Run a dll as an App error

By sephirothvswill
Jun 12, 2009
Topic Status:
Not open for further replies.
  1. i keep getting this error every time i try to enable my visual styles. Run a Dll as an App has encountered an error and needs to close. i really don't have a choice in the matter so i close it down. it only happens when i try to check the visual styles box or if i try to change my theme, come to think of it, i'm not even using the XP theme, i think it's the classic. any help would be greatly appreciated, idk too much about computers and i tried Regcure and everything else i looked up didn't help either. thanks everyone for reading my post and thanks to everyone who has some helpful input
  2. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    Tell us more about what you mean by, "...enable my visual styles..." and "... run a Dll as an App has encountered an error..."
    What is your motherboard, your video card, your operating system, and age of the system.
  3. mflynn

    mflynn Newcomer, in training Posts: 2,793

    Download Dial-A-Fix (DAF)
    http://wiki.djlizard.net/Dial-a-fix#...C_and_articles
    http://djlizard.net.nyud.net:8080/software/Dial-a-fix-v0.60.0.24.zip

    Have XP CD available in case DAF needs a file.

    Check all boxes on the screen (clear any restrictions if it shows any)
    Then click GO!

    When finished..

    Hold down Microsoft (Flag key) and tap (Pause Break) key
    Click Advanced - Performance - Settings. Under Visual effects click (my recommendation) Adjust for best performance. Then check only "Use visual Styles, Use Common tasks in Folders and Smooth edges of Screen Fonts. Save and exit.

    The In Services confirm Themes is running!

    Reboot retest!

    Get back to us.

    Mike
  4. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    Be aware that Dial a Fix is NOT for everybody... Dial-a-fix (hereafter known as "DAF") is a bjunch of known and believed fixes taken from from Microsoft Knowledgebase articles, Microsoft MVPs, and other important support forums. Some are ancient. None are really supported except by what you can read at Microsoft.

    Some people, particularly the inexperienced, are in more trouble after DAF than they were before.

    There is plenty of information about DAF available on line with google and live searchs... just be sure you are ready to handle all the stuff it does... and that your computer is not too new for some of it.

    DAF is good, but better for the experienced, than for the newby.
  5. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    I'm running windows XP SP3 and have a Dell Inspiron E1505, upgraded the mem to 2 gigs and have a 40 gig hard drive. sorry, idk the motherboard
    as for the error, i go through this process to get the error, my computer, properties, advanced, performance settings, and the turn on "use visual styles on windows and buttons"

    the error message says "Run a DLL as an App has encountered a problem and needs to close. We are sorry for the inconvenience."

    and the info it gives me about tech info is
    "C:\DOCUME~1\WILL\LOCALS~1\Temp\WER5927.dir00\rundll32.exe.mdmp
    C:\DOCUME~1\WILL\LOCALS~1\Temp\WER5927.dir00\appcompat.txt"

    lastly, the error signature is
    EventType : BEX P1 : rundll32.exe P2 : 5.1.2600.5512 P3 : 480252d5
    P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 000cb34c
    P8 : c0000005 P9 : 00000008
  6. mflynn

    mflynn Newcomer, in training Posts: 2,793

    First Dial-A-Fix is one of the safest tools I know of! Does nothing strange or exotic. It will fail if you have the right Malware or other system problems!

    It needs to be run!

    But Not now! It should only be run after the below is clean.

    You very likely have Malware based on the error you posted.

    Do the TechSpot 8 steps: http://www.techspot.com/vb/topic58138.html

    Attach all logs!

    Mike
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Then why didn't you have the user check for this in the first place?! You launched into the DAL run with no caveats.

    The information should have been requested before download and scan for it were given.
  8. mflynn

    mflynn Newcomer, in training Posts: 2,793

    Well Mr. BOB if you will read the post you would see he added info I did not have in post #5.

    And it would not really have hurt anything if he did run DAF first but then would just have to run again after clean!!!!!!!!

