Rundll32.exe Big Problems with this and need immediate help
Tags:
- Security
- Rundll32
- Computers
- Windows 7
Last response: in Windows 7
Ownallday
June 16, 2012 2:02:07 AM
Please help me. Out of no where my computer is starting to have some big problems and I want to blame rundll32.exe.
Out of no where there are two rundll32's running at the same time once my computer starts up. It will take about 4 minutes for these two to open up once my computer boots up. Right at the minute they open up my Graphics Card fan Starts speeding up as my GPU will hit 60C-75C. As for my processor each core will hit up to 60c and slowly rise. My whole computer becomes a pool of heat.
These two rundll files are under my temp files user/username/AppData/Local/Temp and they will be under these two random named folders. An example of this folder name is B672.tmp
I can delete these folders and files but they just come back once I reboot my computer. When I open task manager this is what shows on the command line: rundll32.exe -o http//:bittorrents.mooo.com:80 -u 123 -p123 -I 1
There are two of them that run and each of them takes up like 26-40% of my cpu so that means my computer is running 99% every time these two things are open. Please help me solve this problem. I have tryed almost everything I can.
Also I started getting Blue Screen of Death while playing games like Skyrim and GTA 4. My two favorite games... I would get these BSOD after playing for about 1 hour.
My setup:
GTX 580
i5-2500k overclocked to 4ghz
8gb 4x2
1tb hdd
Please help me solve this issue.
Out of no where there are two rundll32's running at the same time once my computer starts up. It will take about 4 minutes for these two to open up once my computer boots up. Right at the minute they open up my Graphics Card fan Starts speeding up as my GPU will hit 60C-75C. As for my processor each core will hit up to 60c and slowly rise. My whole computer becomes a pool of heat.
These two rundll files are under my temp files user/username/AppData/Local/Temp and they will be under these two random named folders. An example of this folder name is B672.tmp
I can delete these folders and files but they just come back once I reboot my computer. When I open task manager this is what shows on the command line: rundll32.exe -o http//:bittorrents.mooo.com:80 -u 123 -p123 -I 1
There are two of them that run and each of them takes up like 26-40% of my cpu so that means my computer is running 99% every time these two things are open. Please help me solve this problem. I have tryed almost everything I can.
Also I started getting Blue Screen of Death while playing games like Skyrim and GTA 4. My two favorite games... I would get these BSOD after playing for about 1 hour.
My setup:
GTX 580
i5-2500k overclocked to 4ghz
8gb 4x2
1tb hdd
Please help me solve this issue.
More about : rundll32 exe big problems
-
Reply to Ownallday
Those look like telltale cases of malware. rundll is an important system executable and lots of malware likes to pretend to be it to avoid drawing attention
If you look in task manager the rundll32.exe should always have an image path (if image path is not turned on, select it in View -> Select Columns) of "C:\Windows\System32\rundll32.exe" or "C:\Windows\SysWow64\rundll32.exe"
The only reason it would be hiding in your app data is if it was actually malware that wasn't able to write itself to the system drive due to security.
If you look in task manager the rundll32.exe should always have an image path (if image path is not turned on, select it in View -> Select Columns) of "C:\Windows\System32\rundll32.exe" or "C:\Windows\SysWow64\rundll32.exe"
The only reason it would be hiding in your app data is if it was actually malware that wasn't able to write itself to the system drive due to security.
-
Reply to Pinhedd
m
0
l
Related resources
- I need Rundll32.exe help! - Tech Support
- NEED HELP ABOUT "Rundll32.exe" - Tech Support
- Need immediate help - Tech Support
- Pls i need an immediate help - Tech Support
- Need immediate help ! - Tech Support
Ownallday
June 16, 2012 2:40:41 AM
Pinhedd said:
Those look like telltale cases of malware. rundll is an important system executable and lots of malware likes to pretend to be it to avoid drawing attentionIf you look in task manager the rundll32.exe should always have an image path (if image path is not turned on, select it in View -> Select Columns) of "C:\Windows\System32\rundll32.exe" or "C:\Windows\SysWow64\rundll32.exe"
The only reason it would be hiding in your app data is if it was actually malware that wasn't able to write itself to the system drive due to security.
Ok so what should I do because like you said there is a rundll32.exe under image path that is running under "C:\Windows\SysWow64\rundll32.exe"
I have Microsoft Security Essentials and it cant find a virus, also have advance system care which didn't find anything, and I recently tried RegCure Pro but that did nothing at all.
I really need help to get rid of this because before I was cool with this and thought it would go away but now I am getting sick of this.
Thanks for the reply.
