Jump to content
Home
Forum
News
Search
Create New...
Close

Rundll32.exe?

By RNG187
in Playstation

 Share

Recommended Posts

Command Master Chief

RNG187

Posted
  • Author
Posted

i did, corruptor, basically says this. can't delete the file itself b/c you NEED that computer, checked techie forums and said that if you delete it, programs wont work.

it's a virus/trojan/worm/IDK hidden under that program, i currently have the program open in notepad, i see a LOT of gibberish, and unknown symbols, the regular file is supposed to be 32kb, this is 45kb.

disciple if this works, i will fly/drive to where you livve, hug you, buy you a beer, and go home.

Link to comment
Share on other sites
Guest Corruptor310

Guest Corruptor310

Posted
Posted

and what lead you to believe that -- it was Rundll32.exe that was slowing up your computer??

 

what os do you have and is it fully updated??

 

when was the last time spybot was ran -- to clean?

 

do you have the teatimer function on?

 

 

Link to comment
Share on other sites
Command Master Chief

[-VR-] Tool_Minion

Posted
Posted
Corruptor310 ]

not meaning to piss on d's parade

 

http://reviews.cnet.com/backup-and-recovery/uniblue-systems-winbackup-2/4852-3682_7-31768233.html

 

the user reviews on uniblue are not that good

 

carefull what you use!!!

 

 

I checked this because I use cnet a lot for different items.

 

 

 

Is that the same thing D suggested? I didn't realize he had sent him to back-up software........

Link to comment
Share on other sites
Guest Corruptor310

Guest Corruptor310

Posted
Posted

yeah i saw one of the reviews blasting on their back up software. I just dont know what that utility is.

 

some people like it -- but way too many hate on it, gis uniblue sucks. and read the user reviews in cnet.

 

this is what i give everybody that needs help getting their pc hammered out

 

THINGS TO DO TO YOUR COMPUTER TO MAKE THEM RUN SMOOTHLY AND SAFELY.

 

FIRST GET INTO THE CONTROL PANEL GO TO “ADD REMOVE PROGRAMSâ€

UNINSTALL EVERYTHING THAT IS NOT BEING USED OR HAS NOT BEEN USED -- RULE OF THUMB IF YOU SEE YOU HAVE A PROGRAM AND THE LAST TIME YOU USED IT WAS 3 YEARS AGO – GET RID OF IT.

 

SECOND OPEN INTERNET EXPLORER ----- GO TO “TOOLS†GO TO “WINDOWS UPDATE†-- I SUGGEST RUNNING THE EXPRESS OPTION UNLESS YOU FEEL COMFORTABLE DOWNLOADING YOUR OWN PATCHES AND FIXES.

 

running of windows updates can take a long time – it is very important that you do it till it is completed. you can also go into the control panel, and go to automatic updates. I strongly encourage you to do this, I have my own home pc set to automatically download updates and I determine when I install them—nice feature. you may need to run the windows updates multiple times --- one update will lead to the next from Microsoft – keep running it till it tell you have no more “high priority†updates.

 

it is also very important that you have a firewall enabled on your computer . if you don’t have one enabled let me know and I will help you get this rolling.

 

I suggest you go to http://www.java.com and install the latest version of this software. I think the webkins software is developed using it – it could help with issues you are having.

 

give me the exact message of your error – write it down – or better yet copy and paste it so I can see it – you can capture whatever is on your computer by clicking and holding the “ctrl†button and then also clicking the “print screen†you can then go into “paint†it is in your accessories and pasting your image to that program then saving. print it out or email it to me. so I can see what is going on and assist you further.

 

I also encourage you to run a program called spybot search and destroy – some people prefer other tools like this – I feel that this is the complete package for stopping spyware from being installed to your computer and I feel that it is the best program to remove said spyware ---- I run the teatimer on my computer and love it – the teatimer is a function that allows you to see and decide what programs you really want running on your computer – some websites install malware and spying tools that you will never know are being installed – the teatimer on spybot is the best. it would probably be easiest to show you how to use this program – if you go to http://www.cnet.com and type in spybot search and destroy --- it will be the progam with a blue background and a finger print – I love this program.

 

after this is done update your virus software.

 

if the problem persists – there is more we can do this is your start.

 

 

Link to comment
Share on other sites
Command Master Chief

RNG187

Posted
  • Author
Posted

i already PMed him in regards to that, the trial is next to useless for my problem, but thank you disciple for the help either way.

 

anybody else have an idea/solution/knowledge of possible malicious programs?

i'm on vista home, updated last week, spybot, AVG, and CCleaner were run last night, and earlier today, teatimer is always on.

 

i forgot wheree i saw it, but i saw the rundll32.exe thng pop-up, and opened the pgram in notepad and found a LOT of writing in different symbols, and it loks like the russian alphabet too. i could decypher some of it b/c it was in english, but i think this excess gibberish is something bad.

Link to comment
Share on other sites
Guest Corruptor310

Guest Corruptor310

Posted
Posted

i forgot wheree i saw it, but i saw the rundll32.exe thng pop-up, and opened the pgram in notepad and found a LOT of writing in different symbols, and it loks like the russian alphabet too. i could decypher some of it b/c it was in english, but i think this excess gibberish is something bad.

 

i would guess that you are viewing the computer language. but since i dont know what you are pulling up from where, i would be total confident in my answer.

 

trend micro check it out.

Link to comment
Share on other sites
Guest Corruptor310

Guest Corruptor310

Posted
Posted

vista home.

 

i know nothing about this os, cept it is generally considered a close second to windows me -- as far as turd os from microsoft.

