I have this thing that comes up all the time called deskbar. and some other program with gibberish comes with it everytime i restart. it says ''dfndrff_23" and other things. i have all the anti virus programs..nothing will get rid of it? it seems like this virus seems to hide itself from all these programs i tried! anything else i can do???
2006-10-20 16:49:39 · 16 answers · asked by lindaalicious 3 in Computers & Internet ➔ Security
You said it's ''dfndrff_23" if you click on Start, Run and then type in MSCONFIG you can click on the "startup" tab and deselect it in the list of programs that start when you start up your computer. If this doesn't work, find the file location thats in the "startup" tab, write it down and then search for it in your computer and delete the .exe or .dll file that running the program. good luck.
2006-10-20 16:52:50 · answer #1 · answered by Anonymous · 0⤊ 1⤋
2
2016-08-23 03:27:54 · answer #2 · answered by Julia 3 · 0⤊ 0⤋
OK here you go.
First make a backup of your registry.
Clickon start > run . Type regedit. press OK.
the registry editor window opens.click on File > Export.
Save the file by giving it a name.It will create a registration entries file in my documents folder.
Then click on Edit > Find. Type "deskbar" click on Find Next. The search will stop at the entry containing "deskbar" , read it once to make sure it is deskbar. Then click on it, on the entry in the right panel.and press delete key.or right click and select delete.
Press Ok to confirm. Now press F3 to search again. Delete the entry if found. Continue till you find and delete all deskbar entries.close the registry editor.
Now press Ctrl, Alt, delete keys at once to open the task manager window. Look in the list of running processes for deskbar.exe , deskbar3.exe. If found click on it and press on End process.
Now click on start >search
click on all files and folders
Type deskbar in the text box and click on search. delete any file named
deskbar.exe, deskbar.dll, deskbar.ini, deskbar.crc,
deskbar.inf, deskbar3.exe
Also look for the folder name in C:\program files\
containing deskbar. If found delete the whole folder.
Restart your computer. If everything goes smoothly, you have removed deskbar successfully.
After that download and install a registry cleaner
Free RegScrubXP registry cleaner
http://www.sofotex.com/RegScrubXP-download_L7528.html
Run it. It will remove any traces left by deskbar in the registry.
2006-10-20 16:55:33 · answer #3 · answered by Anonymous · 0⤊ 0⤋
it's probally not virus, but malware / spyware
C:\\dfndrff_8.exe <<< file
C:\\kybrdff_8.exe <<< file
C:\WINNT\system32\wspkww.exe <<< file
C:\WINNT\system32\xeymi.dll <<< file
are probally the files that are running on boot
so...
get the following, all are free for a safe surfing experience,
ANTI VIRAL
AVG (free) http://free.grisoft.com/
FIREWALL
ZoneAlarm http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
WEB BROWSER - http://www.mozilla.org/products/firebird
EMAIL use thunderbird. It has a good built in spam filter and learns when you teach it. http://www.mozilla.org/products/thunderbird
SPYWARE
http://www.lavasoftusa.com/software/adaware/
http://www.safer-networking.org/en/index.html
and if you have a wireless router follow these tips,
1. Use WPA encryption (WPA-PSK) it's less crackable then WEP.
2. Make a passphrase that is upper & lower case and has some numbers thrown in there as well, again harder to crack.
some like mAkE1t5eCurE0rel53 and as long as possible.
3. Use MAC access control so only you or authorized PC's can connect (even if you do have encryption turned on)
4. Turn off DHCP use static addresses.
5. Turn off SSID (and change it) unless your card really needs it (some do)
6. Change username/password of access unit front end
7. Ensure you have the usual firewall enabled on your PC.
8. Paranoia rules, turn WLAN off if your not using it :)
one last tip
control panel---administrator tools--services--messenger
right clik on it
stop the service
then disable it
save changes
install the above programs in SAFE mode and run all the SCANs in safe mode, make sure system restore is OFF or the malware can regenerate back, turn is back off after you have scanned and deleted anything they find. Then boot back into normal XP,
Uninstall any Norton or McAfee product as they will slow your system down, the above programs are free and update well.
BTW stop using Internet Explorer, that's where you problems are coming from, it's riddled with security flaws. Use firefox instead.
2006-10-20 17:07:12 · answer #4 · answered by Anonymous · 0⤊ 0⤋
Hi there,
There best and easiest way to remove the "Deskbar" infection is by installing the Free Trial of Prevx1. This will scan your PC and remove all infections free of charge.