-
Reply to Ownallday
m
0
l
Ownallday
June 16, 2012 2:44:36 AM
Emerald said:
have you check your computer for virus and rootkits?does it happen in Safe Mode?
I tried 3 programs that I thought would help but it didn't fix this problem. When I run safe mode its perfectly fine.
Rootkits I am not to sure. I don't know where that is lol. I am still a noob when if comes to some PC things but Help to fix this would be nice.
-
Reply to Ownallday
m
0
l
Ownallday said:
Ok so what should I do because like you said there is a rundll32.exe under image path that is running under "C:\Windows\SysWow64\rundll32.exe"I have Microsoft Security Essentials and it cant find a virus, also have advance system care which didn't find anything, and I recently tried RegCure Pro but that did nothing at all.
I really need help to get rid of this because before I was cool with this and thought it would go away but now I am getting sick of this.
Thanks for the reply.
There's usually always at least one running from that path. That's normal. It's the ones that aren't running under that path that you need to worry about
-
Reply to Pinhedd
m
0
l
Ownallday
June 16, 2012 3:01:38 AM
Pinhedd said:
There's usually always at least one running from that path. That's normal. It's the ones that aren't running under that path that you need to worry aboutok so then the one under system32 is not running. What does this mean and how can I fix this if this is the problem? If I re-install windows 7 will this problem go away or is there another way.
-
Reply to Ownallday
m
0
l
Ownallday said:
ok so then the one under system32 is not running. What does this mean and how can I fix this if this is the problem? If I re-install windows 7 will this problem go away or is there another way.The one under system32 will only be running if it has a 64 bit dll to run. The one in SysWow64 is for running 32 bit executables including dlls(damn microsoft and their bloody compatibility naming). Rundll is required to run dlls because dlls by definition do not have application entry points.
-
Reply to Pinhedd
m
0
l
Ownallday
June 16, 2012 3:15:29 AM
Pinhedd said:
The one under system32 will only be running if it has a 64 bit dll to run. The one in SysWow64 is for running 32 bit executables including dlls(damn microsoft and their bloody compatibility naming). Rundll is required to run dlls because dlls by definition do not have application entry points.I am not to sure what this means. I do have a windows 7 62 bit so then the one under system32 should be running or I need to find a rundll62? idk I mean I just really need a way to fix this because I know for a fact this is damaging my system which I spent 2k on.
-
Reply to Ownallday
m
0
l
Best solution
Ownallday said:
I am not to sure what this means. I do have a windows 7 62 bit so then the one under system32 should be running or I need to find a rundll62? idk I mean I just really need a way to fix this because I know for a fact this is damaging my system which I spent 2k on.It just means that you can safely ignore a rundll from either of those locations. I wouldn't worry about this damaging your system, it's merely an annoyance. If you don't mind doing so it might be easiest to just reinstall install Windows
-
Reply to Pinhedd
Share
Ownallday
June 16, 2012 3:47:14 AM
Pinhedd said:
It just means that you can safely ignore a rundll from either of those locations. I wouldn't worry about this damaging your system, it's merely an annoyance. If you don't mind doing so it might be easiest to just reinstall install WindowsOk then Thank you I will re install windows soon then
-
Reply to Ownallday
m
0
l
Ownallday
June 16, 2012 3:48:15 AM
Pinhedd said:
It just means that you can safely ignore a rundll from either of those locations. I wouldn't worry about this damaging your system, it's merely an annoyance. If you don't mind doing so it might be easiest to just reinstall install WindowsOk then thank you very much for your help. I will re install windows soon.
-
Reply to Ownallday
m
0
l
Ownallday
June 26, 2012 12:18:56 AM
lineva
April 4, 2014 4:57:22 PM
I know this is a very old post, but I have had this identical issue for two days and I did find the culprit. In the Windows/system32 folder I found a file called "winthemes_service.dll" which was proliferating rundll32.exe files. As time went on I would have a hundred or more on my win xp system. I opened windows in the safe mode and simply did a search for this file name and deleted it. Case closed... Hope this may help someone else...
Best regards,
Lin
Out of no where there are two rundll32's running at the same time once my computer starts up. It will take about 4 minutes for these two to open up once my computer boots up. Right at the minute they open up my Graphics Card fan Starts speeding up as my GPU will hit 60C-75C. As for my processor each core will hit up to 60c and slowly rise. My whole computer becomes a pool of heat.
These two rundll files are under my temp files user/username/AppData/Local/Temp and they will be under these two random named folders. An example of this folder name is B672.tmp
I can delete these folders and files but they just come back once I reboot my computer. When I open task manager this is what shows on the command line: rundll32.exe -o http//:bittorrents.mooo.com:80 -u 123 -p123 -I 1
There are two of them that run and each of them takes up like 26-40% of my cpu so that means my computer is running 99% every time these two things are open. Please help me solve this problem. I have tryed almost everything I can.
