# rundll error



## boots88 (Mar 9, 2005)

i bought a new computer a couple of weeks ago. i am doing the same things on the new computer (pentium 3) that i use to do on my old 486. but i've gotten an error. the error says rundll in the gray box at the bottom of the screen and the window says error loading C:\WINDOWS\TEMP\se.dll the system cannot find the file specified.
i've bought spywarebegone antivirus software which seems to work i guess but this error is certainly doing something to my computer. how do i fix this, keep in mind i'm not very technically literate. thanks for your help.
scott


----------



## boots88 (Mar 9, 2005)

boots88 said:


> i bought a new computer a couple of weeks ago. i am doing the same things on the new computer (pentium 3) that i use to do on my old 486. but i've gotten an error. the error says rundll in the gray box at the bottom of the screen and the window says error loading C:\WINDOWS\TEMP\se.dll the system cannot find the file specified.
> i've bought spywarebegone antivirus software which seems to work i guess but this error is certainly doing something to my computer. how do i fix this, keep in mind i'm not very technically literate. thanks for your help.
> scott


----------



## OBP (Mar 8, 2005)

Windows is trying to load something at starup that is listed in the Dynamic Link Library that is not available. It could be that your spyware program has deleted the actual file but left the link behind. You should check your startup list, you can do this by -
download FreshUI free from - http://www.freshdevices.com/

Run Freshui and 
1. Click the little plus sign next to "Windows System"
2. Click the little plus sign next to "StartUP/Shutdown"
3. Click the little plus sign next to "Startup"
4. Click the little plus sign next to "Autorun"
5. Click "Current User" and in the right hand box double click "Current User Autorun List Editor"
This will bring up a list of all the things running for you.
6. Click each one in turn and then click "Enable/disable". This will switch them off.
7. Click the cross to close that form and then in the left box Click "Local Machine"
8. Double click "Local Machine Autorun List Editor"
This will bring up a list of all the other things running on your machine.
9. Click each one in turn and then click "Enable/disable". This will switch them off.
10. Close Freshui and restart your computer.

If this fixes the problem then it means one of the pprograms that runs from startup is the culprit.
Do all of the above but when you come to the "Enable/Disable" only do one item at a time and shut FreshUI and restart your computer.
What this is doing is running each of the programs in turn. If the problem returns it means the program that you have just "Enabled" is the Culprit.


----------



## boots88 (Mar 9, 2005)

hi, i downloaded fresh ui as you suggested but the system wouldn't run it. i got a gray box error that says: 

unable to execute file:
C:\ProgramFile\FreshDevices\FreshUI\readme.txt

ShellExecuteEx failed; code 2.

The system cannot find the file specified.



so what do i do now? 
thanks for all your effort. have a great day.
scott


----------



## OBP (Mar 8, 2005)

Did you go through the registration procedure with Fresh devices sending the activation key?


----------



## boots88 (Mar 9, 2005)

yes, i got a response email from them confirming my username and a registration code. i goto install the program and at the end of the installation, that error comes up so i don't even get a chance to click on the freshui icon.

also i get another error at the front of my computer and it says:

Error #317 Microsoft windows security warning

your windows is corrupted with spyware virus.
you must patch your pc urgently to protect your system.

private info is accessed by ports.
-8080
-3128

you can patch your pc for free now and delete all spyware viruses.
click ok to choose and download free spyware removal using ANTiSPY.

then it goes right to a webpage selling virus protection for a program that i already have, spywarebegone, popup begone and no trace. help me please.


----------



## OBP (Mar 8, 2005)

Have you got free Adaware SE and Spybot installed?
If not get them from - 
http://www.lavasoft.de/news/product/info/
and 
http://www.security.kolla.de
Run them both and do a restart to see if anything has improved.
If it hasn't go to Spybot tools tab and it has a "Start-up" utility like FreshUi's and turn every Program running off except your anti-virus and Firewall.


----------



## boots88 (Mar 9, 2005)

i'm on lavasoft to download adaware se personal and it's taking forever. i don't know if it's frozen or not? does it usually take this long to download that particular adaware?


----------



## OBP (Mar 8, 2005)

Not normally.


----------



## boots88 (Mar 9, 2005)

i was on the download page and it said that it was downloading in progress but it's been at least half an hour. it just put up a gray box and said the operation performed an illegal operation and shut my internet down. so should i go back onto the adaware page and try to reload it?


----------



## OBP (Mar 8, 2005)

No go with Spybot for now and see if you can get that.


