|
Virus removal
I am getting an error message each time I boot my computer. It says something called "tezimawi.dll" file missing. I think it is a virus, but I'm not sure - any help would be appreciated.
|
|
now what? Its apparently been removed.
|
Do you have Malwarebytes' Anti-Malware? If not, you should. I got it on mbpark's recomendation and it works great.
|
I have Spyware Doctor, with malware, which apparently found it and deleted it. The problem is that when I turn the computer on it is apparently looking for something that no longer exists.
Perhaps I need to get a new spyware/malware program. My subscription for virus protection expired this morning too. Maybe its time for me to just start over with new ones. . . |
It sounds like you have some part of the virus still installed and running as part of the startup process. Follow the directions here and see if you can figure what's looking for the malware dll.
|
I'll try that when I get home tonight - thanks.
|
Quote:
Also will this affect the Spyware Doctor I already have? I renewed my annual subscription a few months ago. Also I have virusScan. It just ran out - Should I renew it or get a different anti-virus program? I'm on an older machine - maybe 3-4 years, a Gateway if that matters. |
Virus scan on safe mode. I don't know if it works the same on a PC (I just work with laptops), keep pressing F8 when the computer is booting and access safe mode. Then run a full scan on safe mode a few times. If that does not get rid of the virus then you have a problem.
Safe mode is more efficient at finding and getting rid of viruses then when just in regular mode. |
Quote:
|
How would one know if they had malware? and why doesn't the antivirus get them?
I am thinking of running the malware bytes but don't want to install if I don't need to. The reviews are good. |
Quote:
|
Oh, so you don't believe me, huh? :p
Look here. |
Uggghhh READ!
no bruce - thats not it at all. Should I remove the Spyware Dr. program I currently have? Also I have virusScan. It just ran out. Should I renew it or get a different anti-virus program? |
Quote:
2) How does antivirus 'clean' something that is not known to be malware? That is the problem. All these virus companies share databases of known malware. Then each attempts to develop cures for as many as possible. Not every company has a cure for every currently found malware. 3) Do you have malware? Read an earlier discussion we had on rootkit viruses to appreciate the complexity. Some places to watch include Task Manager. New processes that cannot be explained are one indication. Processes that consume too much CPU time are another. A program that summarizes all internet connections is another useful utility. If something attempts to randomly reconnect to the internet - a symptom. 4) One important maintenance option is a program that verifies anti-virus is working. I have seen anti-virus programs disabled without indication. That anti-virus maintenance program identified (and sometimes could not fix) the problem. I have even seen one anti-virus program disable the other anti-virus program. |
Hi, tough week at work..
Quote:
I'd rip those out and get MalwareBytes and AVG. Seriously. Neither of the two is that good at all. TW, I recommend you get the book Security Warrior so you can watch every supposition you just made about detecting malware get thrown out the window. I've seen malware that hides from Task Manager, netstat, and even anti-virus programs (McAfee, Symantec, Trend, and AVG). The code's been out there for years, and it's not just for Windows. UNIX users have had this problem for years, especially with kernel-level rootkits in Linux or UNIX that will "patch" the API calls. This is a big reason why Microsoft re-wrote the Windows Kernel for Vista and Windows 7 to include ASLR (Address Space Layout Randomization), so it would be much harder to attack known holes via static memory locations. Apple will be including this in OS X 10.6 "Snow Leopard", OpenBSD has had this for years, and Linux has additional functionality to find it. MalwareBytes does have some "interesting" technology to get rid of malware by checking for patched APIs by executables, and a known database of it. However, most anti-spyware programs get rid of cookies because of the privacy issue. Additionally, some installers out there do install adware/spyware, or share DLLs with them. Therefore, they get flagged as a false positive. I've seen Symantec and McAfee do it. The best thing to do is to get the Ultimate Boot CD for Windows, use the AVG plug-in, grab the latest definitions, burn it to CD or USB, and use that to scan your machine in an offline state so that the machine can't initialize itself and the offending DLLs. |
ok - I downloaded Malwarebyte's and uninstalled Spyware Doctor. I ran Malwarebytes and it found 99 objects infected. I deleted all the trojans.
|
Quote:
Quote:
biookmarked both for reading later |
Some of the items marked are labeled "Registry Key" and "Registry Value."
Do I delete them too? |
Yes, you want to do that, or else you'll get more error message popping up telling you that things are missing, and you'll have a slower startup time because of it.
|
thanks - It seems to be running faster/better.
OK, I deleted them all and ran malware till it came up clean... Now every time I start anything, I get the following error message: "The application or DLL C:\WINDOWS\system32\fevowafo.dll is not a valid Windows image. Please check this against your installation diskette." The program continues to load normally, but what is this message all about and how do I stop/prevent/fix it. |
|
Get yourself Autoruns from sysinternals.com and you'll be able to see exactly where certain programs like that start up at. You can then disable this one.
|
| All times are GMT -5. The time now is 02:38 PM. |
Powered by: vBulletin Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.