From: KD833 on 27 Jun 2010 10:30
"Paul" <nospam(a)needed.com> wrote in message
> Sue wrote:
>> i recently started getting a mesage on boot up that exojitifef.dll could
>> not be loaded and I have no connection to the internet. are these two
>> facts associated?
>> how do I solve the dll problem? I can't access the internet from that
>> computer. I am using another computer to send this.
> When malware installs an executable, there are two components.
> 1) Typically, a randomly named file is used. When you can't find
> the "exojitifef.dll" in a web search, that is how you tell it
> is probably malware. If you could actually find the file and
> upload it to virustotal.com , you could have it scanned. If your
> browser cannot go to virustotal.com , then you know you're infected
> anyway. (Good malware designs, prevent your browser from visiting
> anti-malware sites.)
> 2) For the file to be executed, something has to launch it. Windows
> has various ways to "Startup" a file when the computer boots. If
> you go to sysinternals.com and get a copy of the "Autoruns"
> utility, that utility can show you all sorts of things that
> are set up to automatically run on your computer. By unticking
> the box next to the "exojitifef.dll" item, in the list of
> startup items, you can stop the error message from appearing.
> As long as the malware truly is deactivated, it should not
> reappear in the list.
> When your AV or anti-malware program runs, it will scan for items
> like (1) above. If it finds such a file, it will either "quarantine"
> it (put it in a separate folder, for later analysis by the user). Or
> it will delete the file.
> But what it won't do, is take care of (2). The part of the infection
> described in (2) is left intact. That causes an error message at
> startup (because the exojitifef.dll is deleted), but there might be
> no other damage, other than the nuisance of having error messages
> on your screen.
> You say you haven't been connected to the Internet. It is still possible,
> for someone to plug their USB Flash stick into your computer, and
> execute a file from that stick, and infect the computer. So there
> are infection vectors other than your web browser to worry about.
> A good AV tool, will scan a flash stick when it is plugged in.
> There have even been USB storage devices, shipped from the manufacturer,
> with a virus or malware on them.
> A number of the malware fighting tools, require a connection to the
> Internet, so that updated virus definitions can be downloaded. It may not
> be easy to do further cleanup work on the machine, conveniently, if you
> still don't have an Internet connection. While the "exojitifef.dll"
> file has been deleted, there could be others present on the
From: Sue on 28 Jun 2010 09:57
Thanks to all for the advice. I am running norton antivirus, but had it
turned off for a day or so as it interacted with another program i was
trying to load.
From: Yuri Nalysis on 28 Jun 2010 10:25
It doesn't take but a few minutes to get infected.
"Sue" <sue(a)wizardclassics.co.uk> wrote in message
: Thanks to all for the advice. I am running norton antivirus, but had it
: turned off for a day or so as it interacted with another program i was
: trying to load.
From: Jim on 29 Jun 2010 09:15
On Mon, 28 Jun 2010 14:57:24 +0100, "Sue" <sue(a)wizardclassics.co.uk>
>Thanks to all for the advice. I am running norton antivirus, but had it
>turned off for a day or so as it interacted with another program i was
>trying to load.
After it was turned back on , did you do a system scan ?
From: Jose on 29 Jun 2010 09:46
On Jun 28, 9:57 am, "Sue" <s...(a)wizardclassics.co.uk> wrote:
> Thanks to all for the advice. I am running norton antivirus, but had it
> turned off for a day or so as it interacted with another program i was
> trying to load.
What happens when you try to access the Internet from the afflicted
computer (besides you can't access the Internet)?
A "Cannot find...", "Cannot start..., "Cannot load...". "Could not
run..." Cannot run" "Error loading..." or
"specific module could not be found" message at startup is usually
related to malware that was set to run at startup but
the referenced file(s) has been deleted after a malware scan leaving
behind a registry entry pointing to a file
that does not exist.
It could be from a malicious software removal or an uninstalled
application. The entry may have a curious
looking name since it was probably generated at random when the
malware was installed.
Windows is trying to load this file but cannot locate it since the
file was mostly likely removed during an scan
for malicious software. However, an associated orphaned startup
parameter or registry entry remains and is telling
Windows to load the file when you boot up or login.
You need to remove the referenced entry so Windows stops trying to run
the file. It may or may not be in the
registry. Autoruns (see below) will find the item no matter where it
If you just locate and uncheck the item in msconfig, that disables the
item but does not remove the reference to
the bogus startup item from your computer. The msconfig program is
not a startup manager, it is a troubleshooting
tool. Disabling things in msconfig and thinking your problem is
resolved is the lazy mans solution (or the
uninformed mans solution) and leaves you with a sloppy XP
If you are comfortable editing the registry you can search for and
remove the reference from or remove it using a
popular third party tool called Autoruns.
Before making any changes to your registry by hand or with third party
tools, be sure to make a backup of the registry
first. There is no undo or quit without saving option in regedit.
Here is a link to a popular registry backup tool:
Autoruns does not install anything on your computer. It will display
all of the startup locations where the reference
might be so you can disable it or delete it completely. Here is the
download link for Autoruns:
Launch Autoruns.exe and wait for it to finish populating the list of
When Autoruns is finished scanning your system, it will say "Ready" at
the bottom left corner. Autoruns can be a
little intimidating at first if you have never see it before since it
displays a lot of information. You are really
only interested in a couple sections.
The problem item is usually in the usually the system startup or user
startup entries so click the Logon tab.
Scroll through the list and look for a startup entry related to the
file(s) in the error message.
If you don't find it there, look for it in the Everything tab.
Right-click on the offending entry and choose to delete it. If you
are not sure what it is, you can disable it,
reboot and if the issue is resolved, then delete the offending entry.
If you don't see it in Autoruns you may
have to edit the registry and remove the item from the Startup folder
there. Autoruns should display the same
Since you had or have an infection, follow up with this:
Perform some scans for malicious software, then fix any remaining
Download, install, update and do a full scan with these free malware
Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpyware: (SAS): http://www.superantispyware.com/
They can be uninstalled later if desired.
Reboot your computer and troubleshoot remaining issues.
First | Prev |
Pages: 1 2
Prev: Can't move items on the menu...
Next: How to control displayed items in Windows Explorer?