Orphaned .dlls in Windows 2000

Hi everybody-

Has anyone found a way to seek and destroy orphaned .dlls?  In my searches, I found one authored by a Kevin Solway, but it was for pre-Windows 2000.  Each morning when I log on, I get "Error finding C:\Program Files\commonName\Toolbar\CNBabe.dll .  Cannot find module specified"
I have a feeling this is the remnant of some sort of spyware, since it popped up when I ran my Ad-Aware program http://www.lavasoftusa.com/software/adaware/ .   Any ideas here?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Well first get one of these free utilities

MSCONFIG for Win 2000




Startup Control Panel


Open up what you download
and find Startup lis
unckeck all the items.

If the problem no longer persists then one of the items in the starup is the culprit you just need to track it down.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Also use one of these as well. I would recommend Hijack This because it may find something to do with the DLL in the registry

Check for adware and sypware

spybot here



BHODemon and Hijack This and Browser Hijack Blaster
BHODemon | Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.

Browser Hijack Blaster | Running silently in the background, Browser Hijack Blaster only springs into action when an attempt is made. It watches and protects the following items: IE Homepage, IE Default Page, IE Search Page, BHOs. Whenver one of the above items is changed, or a BHO is added, you are immediately provided with information on the item, along with the option to keep the change, or revert to your previous settings.

Hijack This | Written by a member of our support forums and based on our Hijacked! article, this program scans the locations in your computer system that may be modified by browser hijackers and fixes any problems found. An easy-to-understand tutorial is available at TomCoyote.org.

General and overall information about Spy/Adware
go to run sysedit
check your system.ini, win.ini for any mention of the dll and remove it the config.sys and autoexec.bat should be blank

The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

Dufo G. BelskiRetired bureaucrat/desktop supportCommented:
To answer your general question about deleting orphaned dll's, there are a few utilities here that will find them for you:

jzgy12Author Commented:
thanks, I'll check it out..
nader alkahtaniConsultantCommented:
Try this :

Well, cnBabe.dll is part of a Spyware application (it transmits data from
your computer to other computers so they can collect information about you).
If you'd like to get rid of the message, here's a way to do it...
Go to Start > Run, and type in "msconfig", click OK > Startup and look for
the entries for CommonName, CNBABE.EXE., cnform.exe, BabeIE.dll,
CNBarIE.dll.... if any of them are there, uncheck them, click OK, then

If you don't find all of them there, click Ctrl\Alt\Del and look for them in
the window that appears, if you find any, highlight and End Task on them.
That will ensure they are not running prior to the scan.

Now go to your Add\Remove programs and look for CommonName and uninstall it.
If you happen to see any of those others above there delete them also.

Do a file search for w3k*.tmp and delete all that you find.

Run Adaware.

When it's done choose "mark all for removal"

IMPORTANT: Make sure that you choose to make a BACKUP before removing

Click "Continue" to remove the nasties.

When it is finished I would reboot and run Ad-aware again to make sure all
is gone.


jzgy12Author Commented:
thanks, everybody....I first followed CrazyOne's suggestion and downloaded MSconfig for W2k...I clicked on the startup tab and unchecked the appropriate entry like NADIR mentioned.  I'll check out the other links as well..

nader alkahtaniConsultantCommented:
Why didn't split the points ?
jzgy12Author Commented:
Well, I didn't know I could split points to be quite honest.  I'm pretty new around here, I apologize..
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.