New
#11
Please read this about --> Temp\tsiVi032.dll RunDLL error on windows startup - Microsoft Community
Please read this about --> Temp\tsiVi032.dll RunDLL error on windows startup - Microsoft Community
Filename: tsiVi032.dll
MD5: a5cd6c61b39a76d9b1e2f3bb028c6561
SHA1: f4f45e39b2df8700a529a5ea7ffa27a1023cb3a7
SHA256: 0feed22ce8336115cc0c1f758df682108f8273a406bbe08eda806e0a5f430973
Detection ratio: 14/46
https://www.virustot...sis/1377664261/
Using a "clean" flashdrive: Download (free version) Malwarebytes' Anti-Malware Malwarebytes | Free Anti-Malware Detection & Removal Software
Plug it into the infected machine.......
* Double-click mbam-setup.exe and follow the prompts to install the program.Right click to run as Administrator, using Windows 7 or Vista.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. Copy and Paste that log into your next reply.
Also, I/O error 0xc0000185 Error Message 0xc0000185 [Solved] - Error Message - Windows 7 and I/O device error
So I have read everything and tried whatever I could. No trace of tsivi anywhere. Ran Malwarebytes software and it didnt find anything either, in my opinion. Here is the log: MalwBytesLog.txt
I have tried so much softwares for removal of malicious files that I dont think some infected software can be at fault. Rather, since it fails to function in networking mode, it means some of the loaded networking drives or devices is failing to function. If I would have to take a wild guess - I would say some of my networking drivers are corrupt and fail to communicate with the machine. Wish there would be some kind of windows essential driver checker. Or a whole system32/drivers folder for download.
Thank you Jacee for all your replies and time spent. Will await your reply
EDIT: I was so happy to find microsoft program Driver Verifier, but then very sad as I realized it can never be turned ON for me since rebooting puts me into a loop. Any known alternatives which will work in safe mode?
Last edited by ExacT; 05 Sep 2014 at 17:38.
This is the path to the temporary file: C:Users\RMK|AppData\Local\Temp\tsiVi032.dll
Download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forum to a clean flash drive.
Plug the drive in the infected machine, right click (TFC.exe) on the drive and choose to run as Administrator.
Save any unsaved work. TFC will close ALL open programs including your browser!
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! Manually reboot the machine to ensure a complete clean.
Nothing found:
I have no need to open browser in safe mode with no network. I thought you knew by now I can't get into normal windows or safe mode with networking... I realize that you shouldn't bother yourself with remembering so many problems everywhere, but this is like my main problem, no offense :)
So I've used it, deleted 420mb or so. Rebooted and here is what I see :)
No difference so far
file folder WPDNSE
WPDNSE stands for Windows Portable Device Namespace extension
File Folder E_N4
http://about-threats.trendmicro.com/...GY&language=au
Did you download or copy an MP3 file recently?
Last edited by Jacee; 05 Sep 2014 at 23:53.
Hmmm, recently - no, about 4 months ago I downloaded and placed some songs on my mp3 which I never plugged again since then. I used Freemake YouTube to mp3 converter.
Folder WPDNSE was empty even before deletion by TFC. And the other folder contained PhyDMACC.dll. All those files were completely wiped out after TFC. So I don't even have a parent folder AppData now.
If what I still can't access my normal windows.
Last edited by ExacT; 06 Sep 2014 at 05:17.