Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unknown program

Status
Not open for further replies.
micker377

micker377

Technical User
Jan 15, 2003
3,864
0
0
US
Working on the grand-kid's XP. On boot, I get a pop-up: can't find "inixibabud.dll". I just click and it goes away, with no impact on the system. The problem I am having is that no one knows what it is. Even Google has no information! I presume that it is part of a program that has been removed, but since it is still called for, I can't identify what to look for in Startup (it is empty), or MSCONFIG.
Does anyone have any idea what this is?
Thanks
 
Sort by date Sort by votes
Upvote 0 Downvote
Have a look at your event viewer. It may log something that fails to start. If nothing has been logged then have a look at your registry. It will be in one of the following

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
 
Upvote 0 Downvote
If you use AUTORUNS, you will be able to find that trying to start up when windows starts and you can uncheck it. It will likely say next to it "unable to find file" or something like that - hence the message. In other words, your computer is trying to launch that DLL at startup but it can't find it any longer.

You can turn that off as I said, but you should also run several anti-malware scans to make sure other items aren't lurking.

The reason you found nothing by searching is that often malware will create random names for DLLs that it spawns to hide and be stealthy.
 
Upvote 0 Downvote
Try running hijackthis, and posting a log from it here so we may see.

----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Web & Tech
 
Upvote 0 Downvote
Has the feel of malware that has been removed but the stealth calling program is still out there attempting to reload it.

The last 2 or 3 I've run across had the links in the registry in local machine software or current user software and a full registry scan found them.



Ed Fair
Give the wrong symptoms, get the wrong solutions.
 
Upvote 0 Downvote
I'm currently waiting word from them. They plan to get a new one for Christmas. If they do, then I'll just wipe it and put Win 7 on it (it's new enough). The only hold up is that the kid is a big game player. He has a bunch of scores to back up for the new one. Not to mention his iTunes. The new one would be a laptop, so I can't just mount it as a slave.
I already have a "market" for this unit, so either way - the hard drive data is toast! That's why it's become more of "my curiosity"!
BBB, I already removed 44 "baddies" with Avira. I killed that and installed MSC. It found one more.
Thanks ya' all - every day is a learning day!
 
Upvote 0 Downvote
The number is NOT the important thing when it comes to malware infections, it's the nastiness. So, one bad thing like Zero Access rootkit is worse than a whole bunch of wimpy/easily removed malware.

Don't judge by the number but rather by the quality.
 
Upvote 0 Downvote
BBB: No, it's a case of these idiot kids downloading everything!
One other thing that I am curious about. He was complaining about "someone else moving the mouse on the screen". I did find M.S. Remote Access loaded. Is Remote access necessary for some of the multi-player games that they play online, or did a "baddie" install it? I don't play games, so I don't know.
 
Upvote 0 Downvote
Well from the little bit of research I did, it seems that your kids can use the M.S. remote access for gaming. It just gives them the ability to access certain features without having to download them. I would just ask your kids just to be sure. I know it's a wiki link but just have a look.
 
Upvote 0 Downvote
micker377,

>> Is Remote access necessary for some of the multi-player games that they play online

No it is not necessary for playing games, including WoW or other MMO's.

>> did a "baddie" install it?

possible, but not probable, most likely one of the kids did this, so that a friend could assist him in setting up one of the games... but that is just conjecture... though I would have preferred TeamViewer or CrossLoop... ;-)

Goom,

>> Don't judge by the number but rather by the quality.

quite correct, but with that many baddies, it usually takes more time to disinfect (depending on the quality ;-) of the baddies), than it would be to reload the OS, in most cases...

Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
 
Upvote 0 Downvote
BBB - are you referring to "that many baddies" as the number 44 that was mentioned above???

I guess I've seen machines that have 760 baddies but they were all wimpy stuff like MyWebSearch, etc., etc. with a trojan downloader thrown in. But, yeah, it's all about A) how much time you have to play with it, B) if the time is free or whether you are paying someone and C) whether you need the PC to get back to work.

It's always a tough call on when to abort the fight and reload vs. battling until the last drop of blood. I generally abort if I run MBAM and that doesn't work followed by combofix - assuming a bootable computer
OR for a non-bootable computer
an offline scan using a bootable CD (Mcafee on BartPE) doesn't improve anything and manually replacing the registry hives from System Restore also fails.

I wish there was a Tek-Tips master malware removal flowchart that also included when to give it up.
 
Upvote 0 Downvote
Well, yeah, stuff like "MyWebSearch" I really just consider a nuisance rather than a baddie.

I guess a clear definition of "baddie" (the ones mentioned by the OP) would have gotten a different response from me... ;-)

I wish there was a Tek-Tips master malware removal flowchart that also included when to give it up.
Click to expand...
me too...

It's always a tough call on when to abort the fight and reload vs. battling until the last drop of blood.
Click to expand...
at work, when we have to deal with these cases, I usually drop the line real quick, and will reload the OS after a drive overwrite... Privately, I usually battle to the "last drop of blood"...


Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
 
Upvote 0 Downvote
The line is fuzzier when you're doing it someone and being paid for your time.
 
Upvote 0 Downvote
Upvote 0 Downvote
Sorry I haven't gotten back to this - I thought that the thread was dead!
Anyway, I sent it home to the kid. He is scheduled for a new computer (laptop), for Christmas. I'll get the unit back, wipe the H.D., upgrade to Win 7, and "recycle" it!
Thanks for all of your help!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bobadams52
  • Locked
  • Question
error 12 program swcocx in mas90
Replies
0
Views
82
bobadams52
bobadams52
pjw001
  • Locked
  • Question
Programs not loading on Windows 11 Version 22H2.
Replies
9
Views
210
pjw001
pjw001
Sebastian42
  • Locked
  • Question
Macro program more reliable than Macro Express
Replies
4
Views
60
mintjulep
M
moveit
  • Locked
  • Question
MSDOS PROGRAM IN WINDOWS 10 32BIT WILL NOT WORK
2
Replies
21
Views
201
Deniall
Deniall
LOKIDOG
  • Locked
  • Question
Create New User to Troubleshoot Failing Software Program with Minimal Background Programs
Replies
4
Views
59
Unscruffed
Unscruffed

Part and Inventory Search

Sponsor

Back
Top