Solved

Orphaned .dlls in Windows 2000

Posted on 2003-10-31
11
1,091 Views
Last Modified: 2010-04-13
Hi everybody-

Has anyone found a way to seek and destroy orphaned .dlls?  In my searches, I found one authored by a Kevin Solway, but it was for pre-Windows 2000.  Each morning when I log on, I get "Error finding C:\Program Files\commonName\Toolbar\CNBabe.dll .  Cannot find module specified"
I have a feeling this is the remnant of some sort of spyware, since it popped up when I ran my Ad-Aware program http://www.lavasoftusa.com/software/adaware/ .   Any ideas here?
0
Comment
Question by:jzgy12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 44

Accepted Solution

by:
CrazyOne earned 125 total points
ID: 9660163
Well first get one of these free utilities

MSCONFIG for Win 2000
http://www.insideproject.com/showguide.cfm?guideid=31
http://www.insideproject.com/downloads/msconfig2k/msconfig.zip

StartupCop
http://web.zdnet.com/pcmag/pctech/content/18/08/ut1808.007.html

StartStop
http://www.tfi-technology.com/downloads.htm

AutoRuns
http://www.sysinternals.com/ntw2k/source/misc.shtml#autoruns

Startup Control Panel
http://www.mlin.net/StartupCPL.shtml
and
StartupMonitor
http://www.mlin.net/StartupMonitor.shtml

then

Open up what you download
and find Startup lis
unckeck all the items.

If the problem no longer persists then one of the items in the starup is the culprit you just need to track it down.
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9660179
Also use one of these as well. I would recommend Hijack This because it may find something to do with the DLL in the registry

Check for adware and sypware

spybot here
http://spybot.safer-networking.de/
Download
http://spybot.safer-networking.de/index.php?lang=en&page=download

AdAware
http://www.lavasoftusa.com/

Spycop:
http://www.spycop.com/

BHODemon and Hijack This and Browser Hijack Blaster
http://www.spywareinfo.com/downloads.php?cat=sp#det
BHODemon | Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.

Browser Hijack Blaster | Running silently in the background, Browser Hijack Blaster only springs into action when an attempt is made. It watches and protects the following items: IE Homepage, IE Default Page, IE Search Page, BHOs. Whenver one of the above items is changed, or a BHO is added, you are immediately provided with information on the item, along with the option to keep the change, or revert to your previous settings.

Hijack This | Written by a member of our support forums and based on our Hijacked! article, this program scans the locations in your computer system that may be modified by browser hijackers and fixes any problems found. An easy-to-understand tutorial is available at TomCoyote.org.

General and overall information about Spy/Adware
http://www.cexx.org/adware.htm
0
 

Expert Comment

by:rziminski
ID: 9660180
go to run sysedit
check your system.ini, win.ini for any mention of the dll and remove it the config.sys and autoexec.bat should be blank

Rick
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 20

Expert Comment

by:Dufo G. Belski
ID: 9660205
To answer your general question about deleting orphaned dll's, there are a few utilities here that will find them for you:

http://www.donker.ws/
0
 

Author Comment

by:jzgy12
ID: 9660474
thanks, I'll check it out..
0
 
LVL 8

Expert Comment

by:nader alkahtani
ID: 9660966
Try this :

Well, cnBabe.dll is part of a Spyware application (it transmits data from
your computer to other computers so they can collect information about you).
If you'd like to get rid of the message, here's a way to do it...
---------------------------------------------------------
Go to Start > Run, and type in "msconfig", click OK > Startup and look for
the entries for CommonName, CNBABE.EXE., cnform.exe, BabeIE.dll,
CNBarIE.dll.... if any of them are there, uncheck them, click OK, then
reboot.

If you don't find all of them there, click Ctrl\Alt\Del and look for them in
the window that appears, if you find any, highlight and End Task on them.
That will ensure they are not running prior to the scan.

Now go to your Add\Remove programs and look for CommonName and uninstall it.
If you happen to see any of those others above there delete them also.

Do a file search for w3k*.tmp and delete all that you find.

Run Adaware.

When it's done choose "mark all for removal"

IMPORTANT: Make sure that you choose to make a BACKUP before removing
anything.

Click "Continue" to remove the nasties.

When it is finished I would reboot and run Ad-aware again to make sure all
is gone.


http://www.thedibb.co.uk/forums/showthread/t-14221.html


0
 

Author Comment

by:jzgy12
ID: 9671106
thanks, everybody....I first followed CrazyOne's suggestion and downloaded MSconfig for W2k...I clicked on the startup tab and unchecked the appropriate entry like NADIR mentioned.  I'll check out the other links as well..

0
 
LVL 8

Expert Comment

by:nader alkahtani
ID: 9678192
Why didn't split the points ?
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9680900
0
 

Author Comment

by:jzgy12
ID: 9684202
Well, I didn't know I could split points to be quite honest.  I'm pretty new around here, I apologize..
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 9684524
:)
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Configuring Remote Assistance for use with SCCM
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question