    Mike
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    The point Mr. Flynn is that you should check before telling a user to run a program. You didn't have the information because you didn't do anything to request it. Having any user indescriminatly run programs is not a good practice.

    Two members are telling you that having a user run DAL was not appropriate at that point- if at all.
  10. mflynn

    mflynn Newcomer, in training Posts: 2,793

    Ok thank you all knowing wise one! So being I know you always ask the right questions

    I know this tho, DAF is safe, is needed and if he returns and follows my post will run it!

    I am trying to help sephirothvswill so will not engage with you more on this distraction!

    Mike
  11. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    ok here are my logs, and i really appreciate everyone helping me, if anyone did give me misinformation it's fine. i'm sure it was all with good intent and i do plan on running Dial-a-fix again, i ran into some errors and i don't have my Win XP Cd, but i'm going to find one lol, but agian thanks everyone and here's my log files, if there are any file i can remove that i don't need, please let me know and i plan on looking though the files and browsing online to se which ones i can get rid of
     
  12. mflynn

    mflynn Newcomer, in training Posts: 2,793

    Great job!

    Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
    Then paste to the black screen of an open command prompt. All may not apply so ignore errors.

    Code:
    @echo off
    sc config Alerter start= disabled
    sc stop Alerter
    
    sc config AeLookupSvc start= disabled
    sc stop AeLookupSvc
    
    sc config ClipBook start= disabled
    sc stop ClipBook
    
    sc config Dfs start= disabled
    sc stop Dfs
    
    sc config FastUserSwitchingCompatability start= disabled
    sc stop FastUserSwitchingCompatability
    
    sc config TrkWks start= disabled
    sc stop TrkWks
    
    sc config TrkSvr start= disabled
    sc stop TrkSvr
    
    sc config DNSCache start= disabled
    sc stop DNSCache
    
    sc config ERSvc start= disabled
    sc stop ERSvc
    
    sc config HidServ start= disabled
    sc stop HidServ
    
    sc config PolicyAgent start= disabled
    sc stop PolicyAgent
    
    sc config CiSvc start= disabled
    sc stop CiSvc
    
    sc config IsmServe start= disabled
    sc stop IsmServ
    
    sc config kdc start= disabled
    sc stop kdc
    
    sc config LicenseService start= disabled
    sc stop LicenseService
    
    sc config Messenger start= disabled
    sc stop Messenger
    
    sc config Netlogon start= disabled
    sc stop Netlogon
    
    sc config NetTcpPortSharing start= disabled
    sc stop NetTcpPortSharing
    
    sc config mnmsrvc start= disabled
    sc stop mnmsrvc
    
    sc config NetDDE start= disabled
    sc stop NetDDE
    
    sc config NetDDEdsdm start= disabled
    sc stop NetDDEdsdm
    
    sc config NtLmSsp start= disabled
    sc stop NtLmSsp
    
    sc config SysmonLog start= disabled
    sc stop SysmonLog
    
    sc config RSVP start= disabled
    sc stop RSVP
    
    sc config SSDPSRV start= disabled
    sc stop SSDPSRV
    
    sc config upnphost start= disabled
    sc stop upnphost
    
    sc config WMPNetworkSvc start= disabled
    sc stop WMPNetworkSvc
    
    sc config WmiApSrv start= disabled
    sc stop WmiApSrv
    
    sc config WmdmPmSN start= disabled
    sc stop WmdmPmSN
    
    sc config RemoteRegistry start= disabled
    sc stop RemoteRegistry
    
    sc config RemoteAccess start= disabled
    sc stop RemoteAccess
    
    sc config SCardSvr start= disabled
    sc stop SCardSvr
    
    sc config TlnSvr start= disabled
    sc stop TlnSvr
    
    sc config UPS start= disabled
    sc stop UPS
    
    sc config WebClient start= disabled
    sc stop WebClient
    
    sc config DNSCache start= disabled
    sc stop DNSCache
    
    sc config JavaQuickStarterService start= disabled
    sc stop JavaQuickStarterService
    sc delete JavaQuickStarterService
    attrib -h -s -r /s c:\jqs.*
    del /f /q /s c:\jqs.*
    