Also I started getting Blue Screen of Death while playing games like Skyrim and GTA 4. My two favorite games... I would get these BSOD after playing for about 1 hour.
My setup:
GTX 580
i5-2500k overclocked to 4ghz
8gb 4x2
1tb hdd
Please help me solve this issue.
Best regards,
Lin
Ownallday said:
Please help me. Out of no where my computer is starting to have some big problems and I want to blame rundll32.exe.Out of no where there are two rundll32's running at the same time once my computer starts up. It will take about 4 minutes for these two to open up once my computer boots up. Right at the minute they open up my Graphics Card fan Starts speeding up as my GPU will hit 60C-75C. As for my processor each core will hit up to 60c and slowly rise. My whole computer becomes a pool of heat.
These two rundll files are under my temp files user/username/AppData/Local/Temp and they will be under these two random named folders. An example of this folder name is B672.tmp
I can delete these folders and files but they just come back once I reboot my computer. When I open task manager this is what shows on the command line: rundll32.exe -o http//:bittorrents.mooo.com:80 -u 123 -p123 -I 1
There are two of them that run and each of them takes up like 26-40% of my cpu so that means my computer is running 99% every time these two things are open. Please help me solve this problem. I have tryed almost everything I can.
Also I started getting Blue Screen of Death while playing games like Skyrim and GTA 4. My two favorite games... I would get these BSOD after playing for about 1 hour.
My setup:
GTX 580
i5-2500k overclocked to 4ghz
8gb 4x2
1tb hdd
Please help me solve this issue.
-
Reply to lineva
m
1
l
Fennekin
April 9, 2014 3:42:10 AM
13030698,0,1627503 said:
I know this is a very old post, but I have had this identical issue for two days and I did find the culprit. In the Windows/system32 folder I found a file called "winthemes_service.dll" which was proliferating rundll32.exe files. As time went on I would have a hundred or more on my win xp system. I opened windows in the safe mode and simply did a search for this file name and deleted it. Case closed... Hope this may help someone else...Best regards,
Lin
I just wanted to say thank you sooo much, Lin. I had been looking on the internet for hours, trying to figure out what exactly was wrong. I kept hearing an error noise, and it never stopped. About every 2 seconds, it would make the sound. Finally, I came across your answer and decided to give it a shot, and it worked! I'm so glad you decided to share your answer, or else I would still be searching for one. But once again, thank you!!!!!!!!!!
-
Reply to Fennekin
m
0
l
Bryan Henderson
April 19, 2014 6:23:07 PM
lineva said:
I know this is a very old post, but I have had this identical issue for two days and I did find the culprit. In the Windows/system32 folder I found a file called "winthemes_service.dll" That's actually a different worm with different symptoms. In fact, the only thing I see that they have in common is rundll32 and unwanted processes.
In addition to deleting winthemes.dll, you should run 'sc delete winthemes' in a command window. This deletes the Windows service that was causing that program to run. With the file deleted, the service can't hurt you, but you shouldn't have junk in your registry. It's easy to confuse this service with the real Windows service "themes".
I had this one too, and the fact that Microsoft Security Essentials can't detect it is cause for concern. Microsoft published a description of this malware (Sefnit.BW) on April 8, 2014, and I have the current definitions and still had my winthemes.dll file, so I ran MSE on it and it said it was fine. I would say this probably means MSE is compromised.
-
Reply to Bryan Henderson
m
0
l
Related resources
- SolvedNeed Immediate Help (CPU Selection) solution
- SolvedBIG problem with A40's on PC need HELP! solution
- I have a big problem and I need you (the community to help me) Wireless Connection Problems solution
- Solvedbig problem need help please solution
- PC keeps on restarting on its on :( need immediate help solution
- SolvedMy friend needs immediate help! solution
- BIG Problem with Dell Inspiron n5110 Deep sleep LAN, Disappeared drives and more I need an expert PLEASE HELP solution
- SolvedSet up RAID 10 in AHCI, big problem. Need help! solution
- Please need immediate help!!!! solution
- Laptop crashed Need Immediate Help Please Forum
- SolvedQX6850 Immediate Help Needed! Forum
- SolvedNvidia GTX 280 Immediate Help needed with this issue!!!! Forum
- Please Help GTX 650 Ti Crashed Need Immediate Assistance!!! solution
- SolvedCan I please have some tips on if i should change the first gaming PC i am building, also i need help to choose a big monitor solution
- Big problems with new X850XT, need any help I can get Forum
- More resources
Read discussions in other Windows 7 categories
!