----------



## boots88 (Mar 9, 2005)

ok, i've installed and run spybot and it detected a problem and fixed it. now i try to click on the freshui icon on my desktop that i orginally setup. the system shows a gray window that says you have performed an illegal operation and the system shuts down. what do i do now?


----------



## OBP (Mar 8, 2005)

I would un-install freshui and re-install later, it is not a priority now. 
You can use Spybot instead of Freshui to do the switch everything off at start-up and then switch them back on one at a time as outlined in post 3. To do this go to the Spybot Tools>System Startup tab. (Tools can be found at the bottom left corner)


----------



## Cheeseball81 (Mar 3, 2004)

Regarding this error: C:\WINDOWS\TEMP\se.dll

Try to run Ad-Aware in Safe Mode.

I think it would be best to post a Hijack This log.

Get Hijack This here: http://www.thespykiller.co.uk/downloads.htm
Choose "Hijackthis Winzip Self-extracting archive, default path set to C:\Program Files\HijackThis"
Let it default to Program Files, not Temp.

Once downloaded, close out any open web browsers
Launch Hijack This
Hit "do a system scan only"
Once that is done, hit "save log"
The log will open in Notepad
Go to Edit>Select All
Then Edit>Copy
Come back to this thread
Do Edit>Paste

The log will now be pasted here
Do NOT fix anything yet


----------



## boots88 (Mar 9, 2005)

in response to post#13, i've got spybot installed but when i click on it, the window that pops up doesn't have a system tools on it anywhere?
then i tried to uninstall and reinstall freshui. i click on that to go through process on post#3 and that same error pops up again;

unable to execute file:
C:\ProgramFile\FreshDevices\FreshUI\readme.txt

ShellExecuteEx failed; code 2.

The system cannot find the file specified.

uggh, i'm gettin frustrated. is there any hope here or what? thanks


----------



## OBP (Mar 8, 2005)

Have you tried post #14 yet with Hijackthis?
Have you tried running FreshUI as the error message that you get is for the FreshUI readme.txt not FreshUI the Program.
Find FreshUI.exe and double click it.


----------



## boots88 (Mar 9, 2005)

ya i tried hijackthis but nothing happens. it says that one file unzipped successfully but what do you do to launch it after that??, so that i can go to system scan only. there is no hijack this icon to click on or anything.


----------



## OBP (Mar 8, 2005)

Have you looked in the Programs Folder for the Hijackthis Folder?
In that folder you should find HiJackThis.exe. Double click it.


----------



## boots88 (Mar 9, 2005)

ok, i've hit do system scan only on hijackthis, then i hit save log but the save log shows where it wants me to save it to? so where should i save it to? it doesn't go to a notepad. do you want me to just cut and paste the results of the scan to this post?


----------



## boots88 (Mar 9, 2005)

hello?

ok, i've hit do system scan only on hijackthis, then i hit save log but the save log shows where it wants me to save it to? so where should i save it to? it doesn't go to a notepad. do you want me to just cut and paste the results of the scan to this post?


----------



## OBP (Mar 8, 2005)

You save the log to your Hijackthis folder.


----------



## boots88 (Mar 9, 2005)

Logfile of HijackThis v1.99.1
Scan saved at 5:02:11 PM, on 3/18/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)
in regards to post#14, i got it and pasted it here as you requested. what do i do now? thanks for all your help?

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\D3EJ.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\SDKAW32.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUNOTIFY.EXE
C:\WINDOWS\SYSTEM\FJP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotoffers.info/179/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\system32\blank.htm
R3 - Default URLSearchHook is missing
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {302FCDF6-C3B8-FDEF-DB33-BD6C8D4D3F17} - C:\WINDOWS\ATLJB32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [SDKAW32.EXE] C:\WINDOWS\SYSTEM\SDKAW32.EXE
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [D3EJ.EXE] C:\WINDOWS\SYSTEM\D3EJ.EXE
O4 - HKCU\..\Run: [Spyware Begone] "C:\SPYWAREBEGONE\SPYWAREBEGONE.EXE" -FastScan
O4 - HKCU\..\Run: [Iwx] C:\WINDOWS\SYSTEM\fjp.exe
O4 - HKCU\..\Run: [SpyBlocs] C:\Program Files\eBlocs\SpyBlocs\GLF6260.exe
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.slotchbar.com (HKLM)


----------



## OBP (Mar 8, 2005)

Boots, to start with an Automated Hijackthis program has Identified these problems for you to fix with Hijackthis. 
These entries have been positively identified as malicious programs. In the HijackThis program, place a check mark next to the following entries.

