dll not loading
in [Windows XP]
|
From: KD833 on 27 Jun 2010 10:30 "Paul" <nospam(a)needed.com> wrote in message news:i04am7$tdu$1(a)speranza.aioe.org... > Sue wrote: >> i recently started getting a mesage on boot up that exojitifef.dll could >> not be loaded and I have no connection to the internet. are these two >> facts associated? >> how do I solve the dll problem? I can't access the internet from that >> computer. I am using another computer to send this. >> TIA > > When malware installs an executable, there are two components. > > 1) Typically, a randomly named file is used. When you can't find > the "exojitifef.dll" in a web search, that is how you tell it > is probably malware. If you could actually find the file and > upload it to virustotal.com , you could have it scanned. If your > browser cannot go to virustotal.com , then you know you're infected > anyway. (Good malware designs, prevent your browser from visiting > anti-malware sites.) > > 2) For the file to be executed, something has to launch it. Windows > has various ways to "Startup" a file when the computer boots. If > you go to sysinternals.com and get a copy of the "Autoruns" > utility, that utility can show you all sorts of things that > are set up to automatically run on your computer. By unticking > the box next to the "exojitifef.dll" item, in the list of > startup items, you can stop the error message from appearing. > As long as the malware truly is deactivated, it should not > reappear in the list. > > When your AV or anti-malware program runs, it will scan for items > like (1) above. If it finds such a file, it will either "quarantine" > it (put it in a separate folder, for later analysis by the user). Or > it will delete the file. > > But what it won't do, is take care of (2). The part of the infection > described in (2) is left intact. That causes an error message at > startup (because the exojitifef.dll is deleted), but there might be > no other damage, other than the nuisance of having error messages > on your screen. > > You say you haven't been connected to the Internet. It is still possible, > for someone to plug their USB Flash stick into your computer, and > execute a file from that stick, and infect the computer. So there > are infection vectors other than your web browser to worry about. > A good AV tool, will scan a flash stick when it is plugged in. > > There have even been USB storage devices, shipped from the manufacturer, > with a virus or malware on them. > > A number of the malware fighting tools, require a connection to the > Internet, so that updated virus definitions can be downloaded. It may not > be easy to do further cleanup work on the machine, conveniently, if you > still don't have an Internet connection. While the "exojitifef.dll" > file has been deleted, there could be others present on the > computer. > > HTH, > Paul
From: Sue on 28 Jun 2010 09:57 Thanks to all for the advice. I am running norton antivirus, but had it turned off for a day or so as it interacted with another program i was trying to load.
From: Yuri Nalysis on 28 Jun 2010 10:25 It doesn't take but a few minutes to get infected. "Sue" <sue(a)wizardclassics.co.uk> wrote in message news:07Kdnbe8e57JN7XRnZ2dnUVZ8g2dnZ2d(a)brightview.co.uk... : Thanks to all for the advice. I am running norton antivirus, but had it : turned off for a day or so as it interacted with another program i was : trying to load. : :
From: Jim on 29 Jun 2010 09:15 On Mon, 28 Jun 2010 14:57:24 +0100, "Sue" <sue(a)wizardclassics.co.uk> wrote: >Thanks to all for the advice. I am running norton antivirus, but had it >turned off for a day or so as it interacted with another program i was >trying to load. > After it was turned back on , did you do a system scan ?
From: Jose on 29 Jun 2010 09:46 On Jun 28, 9:57 am, "Sue" <s...(a)wizardclassics.co.uk> wrote: > Thanks to all for the advice. I am running norton antivirus, but had it > turned off for a day or so as it interacted with another program i was > trying to load. What happens when you try to access the Internet from the afflicted computer (besides you can't access the Internet)? A "Cannot find...", "Cannot start..., "Cannot load...". "Could not run..." Cannot run" "Error loading..." or "specific module could not be found" message at startup is usually related to malware that was set to run at startup but the referenced file(s) has been deleted after a malware scan leaving behind a registry entry pointing to a file that does not exist. It could be from a malicious software removal or an uninstalled application. The entry may have a curious looking name since it was probably generated at random when the malware was installed. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an scan for malicious software. However, an associated orphaned startup parameter or registry entry remains and is telling Windows to load the file when you boot up or login. You need to remove the referenced entry so Windows stops trying to run the file. It may or may not be in the registry. Autoruns (see below) will find the item no matter where it is. If you just locate and uncheck the item in msconfig, that disables the item but does not remove the reference to the bogus startup item from your computer. The msconfig program is not a startup manager, it is a troubleshooting tool. Disabling things in msconfig and thinking your problem is resolved is the lazy mans solution (or the uninformed mans solution) and leaves you with a sloppy XP configuration. If you are comfortable editing the registry you can search for and remove the reference from or remove it using a popular third party tool called Autoruns. Before making any changes to your registry by hand or with third party tools, be sure to make a backup of the registry first. There is no undo or quit without saving option in regedit. Here is a link to a popular registry backup tool: http://www.larshederer.homepage.t-online.de/erunt/ Autoruns does not install anything on your computer. It will display all of the startup locations where the reference might be so you can disable it or delete it completely. Here is the download link for Autoruns: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx Launch Autoruns.exe and wait for it to finish populating the list of entries. When Autoruns is finished scanning your system, it will say "Ready" at the bottom left corner. Autoruns can be a little intimidating at first if you have never see it before since it displays a lot of information. You are really only interested in a couple sections. The problem item is usually in the usually the system startup or user startup entries so click the Logon tab. Scroll through the list and look for a startup entry related to the file(s) in the error message. If you don't find it there, look for it in the Everything tab. Right-click on the offending entry and choose to delete it. If you are not sure what it is, you can disable it, reboot and if the issue is resolved, then delete the offending entry. If you don't see it in Autoruns you may have to edit the registry and remove the item from the Startup folder there. Autoruns should display the same information though. Since you had or have an infection, follow up with this: Perform some scans for malicious software, then fix any remaining issues: Download, install, update and do a full scan with these free malware detection programs: Malwarebytes (MBAM): http://malwarebytes.org/ SUPERAntiSpyware: (SAS): http://www.superantispyware.com/ They can be uninstalled later if desired. Reboot your computer and troubleshoot remaining issues.
First
|
Prev
|
Pages: 1 2 Prev: Can't move items on the menu... Next: How to control displayed items in Windows Explorer? |