 

windowxp pro imho is the only way to go.

Link to comment
Share on other sites
Contributor

krazyeyedkevin

Posted
Posted

Spy bot S&D blows, everyone relies on these automated tools which cannot think outside the box on problems.. Since their last update, a scan can take a good hour and half. Vista users can use the snipit feature to send all our part of the error in screen shots rather than the WHOLE screen, Rundll32.exe is a perfectly legitimate tool or product. Think of Rundll32.exe like the librarian for your computer, she controls all the dlls on your computer, both good and bad, however its not the kind of program that should be running all the time, If you terminate it you will be fine as it will simply restart when needed. However If you see it running all the time and not stopping, its usually a sign of a corrupt, or invalid DLL file and the programs keeps trying to run it. What I suggest doing is going right to microsofts website and downloading a program called Process Explorer. This is like a KICK A** version of Taskmanager and can even replace Taskmanager. Once You Download what you will want to domis find the Rundll32.exe and right click it select Properties and then select the "Threads" tab. this will allow you to find out what dlls and other programs are attached to it. IT will also allow you to Terminate parts of the Program that are making it hang up. Other areas you will want to check are the EXPLORER.EXE, LSASS.EXE and WINLOGON.EXE they are common places for random .DLL's to show up.

 

Another Really useful Program to use in conjunction with Process Explorer. is AUTORUNS. Once running the program the 2 MOST Important steps are go to options hide signed microsoft entries and Verify Code signatures. Once you have done this Refresh by hitting F5.

 

So now what you are looking for here is Uninvited guests, under the different tabs, go through the tabs and make sure you reconize everything, If you see some really wierd random keys uncheck them. Again the important sections to review are logon, Explorer, (Internet Explorer, Winsock providors, LSA Providors, Network providors, Winlogon). The ones in brackets should be empty If they are not uncheck all of what you find. you may have a bigger problem.

 

AGAIN MAKE SURE

 

Once running the program the 2 MOST Important steps are go to options hide signed microsoft entries and Verify Code signatures. Once you have done this Refresh by hitting F5.

Link to comment
Share on other sites
Command Master Chief

BigMoneyNacku

Posted
    •  Staff
Posted
X-krazy-X ]

Spy bot S&D blows' date=' everyone relies on these automated tools which cannot think outside the box on problems.. Since their last update, a scan can take a good hour and half. [/quote']

 

You have to remember, most users are like me an macoo, we don't know shit except how to click on the IE shortcut. :P

Link to comment
Share on other sites
Guest Corruptor310

Guest Corruptor310

Posted
Posted

x-Krazy-x -- dont you think it is bit dangerous to suggest that your basic end user just start killing processes they may not be totally knowledgeable on?

 

 

and by the way, autoruns -- is pretty cool, i am playing with it currently --- work pc so i dont care much if i destroy it!

 

 

 

Link to comment
Share on other sites
Mentor

Disciple74

Posted
Posted
Corruptor310 ]

x-crazy-x -- dont you think it is bit dangerous to suggest that your basic end user just start killing processes they may not be totally knowledgeable on?

 

 

 

What could it really do. Nothing the only problem that could cause is a simple restart. Beside that most of the time if you kill something your pc needs it will restart it right away.

Link to comment
Share on other sites
Guest Corruptor310

Guest Corruptor310

Posted
Posted

true true, good point!

 

I guess I was confusing myself, with telling begginers to knock out --- registry keys -- bit of a difference there.

 

 

Link to comment
Share on other sites
Command Master Chief

GOAT

Posted
Posted

Hey bud I take it highjackthis.de didn’t help?

 

Ok well like I said you need to go to safe mode and copy the real rundll.exe over the corrupted one which will replace it.

 

It’s ok if you don’t have a Windows XP install disk.. Don’t go to third parties for answers. When it comes to Windows, Bill gates hordes the answers and it's him you want to talk to. ( regrettably!! ) at any rate start here..

 

http://support.microsoft.com/search/default.aspx?mode=r&query=rundll32.exe+not+found&catalog=LCID%3D1033&1033comm=1&spid=global

 

and then here..

 

http://support.microsoft.com/kb/832323/en-us

 

again you need to be in Safe mode under administrator use windows repair what you use is file sr.inf or to be exact you need to re-install the latest service pack which will replace the rundll.exe file.

 

Other than that I’d try to see just how you got the virus and a rundll.exe file that isn’t 32kb is indeed a virus.

 

Have you tried to restore to a earlier point?

 

Nothing works? Last resort…? If all else fails…. goat get a copy of win xp. Delete the partition format the drive and start all over again…

 

Link to comment
Share on other sites
Command Master Chief

Chili327

Posted
Posted
Goat ]

Have you tried to restore to a earlier point?

 

Nothing works? Last resort…? If all else fails…. goat get a copy of win xp. Delete the partition format the drive and start all over again…

 

Yup..

 

If all else fails.. save everything of importance to you (music, pics, etc..) to an external HD, then wipe & reinstall. :-\

Link to comment
Share on other sites
Command Master Chief

RNG187

Posted
  • Author
Posted

i couldnt figure it out goat, LOL its like deciphering sloppy chinese handwriting!

i havent thought of reinstalling the service pack, ill try that.

i've been playing with the freeware krazy suggested, hasnt helped a bit.

that's what im working on now, finding a compressor for videos/music/documents, then am going to completely wipe my system and start over.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

Military including Active, Reserve, Veteran and Dependents get 50% off of our Spec Ops Premium Experience

×
×
  • Create New...

Important Information

By visiting this site you agree to our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

Write what you are looking for and press enter or click the search icon to begin your search