R3 - Default URLSearchHook is missing 
(Description: This will fix the search mechanism in IE.)

O15 - Trusted Zone: *.slotchbar.com 
(Description: Search engine hijacker)

O15 - Trusted Zone: *.slotchbar.com (HKLM) 
(Description: Search engine hijacker)

In the mean time I will check out a few other items that I do not recognise.


----------



## OBP (Mar 8, 2005)

I can't find anything on this - 
O2 - BHO: Class - {302FCDF6-C3B8-FDEF-DB33-BD6C8D4D3F17} - C:\WINDOWS\ATLJB32.DLL
or
O4 - HKCU\..\Run: [Iwx] C:\WINDOWS\SYSTEM\fjp.exe
or
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
or 
C:\WINDOWS\SYSTEM\MPREXE.EXE
or 
C:\WINDOWS\SYSTEM\D3EJ.EXE
or 
C:\WINDOWS\SYSTEM\SDKAW32.EXE


----------



## OBP (Mar 8, 2005)

Do you know what ant of them relate to on you computer?
Programs that you may have Installed?


----------



## boots88 (Mar 9, 2005)

well the only thing i installed was spywarebegone version 7.1, no trace begone and popupbegone. other than that, i've installed nothing. thanks for your help. i check marked those three items in post#23. what now?


----------



## OBP (Mar 8, 2005)

Did you get Hijackthis to fix them?
I would suggest you have a good look at those others that I have listed and if you can't find a legitemate program for them then I would delete them as well. I have Googled for them and can't find anything about them.
You could try disabling them in Task Manager and see what happens.


----------



## boots88 (Mar 9, 2005)

ok, i've deleted all those files in post#23 and #24 but i go back in and R3 is still there? plus i can't find in the window that you can checkmark and fix the line C:\WINDOWS\SYSTEM\MSDXM.OCX and C:\WINDOWS\SYSTEM\MPREXE.EXE
. they both show up in the notepad window but not in the other window where you can checkmark and fix. what now?


----------



## OBP (Mar 8, 2005)

Do they show as running in Task manager?
Have you still got you original error message problem?
Have you tried running Freshui.exe from it's folder?


----------



## boots88 (Mar 9, 2005)

i've tried running freshui but that gray window comes up again and says this system has performed an illegal operation and the internet shuts down. the task manager shows that hijackthis, inbox, techsupport,explorer, Ccapp,spywarebegone, systray, alunotify is on. what next? i'm kinda forgetting what we are trying to accomplish. i can't get to freshui and hijackthis, i've done all the deletion from post#23 and post#24.


----------



## boots88 (Mar 9, 2005)

when i clicked on the freshui icon, that gray window comes up and says this program has performed an illegal operation and will be shut down.

if the problem persists, contact the program vendor. then there is a details button so i clicked it and this is what came up. 

FRESHUI caused an invalid page fault in
module KERNEL32.DLL at 017f:bff98adb.
Registers:
EAX=00000001 CS=017f EIP=bff98adb EFLGS=00010246
EBX=00000010 SS=0187 ESP=00dcff88 EBP=00dcffcc
ECX=2aedb282 DS=0187 ESI=006700fc FS=39d7
EDX=8174d118 ES=0187 EDI=00565f3c GS=0000
Bytes at CS:EIP:
89 b4 8a 90 00 00 00 5f 5e 5b c2 04 00 56 a1 e0 
Stack dump:
8174d118 8178aabc 8178a9d8 bff87caa 8178aabc 00000008 bff88f1a 8174d118 00000008 8178a9d8 00000007 00dcffa4 00dcfdb8 ffffffff bffc05b4 bff79050


----------



## Flrman1 (Jul 26, 2002)

boots88

Please rescan with Hijack This and post a new log.

Also click here to download StartDreck.

UnZip the startdreck.zip file first. DoubleClick: 'StartDreck.exe' 
First click on the *config* button. 
Now click the *Unmark all* button 
Put a check by these boxes only: 
*Registry->run keys 
*Registry->Browser helper objects 
*System/drivers> Running processes 
hit >ok.

Now click the *Save* button to save that log. Go to the StartDreck folder and find the Startdreck.log file.

Copy and Paste the contents of that log back here and await further instructions.


