Avatar billede ju-bi-j Juniormester
22. november 2013 - 01:11 Der er 12 kommentarer og
1 løsning

Fejl ved opstart. - Virus??

Når min pc starter op får jeg følgende fejl:

Der var problemer under start af C:\Users\(user name)\AppData\Local\Conduit\BackgroundContaner\BackgroundContainr.dll

Det angivne modul blev ikke fundet.


Nogen der kan hjælpe med at finde ud af hvorfor den meddelelse pludselig dukker op??

Kører Norton Antivirus.
22. november 2013 - 11:42 #1
Du/I skal altid skrive under hvilket Styresystem det drejer sig om!
Win98, ME, W2000, XP, Vista, Win7, Win8, ... ?

---
Avatar billede ju-bi-j Juniormester
22. november 2013 - 14:38 #2
Bruger Win7
Avatar billede 220661 Ekspert
22. november 2013 - 17:28 #3
Du skal køre AdwCleaner for at få bugt med Conduit.
Prøv at hente AdwCleaner her:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Start programmet, og når det er startet trykker du på [Scan]
Pc scannes, og ved endt scanning skal du trykke på [Clean].
Og derefter (automatisk) genstart...
Tilbage fra genstart kommer en log, som du gerne må kopiere herind.
Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.
Kør også gerne en tur med Malwarebytes:
http://downloads.malwarebytes.org/mbam-download.php

Installer programmet - når det er gjort skal du lade programmet opdatere sig. Herefter åbner et vindue, hvor du skal flytte prikken til "Kør et fuldstændigt systemscan" - klik på Skan Knappen - lad programmet arbejde.
Når programmet har scannet færdigt tryk på "Vis resultater"  - og herefter marker alle punkter og tryk så  på "Fjern det valgte" - nu åbnes log'en og du skal gemme den et sted, hvor du kan finde den igen. Kopier loggen herind.
Mht.: Vista/Win7/Win8 - HøjreMusseTast - "Kør som Administrator..."
Avatar billede ju-bi-j Juniormester
23. november 2013 - 09:15 #4
# AdwCleaner v3.012 - Report created 23/11/2013 at 09:09:09
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Birgitte - BIRGITTES-PC
# Running from : C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K92FCL7T\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Birgitte\AppData\Local\Conduit
Folder Deleted : C:\Users\Birgitte\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Birgitte\AppData\Local\Temp\TempDir
Folder Deleted : C:\Users\Birgitte\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Birgitte\AppData\LocalLow\iac
Folder Deleted : C:\Users\Birgitte\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Birgitte\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Birgitte\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Birgitte\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Birgitte\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Birgitte\Documents\optimizer pro
File Deleted : C:\END
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Value Deleted : HKLM\SOFTWARE\mozilla\Firefox\Extensions [crossriderapp498@crossrider.com]
Key Deleted : HKCU\Software\5e57d6d9b63cba43
Key Deleted : HKLM\SOFTWARE\5e57d6d9b63cba43
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1700389
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Uniblue
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v

[ File : C:\Users\Birgitte\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10562 octets] - [23/11/2013 09:07:35]
AdwCleaner[S0].txt - [8985 octets] - [23/11/2013 09:09:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9045 octets] ##########
Avatar billede ju-bi-j Juniormester
23. november 2013 - 11:34 #5
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.23.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Birgitte :: BIRGITTES-PC [administrator]

23-11-2013 09:18:48
MBAM-log-2013-11-23 (11-29-24).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 460947
Tid gået: 2 time(e), 9 minut(ter), 43 sekund(er)

Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Ingen handling valgt.

Registreringsdatabaseværdier Inficeret: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {C85BB8B2-C24C-11E2-A94A-B870F4AF0D86} -> Ingen handling valgt.

Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)

Inficerede Mapper: 1
C:\Users\Birgitte\AppData\Local\Temp\ct3306061 (PUP.Optional.Conduit.A) -> Ingen handling valgt.

Inficerede Filer: 15
C:\AdwCleaner\Quarantine\C\Users\Birgitte\AppData\Roaming\OpenCandy\7437C6D63991419E97F1221E52D244B7\Installer.exe.vir (PUP.Optional.Linkury.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\229GFXPF\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\229GFXPF\VideoDownloadConvert.exe (PUP.Optional.FunWebProducts.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K92FCL7T\Connect_DLC_5[1].exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K92FCL7T\Setup[1].exe (PUP.Optional.LuckyLeap.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9K0NDXZ\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9K0NDXZ\PowerISO5.exe (PUP.Optional.OpenCandy) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9K0NDXZ\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VD1CBF0I\wajam_install[1].exe (PUP.Optional.Wajam) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Temp\ct3306061\chromeid.txt (PUP.Optional.Conduit.A) -> Ingen handling valgt.
C:\Users\Birgitte\AppData\Local\Temp\ct3306061\setup.ini.txt (PUP.Optional.Conduit.A) -> Ingen handling valgt.

(færdig)
Avatar billede Slettet bruger
23. november 2013 - 13:49 #6
@Ju-bi-j du har 2 registringsnøgler, 1 mappe og 15 filer der er inficeret. Desvære har du ikke sat Malwarebytes til at slette dem.

Prøv at følge denne vejledning
http://www.it-artikler.dk/2011/05/31/hjlp-til-at-fjerne-virus-spyware-malware/
Avatar billede ju-bi-j Juniormester
23. november 2013 - 13:56 #7
Logfilen er fra før jeg trykkede på "fjern valgte"
Mon det så ikke er fjernet alligevel?? :-)
Avatar billede 220661 Ekspert
23. november 2013 - 15:48 #8
Nej du er nødt til at være helt sikker på at ALLE er markeret før man vælger "fjern det valgte".
I øvrigt havde du en del skarammel på den. Formoder du ikke ser conduit mere ikke?
Kør en ny scanning med Malwarebytes og slet det valgte.
Meld derefter tilbage hvordan computeren så kører, evt efter en genstart?
Avatar billede 220661 Ekspert
23. november 2013 - 15:49 #9
Husk at sende den næste log ind også.
Avatar billede ju-bi-j Juniormester
23. november 2013 - 18:34 #10
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.23.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Birgitte :: BIRGITTES-PC [administrator]

23-11-2013 15:32:41
mbam-log-2013-11-23 (15-32-41).txt

Skanningstype: Fuldstændig skanning (C:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 460906
Tid gået: 2 time(e), 14 minut(ter), 25 sekund(er)

Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)

Inficerede Mapper: 0
(Ingen skadelige objekter blev fundet)

Inficerede Filer: 0
(Ingen skadelige objekter blev fundet)

(færdig)
Avatar billede 220661 Ekspert
24. november 2013 - 09:06 #11
Okay det ser fint ud. Hvordan kører den så nu?
Får du stadig meddelelser om Conduit?
Avatar billede ju-bi-j Juniormester
25. november 2013 - 16:35 #12
Ikke flere meddelelser fra Conduit. Perfekt.
tak for hjælpen.

Sender du lige et svar??
Avatar billede 220661 Ekspert
25. november 2013 - 17:01 #13
Ja da og tak for det
Ping
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester