run.dll and noises

[rebel76072]

My computer is giving me all kinds of trouble. It wouldn't shut down; would hang; I had problems on the internet; and then all of a sudden I would hear this little voice that sounded like a cartoon or something, almost like singing but gibberish. Then one night when I botted up I got an error that told me that VMM32.vxd was missing and it couldnt' load Windows. So I removed my hard drive and piggy backed it to another one so that I could save my data. Lo and behold, when I booted up the computer I had piggy backed it to after I removed it, Chip Guard popped up and told me that it had detected a boot sector virus!

So I fdisked my MBR and thought I had taken care of it. I also restored my computer from my restore disk.

But now again I am having the same problems. When I boot up it hangs at the C: prompt and I have to manually shut down and then it restarts in safe mode. Once I restart it fromt here I am usually fine. But tonight it started singing to me again and I noticed that in my Task Manager is something called run.dll.

Can anyone help me with this problem? It's making me crazy!

Any help would be greatly appreciated

 

[jm100dm]

Welcome to Techsupport Guy. Post any replies in this thread.

Can't stay long but start here.

Run a current anti-virus program. At the link below you can do one on-line. Remove any infections note the file names in case you need to replace with good ones.

Download spybot read instructions and remove the red items found.

That will get you headed in the right direction. As I work in 5 hours I have to call it a night.

http://forums.techguy.org/t110854/s40a1149509b1012e058147b9c8f4633d.html

 

[Rollin' Rog]

Welcome to TSG, rebel. Run.dll would not likely be legitimate, but rundll.exe would

Can you give us a listing of your startups using the StartupList application from the site below? Download, unzip and run it. Then copy/paste the results to a reply.

http://www.lurkhere.com/~nicefiles/

 

[Mosaic1]

In addition, have a look at this article. You may have a hardware problem.

http://support.microsoft.com/default.aspx?scid=KB;en-us;q261186

 

[rebel76072]

Here are the results of my start up processes: Please let me know what you think.

StartupList report, 1/29/03, 10:27:41 PM
StartupList version: 1.51
Started from : C:\WINDOWS\TEMP\STARTUPLIST.EXE
Detected: Windows 98 Gold (Win9x 4.10.1998)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\AOLTRAY.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\Desktop\Fun and Games\Copy of same1.exe
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
PowerReg SchedulerV2.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = c:\windows\scanregw.exe /autorun
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Keyboard Manager = C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
AVG_CC = C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Avgserv9.exe = C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
MOSearch = c:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
MDM7 = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
SchedulingAgent = mstask.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Taskbar Display Controls = RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
WOPR XP/2002 Auto-Updater = C:\Program Files\WOPR XP\Updater.exe /c
ctfmon.exe = ctfmon.exe

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 25/1/2003, 15:0:6)

[Rename]
NUL=C:\WINDOWS\TEMP\VCCLEA~1.EXE

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

C:\PROGRA~1\GRISOFT\AVG6\bootup.exe
path C:\WINDOWS;C:\WINDOWS\COMMAND;C:\PROGRA~1\GRISOFT\AVG6

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\ACROBAT\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL
CODEBASE = http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab

[Symantec AntiVirus scanner]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AVSNIFF.DLL
CODEBASE = http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab

--------------------------------------------------
End of report, 4,786 bytes
Report generated in 0.563 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

 

[Rollin' Rog]

There's nothing egregious (read "very bad") there that I can see. However I have a few suggestions for you.

Click Start>Run, enter msconfig and click on the startup tab.

Uncheck these items:

MOSearch = c:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE {this is an indexer utility installed with Office. It thrashes the hard drive, consumes resources and is generally a big drag)

MDM7 = "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE" (this is a debugging tool of use only to developers)

You may also wish to disable this for test purposes (personally I don't like anything doing things "automatically"):

WOPR XP/2002 Auto-Updater = C:\Program Files\WOPR XP\Updater.exe /c

>> Back on the general page of msconfig, click the autoexec.bat tab and remove the check for this:

C:\PROGRA~1\GRISOFT\AVG6\bootup.exe

OR open Grisoft AVG and look for the option to disable the startup scan. These things are always a bad idea and sure to cause conflicts sooner or later. Run a full system scan manually from time to time. Keep Grisoft enabled in other respects.

Let us know if this helps. If you receive any error messages, take the time to carefully copy them Exactly and let us see them.

The rundll process, by the way, is related to your taskbar display controls.