in danger
Use a safe computer with Desktop Security 2010 you online guard.
Do you want to leave unwanted software or viruses on you PC?
Your computer might be at risk
Antivirus detects viruses, worms, and Trojan horses. They can (and do) destroy data, format your hard disk or can destroy the BIOS. By destroying the BIOS many times you end up buying a new motherboard or if the bios chip is removable then that chip would need replacing.
Click this balloon to fix this problem.

No firewall is turned on
Automatic Updates is turned off
Antivirus software might not be activated
Click this balloon to fix this problem.

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.


  • billie revels:

    i can not get on my internet page please help me

  • Sirlhey:

    I have been infected by VirusRemover2008 which came along for the ride when I dodlonawed Cursor Mania. I had wanted to make my cursor easier to see and thought this was a good answer. Since being infected, I found my desktop radically altered, removing many programs from the desktop, my authorization for reading the directories, the authorization to open TaskManager, my loss of the option to open my Windows as system manager, the inability of command prompt DOS commands to go anywhere except my C-Drive are among many functions I have lost. I installed HiJack This by downloading from another computer and burning to a CD and that analyzed that several random lettered DLLs had be added. I was able to disable those DLLs using SpyWareGuard, but within seconds they were reinstalled. I disabled Internet Explorer by renaming the executable and that has slowed down the assault of references to VirusRemover2008 as the solution to my problem (for a slight fee!). I am using Firefox to reach this site and responded, but periodically about 8-10 blak windows of Firefox will open, clogging up internet access. This is really a bad actor. I dodlonawed Microsoft Windows Malicious Software Removal Tool (KB890830) and have not yet been able to install it. This IS TRULY A BADDD ACTOR!

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

HTML is not allowed.