Deskbar.exe Description and Removal Manual - How to, Technology and PC Security Forum | SensorsTechForum.com

Deskbar.exe Description and Removal Manual

NameDeskbar.exe
TypeAdware, PUP
Short DescriptionDeskbar.exe may display advertised content and collect certain user information.
SymptomsPC slowdowns, background processes
Distribution MethodVia freeware packages (bundling), or downloaded from third-party sites.
Detection toolDownload SpyHunter, to See If Your System Has Been Affected By Deskbar.exe

p4_0000Reports have increased regarding an executable file going by the name of DeskBar.exe, developed by Goobzo, categorizing as a Potentially Unwanted Application (PUA). Users believe that this particular program is used to create customized toolbars, adding chosen links on them for Windows. In reality, the .exe has been detected by some antivirus programs as an adware application.

How Did I Get Deskbar.exe?

There is the probability that you downloaded this application from its website with the purpose of implementing custom links to your site. Another way it may get into your computer is being bundled with other freeware. Most users often tend to disregard included applications in installers of free software, and the program gets installed along with them eventually.

Deskbar.exe Description

Users report that the program may display advertised content after it’s been used on an individual website. It might take over the ad spaces, replacing them with custom adverts. Also, there is the possibility that this software may collect certain information from the user.

According to VirusTotal, several different antivirus programs recognize this executable file as the following:

  • Adware.Shopper.866
  • Adware/Goobzo
  • Trojan.Win32.Qudamah.Gen.0
  • Suspicious_GEN.F47V0401

More to it, some security experts on security forums have identified that upon installation, the program may have created the following files and registry values and keys in Windows:

→Files:
c:\deskbar8.exe
<$PROGRAMFILES>\Deskbar\about.html
<$PROGRAMFILES>\Deskbar\basis.xml
<$PROGRAMFILES>\Deskbar\deskbar.crc
<$PROGRAMFILES>\Deskbar\deskbar.dll
<$PROGRAMFILES>\Deskbar\deskbar.inf
<$PROGRAMFILES>\Deskbar\icons.bmp
<$PROGRAMFILES>\Deskbar\inst.bat
<$PROGRAMFILES>\Deskbar\mbback.bmp
<$PROGRAMFILES>\Deskbar\mbbigopen.bmp
<$PROGRAMFILES>\Deskbar\mbclose.bmp
<$PROGRAMFILES>\Deskbar\mbfwd.bmp
<$PROGRAMFILES>\Deskbar\mblogo.bmp
<$PROGRAMFILES>\Deskbar\mbsep.bmp
<$PROGRAMFILES>\Deskbar\options.html
<$PROGRAMFILES>\Deskbar\softomate.gif
<$PROGRAMFILES>\Deskbar\version.txt

→Registry keys and values:
HKEY_CURRENT_USER\Software\DBTB00001 – Registry key
HKEY_CURRENT_USER\Software\DBTB00001\Deskbar – Registry key
HKEY_CLASSES_ROOT\CLSID\{81AE99B6-6212-4ECC-8A88-D3907D87C014} – Registry key
HKEY_CLASSES_ROOT\ DBTB00001.DBTB00001 – Registry key and values.
HKEY_CLASSES_ROOT\ DBTB00001.DeskBar – Registry key and values.
HKEY_CLASSES_ROOT\ DBTB00001.deskbarBHO – Registry key and values.
HKEY_CLASSES_ROOT\ DBTB00001.deskbarBHO.1 – Registry key and values.
HKEY_CLASSES_ROOT\ DBTB00001.DeskbarEnabler – Registry key and values.
HKEY_CLASSES_ROOT\ DBTB00001.DeskbarEnabler.1 – Registry key and values.
HKEY_CLASSES_ROOT\Interface\{A0881AA1-68BE-41AC-9C0D-4C8A69C6C72C} – Registry key.
HKEY_CLASSES_ROOT\Interface\{E827FFD9-95D1-4B49-BEB3-5D49E688C108} – Registry key
HKEY_CLASSES_ROOT\TypeLib\{A4C8F181-6CDB-4DCC-9FC9-BB9933C81E1F} – Registry key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{81AE99B6-6212-4ECC-8A88-D3907D87C014} – Registry key.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B28872-3324-4CD2-8AA3-7D555C872D96} – Registry key.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\{A8B28872-3324-4CD2-8AA3-7D555C872D96} – Registry key.

Users have reported these objects that were associated with Deskbar. However, this is no guarantee that they will be carrying the same names on a different machine.

DeskBar.exe Removal Manual

When it comes to such executable files, there are two main methods for their complete removal.

METHOD NUMBER 1 – Downloading anti-malware scanning program.(Easier)

1. Using an alternative browser to download anti-malware tool, because it may disable your browser functions. If you are having problems with Internet Explorer, refer to Mozilla Firefox for downloading antimalware software, for example.

2. Using an USB drive. In case you have another computer, download the antimalware software on that machine. After that use a flash drive to transfer the installer and install it on the infected PC then scan it.

3. Using Safe Mode. In case you have troubles while scanning for malware with the software, restart your computer then as soon as it restarts, start pressing F8 after which choose ‘Safe Mode With Networking’. After the computer boots up in safe mode scan with the antimalware.

If the threat is discovered after a scan, it will automatically be removed along with all associated objects. After this is done, reboot your PC, and you should be okay.

METHOD NUMBER 2 (MANUAL REMOVAL)

In case you want to try to eliminate it manually (the more complicated and time-consuming way), please follow these steps:

Step 1: Task Manager kill of DeskBar.exe.

Press Ctrl+Shift+Esc altogether to start Windows Task Manager. After that, click on ‘Processes’ Tab above. If you are running on a Windows 7 PC, click on the button ‘Show Processes From All Users’ below. Then Look for the process DeskBar.exe, mark it with the mouse and press on the down right button of the task manager, called ‘End Task.’ It will ask for your confirmation. Confirm by clicking ‘End Task’ again.

Step 2: After they are ‘dead’, reveal the hidden files from your PC by:

1) Clicking on Start button and then on Control Panel

2) Clicking on Personalization

3) Pressing Windows button + E button together to open Computer Window

4) Clicking on the View Tab

5) Unticking ‘Hidden Items’ tick box to see hidden files

6) Unchecking ‘Hide Protected System Files’ in Folder Options

7) After which clicking on the ‘OK’ button

Step 3: Cleaning Registry Entries:

To delete modified registry settings please:

1)Press Windows button+R to bring up the Run prompt

2)Type in it regedit then click on OK

3)While you are in the Registry Editor, press Ctrl+F to open the search prompt.

4)After that search for the current registry files:

5)Look for DeskBar.exe associated filess.

6)Look for the previously mentioned in this article registry keys and values and directory files and delete them.

Note that those files and registries were all modified, and only some of them could be removed so don`t be scared if you are not able to delete all of them. Also, bear in mind that these files discovered above are from a different user PC so there might be some variables, like Different OS, for example. This means that there may be some other files that you may not know anything about or the files and registry keys and values may be entirely different on your computer. This is why our advice is to follow the first method because of the uniqueness of your situation.

donload_now_250
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.