Forum Home
Press F1

Thread ID: 85037	2007-11-27 07:48:00	rundll32.exe help!!!	password (5384)	Press F1

Post ID	Timestamp	Content	User
615611	2007-11-27 07:48:00	Hey my computer was running slow as, so i opened up task manager and found out that rundll32.exe is taking up 99% of my CPU!!! Can anyone tell me how to stop this or what its is/doing? im running windows xp (sp2), 2.4 ghz Cpu, 1gb of ram. Thanks	password (5384)
615612	2007-11-27 07:54:00	Kill it and see if it comes back. Post a hijackthis log. Does regedit and msconfig open? But, I think u posted a log the other day	Speedy Gonzales (78)
615613	2007-11-27 08:00:00	Umm i killed it and it has not come back, all that is taking CPU is the system idel process but thats ok . . i think . . . Nope nothing else has opened up . . and CPU is between 2-7% on the graph now . . . What would be causing the rundll32 . exe to go to high all of a sudden? Logfile of Trend Micro HijackThis v2 . 0 . 2 Scan saved at 9:38:02 PM, on 11/27/2007 Platform: Windows XP SP2 (WinNT 5 . 01 . 2600) MSIE: Internet Explorer v7 . 00 (7 . 00 . 6000 . 16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss . exe C:\WINDOWS\system32\winlogon . exe C:\WINDOWS\system32\services . exe C:\WINDOWS\system32\lsass . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\System32\svchost . exe C:\WINDOWS\system32\svchost . exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice . exe C:\WINDOWS\system32\spoolsv . exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService . exe C:\Program Files\Grisoft\AVG Anti-Spyware 7 . 5\guard . exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr . exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc . exe C:\PROGRA~1\Grisoft\AVG7\avgemc . exe C:\Program Files\Comodo\CBOClean\BOCORE . exe C:\Program Files\Comodo\Firewall\cmdagent . exe C:\WINDOWS\system32\nvsvc32 . exe C:\Program Files\Analog Devices\SoundMAX\SMAgent . exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter . exe C:\WINDOWS\system32\svchost . exe C:\WINDOWS\Explorer . EXE C:\PROGRA~1\Grisoft\AVG7\avgcc . exe C:\Program Files\Grisoft\AVG Anti-Spyware 7 . 5\avgas . exe C:\WINDOWS\system32\LVCOMSX . EXE C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray . exe C:\PROGRA~1\Comodo\CBOClean\BOC425 . exe C:\Program Files\Comodo\Firewall\cfp . exe C:\WINDOWS\system32\ctfmon . exe C:\Program Files\AGEIA Technologies\bin\TrayIcon . exe C:\Program Files\OpenOffice . org 2 . 2\program\soffice . exe C:\Program Files\OpenOffice . org 2 . 2\program\soffice . BIN C:\Program Files\MSN Messenger\msnmsgr . exe C:\Program Files\MSN Messenger\usnsvc . exe C:\Program Files\iPod\bin\iPodService . exe C:\WINDOWS\system32\taskmgr . exe C:\Program Files\Mozilla Firefox\firefox . exe C:\Program Files\Trend Micro\HijackThis\HijackThis . exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www . google . co . nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = . microsoft . com/fwlink/?LinkId=69157" target="_blank">go . microsoft . com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper . dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper . dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1 . 6 . 0_02\bin\ssv . dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin . dll O4 - HKLM\ . . \Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc . exe /STARTUP O4 - HKLM\ . . \Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7 . 5\avgas . exe" /minimized O4 - HKLM\ . . \Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX . EXE O4 - HKLM\ . . \Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray . exe O4 - HKLM\ . . \Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425 . exe O4 - HKLM\ . . \Run: [NvCplDaemon] RUNDLL32 . EXE C:\WINDOWS\system32\NvCpl . dll,NvStartup O4 - HKLM\ . . \Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp . exe" -s O4 - HKLM\ . . \Run: [nwiz] nwiz . exe /install O4 - HKCU\ . . \Run: [ctfmon . exe] C:\WINDOWS\system32\ctfmon . exe O4 - HKCU\ . . \Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\bin\TrayIcon . exe O4 - HKUS\S-1-5-19\ . . \Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw . exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\ . . \Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw . exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\ . . \Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw . exe /RUNONCE (User 'SYSTEM') O4 - HKUS\ . DEFAULT\ . . \Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw . exe /RUNONCE (User 'Default user') O4 - Startup: OpenOffice . org 2 . 2 . lnk = C:\Program Files\OpenOffice . org 2 . 2\program\quickstart . exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL . EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1 . 6 . 0_02\bin\ssv . dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1 . 6 . 0_02\bin\ssv . dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR . DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper . dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper . dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra 'Tools' menuitem: @xpsp3res . dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag . exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs . exe O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp . dll' missing O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - . update . microsoft . com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site . cab?1188690634955" target="_blank">www . update . microsoft . com O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - . zone . msn . com/binary/MessengerStatsPAClient . cab56907 . cab" target="_blank">messenger . zone . msn . com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - . macromedia . com/get/shockwave/cabs/flash/swflash . cab" target="_blank">fpdownload2 . macromedia . com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1 . DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32 . dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice . exe O23 - Service: Apple Mobile Device - Apple, Inc . - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService . exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s . r . o . - C:\Program Files\Grisoft\AVG Anti-Spyware 7 . 5\guard . exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s . r . o . - C:\PROGRA~1\Grisoft\AVG7\avgamsvr . exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s . r . o . - C:\PROGRA~1\Grisoft\AVG7\avgupsvc . exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s . r . o . - C:\PROGRA~1\Grisoft\AVG7\avgemc . exe O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE . exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent . exe O23 - Service: iPod Service - Apple Inc . - C:\Program Files\iPod\bin\iPodService . exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32 . exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc . - C:\Program Files\Analog Devices\SoundMAX\SMAgent . exe -- End of file - 7448 bytes	password (5384)
615614	2007-11-27 08:10:00	Is Comodo the latest version?? 3.0.13.268? These dont have to be in startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install Uninstall all versions of Java. Link is in my sig. But does regedit and msconfig work/open.	Speedy Gonzales (78)
615615	2007-11-27 08:16:00	nope regedit and msconfig arnt in the Task Manager, ummm where do i download the new hijack this? when i install the new java, it does not want to install and comes up with an error, so i cant update that... what is regedit and msconfig? i will look forward to seeing your reply lol in the morning for your answer!!! (im tired=P) Thanks for your help Speedie! :thumbs:	password (5384)
615616	2007-11-27 08:21:00	regedit and msconfig wont be in task manager theyre not running. Go to start / run and type regedit, does it open. If it opens, close it again. Do the same for msconfig Whats the error, with Java? WHAT version did you download? You've got the new hijackthis 2.02	Speedy Gonzales (78)
615617	2007-11-27 17:06:00	yip regedit and msconfig work, i have java 6, updata 2, i will try and up date it again..	password (5384)
615618	2007-11-27 19:10:00	Its the 4th option (after you click my link), click on it, then its the 1st option (13.93 mb). You have to accept the licence first before you download it. Uninstall 6 update 2 BEFORE you install update 3.	Speedy Gonzales (78)
1