Friday, September 19, 2008

Tazebama.dll In My Documents And Settings

It is surprising to have discovered a file called Tazebama.dll along with other strange files of Tazebama [DL_file] and Hook [DL_file 1.0.11] in 'My Documents and Settings' of Windows XP or 'Documents' folder in Windows 7 or 8 Operating system. When trying to delete them they return to the same place replicating into more of the same files. That is a worm virus in action. It is detrimental to the system and can as well compromise the safety of the private data and files held in different folders. One can possibly get it from hacker's pages. It could have been through downloading of software or files carrying this worm from non-trusted sites. Also can be contaminated from a file-sharing torrents and from general USB memory stick (which is often prone to Worms, Trojan horses, etc) due to contamination or corrupted Tazebama files save on it. Many more other things could be causative factors associated with the problem.

The behavior of the virus is one that replicate upon interaction or triggered. It usually clones itself on the Startup as SSVICHOSST – located at Windows\system32\SSVICHOSST.exe or as Tazebama on the list of services at the Startup. Task Manager and Registry Editors are disabled quickly by it, giving messages error  the 'Task Manager and Registry Editor have been disabled by administrator' . When trying to access them  the computer tells you they are not accessible but only by the administrator. Its hyper-hidden files are difficult to collate in the Registry Editor as it spreads through replicating itself. To view some of the locations of the hyper-hidden files yet only as string values. This can be done by opening the Tazebama.dll file with a  Notepad. In Notepad one can see where the hyper-hidden files are located in the Registry editor. Note that there are quite a number of files associating with it. These are files usually caught-alerted as viruses when you have Anti-virus package in the system.

The direct-Link Library bearing Tazebama and associated files can easily be removed from a system by some Malware, Spyware, Virus, registry (Security scan) removal tools. These Anti-virus software are capable of locating any of the intruders and wipe them out (is the best way to get rid of it) - the intruder can be inimical to full operation of a computer system. During the course of diagnosing and eradicating of these disturbing files  it's most advisable to be careful not to delete important files of the operating system already in the program directory or other locations.

Image of Tazebama and associated files in Documents folder of Windows 8

Step 1: Download ESET (NOD32) Anti-virus from the ESET Official Website and install it. Microsoft  Security Essential can be download free from Microsoft Official Website - updated and it is also very effective against Tazebama. Run it to clean your system of other virus including Tazebama.  Even the trial version is very effective against Tazebama.

Step 2: During the course of scanning your system with NOD32 Anti-virus or Microsoft Security Essentials make sure you delete the virus rather than just putting them in quarantine state only. 

What if I don’t have a Security scan or Anti-virus in my system?

Step 1: Go to Start ---> Run and type msconfig and click OK. On your 'System Configuration Utility' click  'Startup' among many items on the list at the top of it unchecked  SSVICHOSST.exe at windows\system32\ SSVICHOSST.exe, under 'Command as Common item and Startup as location'.

Step 2:  After that, go back to Start ---> Run and type gpedit.msc to carry out some changes. At Group Policy click User Configuration ---> Administrative Template ---> System ---> Ctrl+Alt+Del Option and double-click on Remove Task Manager. 

Step 3: If the mark is on Not configure you can mark enable and return back to point Not Configure, click OK and go to file and exit the group Policy. Then press CTRL+ALT+DEL now, on the Windows Task Manager that comes up click Processes to see Tazebama among many files. For the Registry Editor to be managable visit this  link .

NB:There are instances where consecutive deleting of files is recommended. It can be through the use of tools created by people for the removal of aberrant files much more the way Anti-virus will do but in this case you are conscious of the files to delete before going about it .