----------



## boots88 (Mar 9, 2005)

i double clicked startdreck.exe and a gray window comes up and says at the top of it, error starting program
then below it, it says a required .DLL file, VB40032.DLL, was not found.


----------



## Flrman1 (Jul 26, 2002)

Click on this link and download and install the VB6 runtime files package and it will solve that error:

http://download.microsoft.com/download/vb60pro/install/6/Win98Me/EN-US/VBRun60.exe


----------



## boots88 (Mar 9, 2005)

i just installed install the VB6 runtime files package but the error still comes up when i go back to startdreck.exe, error starting program
then below it, it says a required .DLL file, VB40032.DLL, was not found.


----------



## Flrman1 (Jul 26, 2002)

Go to the link below and download the VB40032.zip file:

http://members.fortunecity.com/xtreme2051/HTMLobj-213/vb40032dll.zip

It is in a zip file so you will have to unzip it first. Unzip the file and copy the VB40032DLL file to the C:\Windows \System folder.

Now try running StartDreck.


----------



## boots88 (Mar 9, 2005)

ok, i clicked on the member's fortunecity.com link and it shows a winzip window with Vb40032.dll in it. what do i do now? how do you unzip something? i told you man, i have no tech knowledge at all. thanks


----------



## Flrman1 (Jul 26, 2002)

Do you have winzip?


----------



## boots88 (Mar 9, 2005)

yes, i have a winzip folder in program files of explorer. but how do you unzip something?


----------



## Flrman1 (Jul 26, 2002)

Click on the link to download the file and click "Save". Save it to your desktop. Now doubleclick on it. The screen that appears will look something like the following;










Simply click on *Unzip*. Do not change anything else. A folder will be created on your desktop called vb40032dll and it will contain the vb40032.dll file.

Open the vb40032dll folder and right click the vb40032.dll file and choose "Copy" from the menu. Now navigate the the C:\Windows\System folder and paste the vb40032.dll file there.

After you have done that you also need to unzip StartDreck if ou haven't already done so then run it according to my previous instructions and post the log.

Also post a new Hijack This log.


----------



## boots88 (Mar 9, 2005)

i click on the link fortunecity and it asks me if i want to save it to a disk or run it now. i choose now so then it goes to a screen to ask me to agree to some licensing, i click i agree then a white winzip window opens and there is a vb file there but there is no option to save it??


----------



## Flrman1 (Jul 26, 2002)

I told you when you download the file click "Save" not Open!


flrman1 said:


> Click on the link to download the file and click "Save". Save it to your desktop. Now doubleclick on it. The screen that appears will look something like the following;


Do that and then follow the rest of my directions in my last post. I don't know what else to tell you.


----------



## boots88 (Mar 9, 2005)

ok, i've figured out how to save it to desktop. now when i double click on it, the window that you showed in post#40 doesn't show. some winzip licensing agreement window shows up and asks me to quite, enter registration code, i agree so i click i agree and another white window pops up like i described in post#41. the vb file is there but there is no unzip button in that window.


----------



## Flrman1 (Jul 26, 2002)

It should be simple enough from there.


----------



## boots88 (Mar 9, 2005)

hun??does that mean it is unzipped? what do i do now?


----------



## Flrman1 (Jul 26, 2002)

If you can't figure out how to unzip files then you're going to have to see if you can get someone to help you because I have explained it the best that I know how.

We don't need startdrek to deal with this one now and a new tool has just been released that should deal with it properly

*Click here* to download CWSinstall.exe. Click on the CWSinstall.exe file and it will install CWShredder.

Right click on a blank spot on your desktop and choose "New Folder". A New Folder will appear on the desktop. Right click the new folder and choose "Rename". Name the folder SpSeHjfix. *Click here* to download SpSeHjfix111.zip. Save it to your desktop. Now unzip the SpSeHjfix111.zip file to the SpSeHjfix folder you created.

Disconnect from the internet and close all running programs and any open browser windows.

Open the 'SpSeHjfix' folder and click on the *SpSeHjfix111.exe* file. Now click on the "Start Disinfection" button and let it run.
When it's finished it will reboot your machine to finish the cleaning process.
It will create log of the fix which will appear in the folder.

If it doesn't find any of the SE files or any hidden reinstallers it will say that your system is clean and not go on to next stage

Next run CWShredder. Click on the cwshredder.exe then click *"Fix" (Not "Scan only")* and let it do it's thing.

When it is finished *restart your computer*.

Come back here and post another Hijack This log and the log that was created by 'SpSeHjfix'.


----------