Detailed Prevx Info on Adware Deskbar:
http://virusinfo.prevx.com/pxparall.asp?PXC=49b448282923
Prevx Homepage:
http://www.prevx.com
2006-10-21 01:30:13 · answer #5 · answered by Secure Expert 5 · 0⤊ 0⤋
You are correct, it's hidding itself in "System Restore"!!!
This is very common tactic for alot of Trojan, Viruses, etc.
Turn off System restore and then do all your virus scans and remove it, then reboot. After making sure that it's gone, then turn it back on...I never have System Restore on or use it...To turn off/on systems restore follow these directions:
1. Click Control Panel
2.Click Performance and Maintenance
3.Click System Restore and disable ALL the drives that are listed.
To turn it back on just do the same thing but turn back on.
Now if your Virus scanner doesn't detect it, then you may have to find a special removal tool just for that virus...Look for these on the site of your Antivirus maker....they will have a section just for that.
Hope that helps.
2006-10-20 17:01:34 · answer #6 · answered by MUff1N 6 · 0⤊ 0⤋
Don't use 'all' the antivirus programs on a single system. Its like putting 5 lions in a single cage. Just use the one which you can rely upon, like AVG, Avast, Norton, McAfee, Kaspersky etc. If the antivirus is unable to detect it, it might a rootkit. Download Sophos AntiRootkit(Google it) and scan your PC. Good Luck!
And yes, if you not updated your antivirus, do it now and then scan again.
2006-10-20 16:54:20 · answer #7 · answered by Anonymous · 0⤊ 0⤋
start/search deskbar*.*
find the location of the file.
If you get too many files locate the suspect file by date.
program location.
Make a copy. and rename it.
Delete the file.Check your computer runs ok.
Then check the copy with antivirus pgm and delete it.
2006-10-20 17:18:53 · answer #8 · answered by essbebe 6 · 0⤊ 0⤋
It is hard to really narrow down what you have with the limited information. Google, AOL and others have a legit service that is called Deskbar. You may very well have one of the adware and browser hijacker versions.
The reason it cannot be removed is due to hidden areas on your computer. Most AV and AS programs cannot scan these areas when you do you scans in Normal Mode. This procedure will walk you through opening these hidden areas and other necessary procedures to properly remove the infection. Just follow each step (do not skip any step) and you will get through it easily.
Trojan Removal Procedure.
Removing infections from your computer is never as easy as aquiring them. Malware infections are not meant to be removed, so, it takes TIME and PATIENCE to get rid of them. ONLY RESORT TO A REFORMAT AFTER ALL ELSE FAILS TO REMOVE THE INFECTION.
This procedure works for all Malware. Replace the Ewido and AdAware SE programs with any AntiVirus or AntiSpy program you choose.
Download and Update Ewido (now called the AVG Antispyware). Do not run:
http://www.ewido.net/en/download/...
Download AdAware SE and update. Do the setup. Do not run:
http://www.filehippo.com/download_ad-aware/
AdAware SE Setup:
1. Select "use custom scanning options" then select "customize". Make sure the following options are enabled: "scan within archives," "scan active processes," "scan registry," "deep scan registry," "scan my IE favorites for banned URLs," "scan my Hosts file."
2. Select the "tweak" option. Under "scanning engine," make sure "unload recognized processes and modules during scan" is enabled. Enable "scan registry for all users instead of current users."
3. Under "cleaning engine" turn on "always try to unload modules…," "during removal unload explorer and IE if necessary," "let windows remove files in use at next restart," and "delete quarantined items after restoring."
4. Use the "select drives and folders to scan" option to ensure that your entire hard drive is scanned (if you have more than one hard drive, scan all of them (of course, do not include floppy and CD/DVD).
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH ADAWARE SE. THEN DO IT WITH EWIDO.
NOTE: Let AdAware complete its scan. Sometimes AdAware will be unable to remove everything that it finds and will prompt to be allowed to try again after restarting. If that happens, when the scan finishes restart immediately and allow the scan to finish.
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode. DON'T FORGET TO RESET HIDDEN FILES AND FOLDERS.
NEW RESTORE POINT:
The RESTORE POINTS may be infected with the Malware and cannot be used.
HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
2006-10-20 17:06:50 · answer #9 · answered by Anonymous · 0⤊ 0⤋
u looses all day daily...whilst in a bathtub/bathe use a sponge or bathe puff ball...the greater u scrub the greater previous lifeless pores and skin u are removing, the greater lifeless pores and skin u do away with, the greater tan u are removing...to sidestep greater of a tan, use the optimal style of sunlight demonstrate screen...and to pass even farther than that, stay in doorways, or positioned on long sleeves and pants....
2016-10-02 12:36:13 · answer #10 · answered by cosco 4 · 0⤊ 0⤋