J
Jason
I've been working with computers for a number of years, and although I know
that doesn't necessarily make me knowledgeable, I'd like to think I'm not
incompetent.
There's a computer at work which I just recently cleaned of a few viruses.
However, I noticed that in my %TEMP% folder, there is a file called 'otzkcje'
(no extension). I can't delete this file whatsoever. I cleaned out all
unnecessay processes running in the background, but it was still being used
by something. I used msconfig, and found a line in the startup entries:
Startup Item: System32
tzkcje
Command: rundll32 C:\WINDOWS\System32tzkcje.dll,Init 1
I unchecked it, restarted the computer, checked msconfig, and saw that it just
added itself again. I used a program called MoveOnBoot (www.gibinsoft.net)
which, as you may have guessed, allows you to delete a file upon booting the
computer. It worked, but the file was immediately created again. I did a
complete search on my hard drive for otzkcje, and nothing turned up except
for that file in my %TEMP% directory. There isn't even an otzkcje.dll in
C:\WINDOWS or C:\WINDOWS\System32, as the msconfig entry may lead you to
believe. Alright, now this thing is starting to get aggrivating. I ran
Sysinternal's Process Explorer
(http://www.sysinternals.com/ntw2k/freeware/procexp.shtml) and found that it
was "Explorer.EXE" which held the file. Why is explorer using this bizarre
file? I closed the handle, which then allowed me to delete otzkcje. Upon
restarting, it had resurrected itself, AGAIN.
I then ran a program called Regseeker (http://www.hoverdesk.net/freeware.htm)
which picked up numerous registry entries relating to 'otkzcje,' all of which
I deleted. But, to my dismay, I ran the scan again, and it popped up with
those same entries (in SOFTWARE\Microsoft\Windows\CurrentVersion\Run and
RunOnce). So there's some process (or possibly explorer itself??) that
refuses to let its startup entry be deleted. I just can't delete the bloody
thing! Has anybody experienced anything close to this? Any help or
suggestions are greatly appreciated. Thanks!
Jason
that doesn't necessarily make me knowledgeable, I'd like to think I'm not
incompetent.
There's a computer at work which I just recently cleaned of a few viruses.
However, I noticed that in my %TEMP% folder, there is a file called 'otzkcje'
(no extension). I can't delete this file whatsoever. I cleaned out all
unnecessay processes running in the background, but it was still being used
by something. I used msconfig, and found a line in the startup entries:
Startup Item: System32
tzkcjeCommand: rundll32 C:\WINDOWS\System32
tzkcje.dll,Init 1I unchecked it, restarted the computer, checked msconfig, and saw that it just
added itself again. I used a program called MoveOnBoot (www.gibinsoft.net)
which, as you may have guessed, allows you to delete a file upon booting the
computer. It worked, but the file was immediately created again. I did a
complete search on my hard drive for otzkcje, and nothing turned up except
for that file in my %TEMP% directory. There isn't even an otzkcje.dll in
C:\WINDOWS or C:\WINDOWS\System32, as the msconfig entry may lead you to
believe. Alright, now this thing is starting to get aggrivating. I ran
Sysinternal's Process Explorer
(http://www.sysinternals.com/ntw2k/freeware/procexp.shtml) and found that it
was "Explorer.EXE" which held the file. Why is explorer using this bizarre
file? I closed the handle, which then allowed me to delete otzkcje. Upon
restarting, it had resurrected itself, AGAIN.
I then ran a program called Regseeker (http://www.hoverdesk.net/freeware.htm)
which picked up numerous registry entries relating to 'otkzcje,' all of which
I deleted. But, to my dismay, I ran the scan again, and it popped up with
those same entries (in SOFTWARE\Microsoft\Windows\CurrentVersion\Run and
RunOnce). So there's some process (or possibly explorer itself??) that
refuses to let its startup entry be deleted. I just can't delete the bloody
thing! Has anybody experienced anything close to this? Any help or
suggestions are greatly appreciated. Thanks!
Jason