EliteBar Removal: Remove EliteBar Forever
Let our support team solve your problem with EliteBar and repair EliteBar right now!
Leave the detailed description of your EliteBar problem in the form below. Our support team will contact you in several minutes and give a step-by-step instruction on how to fix EliteBar problem. Please be specific. Do your best describing the problem. This will help us recommend right and complete EliteBar problem removal solution.
Describe your problem here and we'll contact you in several minutes:
Warning:
1) We hate spam as much as you do. We will not share your email with any third party or publish it anywhere. Your email is used only to contact you and give you EliteBar removal solution.
2) All fields of this form are obligatory.
Threat's profile
|
Name of the threat: EliteBar |
| Command or file name: dstart4.exe |
| Threat type: Spyware |
| Affected OS: Win32 (Windows 9x, Windows XP, Windows Vista) |
EliteBar intrusion method
EliteBar copies its file(s) to your hard disk. Its typical file name is dstart4.exe. Then it creates new startup key with name EliteBar and value dstart4.exe. You can also find it in your processes list with name dstart4.exe or EliteBar.
If you have further questions about EliteBar, please fill in the form above and we'll contact you shortly.
» Download program to remove EliteBar (EliteBar Removal Tool)
Recommended Solution
If you are not sure what to delete, use our award winning program - EliteBar Removal Tool.
EliteBar Removal Tool will find and fully remove EliteBar and all problems associated with EliteBar virus.
Fast, easy, and handy, EliteBar Removal Tool protects your computer against EliteBar that does harm to your computer and breaks your privacy. EliteBar Removal Tool scans your hard disks and registry and destroys any manifestation of EliteBar. Standard anti-virus software can do nothing against malicious programs like EliteBar. Remove EliteBar straight away!
» Download EliteBar Removal Tool now for free
How to fix EliteBar
This problem can be solved manually by deleting all registry keys and files connected with EliteBar, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by EliteBar.
To get rid of EliteBar, you should:
1. Kill the following processes and delete the appropriate files:
• e44a4eafcec0d92fc6366b892a753baa.ini
• EDD69AA6.EXE
• elite???32.exe
• eliteerror32.dat
• elitemediapop.exe
• elitepbd32.exe
• elitesidebar ??.dll
• EliteSideBar version ?.dll
• EliteSideBar version ??.dll
• elitetoolbar version ??.dll
• eliteyfu32.exe
• findemails.bmp
• findemails[1].bmp
• kalv???32.exe
• L404.exe
• M404.exe
• nt_hide79.dll
• osd25.osd
• pokapoka62.exe
• pokapoka63.exe
• pokapoka65.exe
• pokapoka69.exe
• pokapoka75.exe
• pokapoka76.exe
• pokapoka78.exe
• pokapoka79.exe
• pokapoka??.exe
• proxy_inst[1].exe
• prscript[1].txt
• ringtones.bmp
• ringtones[1].bmp
• search.mnu
• searchpeople.bmp
• searchpeople[1].bmp
• search[1].htm
• shop.bmp
• shop[1].bmp
• silent_setup[1].exe
• v3cab[1].cab
• video.exe
• virus.bmp
• virus[1].bmp
Warning: you should delete only those files which checksums are listed as malicious. There may be valid files with the same names in your system. We recommend you to use EliteBar Removal Tool for safe problem solution.
2. Delete the following malicious folders:
• C:\Windows\System\EliteBar\
• C:\Windows\System\EliteSideBar\
• C:\Windows\System\EliteToolBar\
• C:\Windows\EliteBar\
• C:\Windows\EliteSideBar\
• C:\Windows\EliteToolBar\
• C:\Windows\etb\
• C:\Windows\etb\xml\
• C:\Windows\etb\xml\images\
• C:\Windows\Temp\temporary internet files\content.ie5\ixmtynmn\
• C:\Windows\Temp\temporary internet files\content.ie5\0p8raz67\
• C:\Windows\Temp\temporary internet files\content.ie5\8bwb29i1\
• C:\Windows\Temp\temporary internet files\content.ie5\czqp8p25\
3. Delete the following malicious registry entries and\or values:
• Key: CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81ABC}
• Key: CLSID\{825CF5BD-8862-4430-B771-0C15C5CA8DEF}
• Key: CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647}
• Key: CLSID\{ED103D9F-3070-4580-AB1E-E5C179C1AE41}
• Key: SOFTWARE\Elitum
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81ABC}
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ED103D9F-3070-4580-AB1E-E5C179C1AE41}
• Key: Software\Microsoft\Windows\CurrentVersion\Uninstall\EliteBar Internet Explorer Toolbar
• Key: Software\ohbbackup
• Key: CGBand.BHO
• Key: CGBand.BHO.1
• Key: CGBand.CGBandObj
• Key: CGBand.CGBandObj.1
• Key: CGBand.UICGBandObj
• Key: CGBand.UICGBandObj.1
• Key: CLSID\{02C20140-76F8-4763-83D5-B660107BABCD}
• Key: CLSID\{0A1D22C3-37BE-470C-9C29-E3074EE0574B
• Key: CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81C3A}
