#Rundll32 problem

137 messages · Page 1 of 1 (latest)

normal grove
#

hi i need help im dont know what happening but i have to match in task manager Rundll32 and idk how to fix it

rundll.png run.png
normal grove
#

help

copper elm
#

Looks likely probably like malware

#

Maybe you downloaded a virus?

normal grove
#

no

#

what im can do?

#

its at now 500 process

copper elm
#

If it was me I'd probably reinstall the Windows operating system from a USB stick

#

Do you have a USB and another computer you can use to prepare it?

normal grove
#

no

#

I actually noticed that when I have a lot of it, it starts to crash and slow down my computer and task manager.

light arch
normal grove
#

im know that

#

but why is so to match

light arch
#

altho you can drag/drop that file to virustotal, see if it's infected

copper elm
#

Yes and it's being hacked by something malicious to spawn hundreds of processes. The file itself is not a virus, what's using it is

normal grove
light arch
#

you can also use process explorer to see any info bout those processes

light arch
normal grove
light arch
#

always share virustotal scan result, pic is useless

#

@normal grove
Download can be obtain here - https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

  • Once installed
  • Run it and when the Windows smartscreen shows up
  • Click More Info
  • Click run anyway or keep anyway`
  • Then in the FRST window, click scan. Let it, it might take a while
  • Once done, upload the FRST.txt and Addition.txt to the server. The location should be in the same location as where FRST is.
    Note: This is a legit system scanner that is trusted, if you think it is a virus it is not. It's false positive
normal grove
#

what is it?

#

hmm

light arch
#

do what i said

#

click run anyway

#

and I told you what it does

#

it scans everything yin your system and logs it so people can see if there's any malicious thing in it

#

it doesn't log any sensitive info

normal grove
#

im open it and i get somthing and automatical avast use scan this scanner

light arch
#

the fact that this virustotal scan has so many shit malicious concerns me

light arch
normal grove
#

open?

light arch
#

huh

#

@normal grove

Download can be obtain here - https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

  • Once installed
  • Run it and when the Windows smartscreen shows up
  • Click More Info
  • Click run anyway or keep anyway`
  • Then in the FRST window, click scan. Let it, it might take a while
  • Once done, upload the FRST.txt and Addition.txt to the server. The location should be in the same location as where FRST is.
    Note: This is a legit system scanner that is trusted, if you think it is a virus it is not. It's false positive
normal grove
#

open it anyway

light arch
#

on wot

normal grove
#

its your link

light arch
#

i just told you what to do in my instruction

normal grove
#

after a while it turns itself off

light arch
#

redo my instruction again then

normal grove
#

what next

light arch
#

i told you

#
  • Then in the FRST window, click scan. Let it, it might take a while
  • Once done, upload the FRST.txt and Addition.txt to the server. The location should be in the same location as where FRST is.
normal grove
#

they scaning

#

then you can hack me

#

True?

light arch
#

how can I hack you?

#

all that gets is system info like files just their names, scheduled task, registry entries, host file entries, system specs, events... It doesn't open any crap

#

how can I hack you? using magic?

#

what I can hack you with is using the fixlist

copper elm
#

If the program was malicious that could be a risk, but this program is not malicious. Unfortunately you just have to trust that this statement is true, And use context clues like the fact that the website is a well-known with a good reputation.

light arch
#

which i won't I just want to see wth you got on your shit

#

tho if someone uses frst and tells you to use fixlist, pls check the fixlist carefully

#

that can run powershell script higher than that of a admin privilege

normal grove
#

@copper elm

image.png
#

they automaticly do this

light arch
#

no one here speaks that language

#

and i literally told you it's false positive

#

yk you can check what it generated also right @normal grove

#

and confirm it yourself

#

if it just shows your real name or username, that ain't sensitive lmfao, nobody cares bout your name here

normal grove
#

and?

light arch
#

wdym and? i ain't done reading it

normal grove
#

ok

#

but I also found errors

light arch
#

wth is this

image.png
normal grove
#

for fortnite more fps

#

and next is assento corsa mod cars

light arch
normal grove
#

autoclicker is normal

#

aclib its saved settings autoclicker

light arch
#

you mean malware

#

wth is this an av

image.png
normal grove
#

? why

light arch
#

autoclicker sounds malicious

#

i wud ignore if it's ahk

normal grove
light arch
#

that doesn't prove anything lol

normal grove
light arch
#

?

#

you showing things that doesn't prove anything

#

what is this

image.png
#

oh it's intel related

#

why you have driver booster?

solid zodiacBOT
#
Driver Managers/"Boosters"

Any bit of software claiming to manage and speed up your drivers is a waste of your time. They source their drivers from unknown locations and make other shady changes to your system. At best they're snake oil, at worst they're malicious. They're generally considered a Potentially Unwanted Program (PUP) and should be uninstalled ASAP.

If you want to make sure your drivers are up to date, then let Windows Update or Device Manager deal with it. Alternatively, get the drivers yourself from the manufacturers' websites.

light arch
#

this looks suspicious

image.png
#

this pc sounds infected lol

#

@normal grove can you go install process explorer and then locate those processes

#

hm interesting

image.png
normal grove
#

rundll?

light arch
#

show the window of process explorer, the whole window

normal grove
#

whats mean at red?

#

huh? nivida

#

like this trying to coppy??

image.png
normal grove
#

ok im going to slep thx for day

rose nebula
copper elm
#

Truthfully I would cleanly reinstall your operating system

normal grove
#

and there's no other way?

copper elm
#

Not really, luckily reinstalling Windows only takes 10 to 15 minutes

normal grove
#

need a pendrive?

copper elm
#

I wrote a guide about how here: https://cmdrkeene.com/how-to-really-reset-your-pc/

Or this discord chat maintains their own guide here:
https://msft.chat/wiki/installing-windows.html

CmdrKeene's Blog
Shawn Keene
How to Really Reset your PC

The built-in reset and refresh options in Windows are not always ideal. Here’s how to get a proper and true clean start with a real fresh install on your PC.

Installing Windows | Microsoft Community

Microsoft Community Discord general information website.

normal grove
#

I just don't know if I have it

#

wait i reset pc

copper elm
#

The reset feature often breaks computers and leaves them completely trashed and broken

#

I would never try it

#

You can try it, but you'll probably end up needing to use a USB anyway when it fails

normal grove
#

like idk what this doing

image.png
#

turns on and off, changes color from white to red, then green, shows a second time, turns red again and disappears

#

and i cant open nivida idk why

image.png
copper elm
#

The only way to really fix it will probably be the USB to cleanly reinstall your system

#

You'll probably even have to prepare the USB on a second computer because this one is too broken to even get the USB ready for use

light arch
# normal grove like idk what this doing

those red and green colors have labels, it tells you in that software, also I do not think you are infected... For that geforce exp, uninstall it then reinstall

normal grove
#

@light arch @copper elm guys guys 😄

#

I may have fixed it 😄

light arch
#

eh?

#

what did you do? @normal grove

normal grove
#

uninstal nivida and instal new version nivida

#

I think he's a good person to help 😄

#

thx for the help ❤️