Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


  • Content count

  • Donations

  • Joined

  • Last visited

Community Reputation

0 Neutral

About davidkayla

Profile Information

  • OS
    XP Home
  1. malware caused by Bearshare

    Thanks for that Jaclaz, Before I read your email I downloaded Hijack This and did a search of the registry and found and deleted a few bearshare entries. This appears to have worked well. It has been a learning curve for me and I still don't understand how the registry works. Are there any tools to lock down the registry so that rogue apps can't change it? Thanks. David.
  2. malware caused by Bearshare

    There has been a development. I rerun SFC with the original XP system disk and I don't get the User32.dll error any more when I start Voipbuster (The procedure entry point isthreaddesktopcomposited could not be located ...). The strange thing is is that I did run this before but it did not previously solve the problem. When I now run Voipbuster in dependency walker I can see that it is still trying to make those calls to bearshare modules (Remember that I have re-installed Voipbuster). Where are those calls being made from, system modules (that should have been replaced by SFC) or Voipbuster (that has been reinstalled)? Voipbuster may now be running ok but those calls still annoy me.
  3. malware caused by Bearshare

    The version of user32.dll that I am now using is: 5.1.2600.2180 No I have not re-registered that module. I will have a look at that asap and let you know the outcome.
  4. malware caused by Bearshare

    Here is the zip file containing an image of the module tree from dependency walker. The .dwi file was too big but I can try some other way of sending it if someone thinks they could use it. ScreenShot003.zip
  5. malware caused by Bearshare

    That's the strange thing. I did download another version of user32.dll and it made no difference! How does one tell which module is making those Bearshare calls? Is it the one immediately above the calls?
  6. Hi, I wonder if you are able to help please? I mistakenly downloaded Bearshare. Subsequently I was getting a Bearshare Search page in Chrome and IE and error messages when I opened certain apps. I decided to remove Bearshare by the Add / Remove program option. As you would probably expect, things haven't quite returned to normal. My system restore option was cleared BEFORE the date of Bearshare installation. System Restore now appears to be capturing system restore points as per normal now. When I click on one of my favourite programs: Voipbuster I get the error: The procedure entry point isthreaddesktopcomposited could not be located in the dynamic link library USER32.dll. I downloaded Dependency Walker and the following calls are made early on in the profile. It also says that these paths/programs do not exist: c:\progra~1\bearsh~1\mediabar\datamngr\DATAMNGR.DLL c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.DLL Is someone please able to tell me where I go from here? Am I able to surgically remove those calls? I have tried reinstalling Voipbuster but that makes no difference. If someone could let me know (simply) why reinstallation of voipbuster does not make any difference that would be appreciated. I have included the dependency walker process tree as an attachment. No I haven't, it said I wasn't allowed!! Regards, David.