• Key: CLSID\{825CF5BD-8862-4430-B771-0C15C5CA880F}
• Key: CLSID\{A74CD7DD-EA6F-11D4-ABF3-000102378429}
• Key: Interface\{276B0903-EB4B-46FF-8304-F093DEF69DE7}
• Key: Interface\{4AFF987A-773B-48E4-AEE8-08EBDDBDADF8}
• Key: Interface\{A9B28EF6-ABF3-463B-A3D8-4D0D0BADFADC}
• Key: Interface\{CAAB3B3F-E815-47D9-94FD-8BB9143C0077}
• Key: Interface\{DBF33E89-1784-42AC-ADE4-A428F56550A3}
• Key: Interface\{ED646219-20BF-41E5-80FD-EE49021DA599}
• Key: PLOT.PlotCtrl.1
• Key: software\classes\clsid\{02C20140-76F8-4763-83D5-B660107BABCD}
• Key: software\classes\clsid\{0A1D22C3-37BE-470C-9C29-E3074EE0574B
• Key: software\classes\clsid\{28CAEFF3-0F18-4036-B504-51D73BD81C3A}
• Key: software\classes\clsid\{825CF5BD-8862-4430-B771-0C15C5CA880F}
• Key: software\classes\clsid\{825CF5BD-8862-4430-B771-0C15C5CA8DEF}
• Key: software\classes\clsid\{A74CD7DD-EA6F-11D4-ABF3-000102378429}
• Key: software\classes\clsid\{BE8D0059-D24D-4919-B76F-99F4A2203647}
• Key: software\classes\clsid\{ED103D9F-3070-4580-AB1E-E5C179C1AE41}
• Key: Software\Classes\Interface\{A9B28EF6-ABF3-463B-A3D8-4D0D0BADFADC}
• Key: Software\Classes\Typelib\{CA9FC31A-6F35-4493-B629-E64BD6170A17}
• Key: SOFTWARE\LQ
• Key: Software\Microsoft\DownloadMana ger
• Key: Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81C3A}
• Key: Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{825CF5BD-8862-4430-B771-0C15C5CA880F}
• Key: Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{825CF5BD-8862-4430-B771-0C15C5CA8DEF}
• Key: Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{B0A1D22C3-37BE-470C-9C29-E3074EE0574B}
• Key: Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{BE8D0059-D24D-4919-B76F-99F4A2203647}
• Key: TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A}
• Key: TypeLib\{CA9FC31A-6F35-4493-B629-E64BD6170A17}
• Key: Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8F28F10-153C-1F85-FBD0-0C5F0A5B69F7}
• Key: TypeLib\{DF54D7DD-EA6F-11D4-ABF3-000102378429}\1.0
• Key: TypeLib\{DF54D7DD-EA6F-11D4-ABF3-000102378429}\1.0\FLAGS
• Key: TypeLib\{DF54D7DD-EA6F-11D4-ABF3-000102378429}\1.0\0\win32
• Key: TypeLib\{DF54D7DD-EA6F-11D4-ABF3-000102378429}\1.0\HELPDIR
• Key: Interface\{DF54D7DE-EA6F-11D4-ABF3-000102378429}
• Key: Interface\{DF54D7DE-EA6F-11D4-ABF3-000102378429}\ProxyStubClsid
• Key: Interface\{DF54D7DE-EA6F-11D4-ABF3-000102378429}\ProxyStubClsid32
• Key: Interface\{DF54D7DE-EA6F-11D4-ABF3-000102378429}\TypeLib
Value: Version
• Key: PLOT.PlotCtrl.1\CLSID
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\ProgID
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\InprocServer32
Value: ThreadingModel
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\ToolboxBitmap32
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\MiscStatus
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\MiscStatus\1
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\Control
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\TypeLib
• Key: CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD}\Version
• Key: Software\Microsoft\Windows\CurrentVersion\Run\System service79
• Key: Software\Microsoft\Code Store Database\Distribution Units\v3cab
Value: SystemComponent
• Key: Software\Microsoft\Code Store Database\Distribution Units\v3cab\InstalledVersion
Value: LastModified
• Key: software\microsoft\internet explorerinternet0%\toolbar
Value: {825CF5BD-8862-4430-B771-0C15C5CA8DEF}
• Key: software\microsoft\internet explorerinternet0%\toolbar\webbrowser
Value: {825CF5BD-8862-4430-B771-0C15C5CA8DEF}
• Key: Software\Microsoft\Internet Explorer\Toolbar
Value: {F7519F82-E37E-68A5-2B6B-FE6B156F1F2C}
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E40140-76F8-4763-83D5-B660107BABCD}\iexplore
Value: Type
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E40140-76F8-4763-83D5-B660107BABCD}\iexplore
Value: Count
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E40140-76F8-4763-83D5-B660107BABCD}\iexplore
Value: Time
• Key: Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/v3.dll
Value: .Owner
• Key: Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/v3.dll
Value: v3cab
• Key: Software\Microsoft\Code Store Database\Distribution Units\v3cab
Value: Installer
• Key: Software\Microsoft\Code Store Database\Distribution Units\v3cab\DownloadInformation
Value: CODEBASE
• Key: Software\Microsoft\Code Store Database\Distribution Units\v3cab\DownloadInformation
Value: OSD
Warning: If value is listed for some registry entries, you should only clear these values and leave keys with such values untouched. We recommend you to use EliteBar Removal Tool for safe problem solution.
Next threat: EliteKeylogger »
Learn more about EliteBar and dstart4.exe »
« Back to catalog
Solution: 2104
|