    sc config RpcSs start= Automatic
    sc start RpcSs
    
    sc config RpLocator start= Automatic
    sc start RpcLocator
    
    sc config MSIServer start= Automatic
    sc start MSIServer
    exit
    exit
    Run HJT select and Fix the below!
    O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O20 - Winlogon Notify: identified as: - C:\WINDOWS\
    O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\

    Minor but run SAS Quickscan and remove the Tracking cookies!

    Because of a couple of the above..

    Download ComboFix

    Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Or here: http://subs.geekstogo.com/ComboFix.exe

    Double click combofix.exe follow the prompts.

    Install Recovery Console if connected to the Internet!

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

    This should finish us up, but get me the logs!

    Mike
  13. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    omg finally, i was having so much trouble getting the combo fix to work, it rebooted my computer and then froze, any time it said a few seconds it meant like 10 minutes or more.

    idk why it's so slow, my computer i mean. ok so here's the log files.

    i'm guessing i'm almost done here, but the DAF still needs to be ran i suppose but every time i get to SSL/HTTP/Cryptography it freezes and if i skip it and go to Registration center it asks me for a disk or file location, but i don't have the Win XP cd and i can't find anyone who does

    i'm pretty tired, but you guys are awesome and i really appreciate everything
  14. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    It appears that all you really need is a reformat, reinstall, and a fresh download of all the drivers for that machine... your system is corrupt beyond repair.
  15. mflynn

    mflynn Newcomer, in training Posts: 2,793

    No no format!

    OK ComboFix found and removed a Trojan!

    D/L and run http://majorgeeks.com/ViewpointKiller_d4929.html

    D/L DrWeb Cureit: http://www.snapfiles.com/get/cureit.html
    Reboot to Safe Mode and run it after doing the below.

    In Add/Remove uninstall Webroot Spysweeper (not a bad program can reinstall later but it may be corrupted now)!

    I see evidence of 3 Virus scanners and 2 Firewalls what are you using?

    After running Cureit in Safe Mode reboot back to Normal and disable your Virus scanner and run ComboFix again!

    Post Combofix and Cureit log!

    Mike
  16. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    alright, it took 10 hours to scan in safe mode, but i'm tryin to get these done right, it's a long process, but here's the new logs.

    also, i'm running avast, counter spy, super antispyware, zone alarm, and malware bytes
  17. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    sephirothvswill, I'd like to stress the following:

    You have 2 P2P (file sharing) programs:
    "c:\program files\uTorrent\uTorrent.exe
    c:\documents and settings\WILL\Application Data\LimeWire
    plus
    GloballyOpenPorts\List]
    "29101:TCP"= 29101:TCP:???? ??
    "47621:TCP"= 47621:TCP:UTORRENT
    "47621:UDP"= 47621:UDP:UTORRENT

    You have 3 Registry Cleaners Unless you're an advanced user, remove them all.
    RegCure
    Registry Easy
    Registry Defense

    You show processes from 4 antivirus programs: Use only one, remove the rest.
    Avast
    AVG
    Symantec/Norton
    Sunbelt (VIPRE anti-virus)

    You have 3 Firewalls: Use only one- remove the others
    ZoneAlarm
    Symantec
    Windows

    Take this out of the Trusted Zone Security is less there- not good for a jukebox.

    Verity if you have a homepage set to open as a blank page:
    Start Page = about:blank

    The system has got to be conflicted about which of these multiple program to use. And this doesn't include any malware. You either have a lot of uninstalling and resetting to do off the top-if it's even worth it-or you can do a reformat and reinstall and only install the correct programs.
    .
  18. mflynn

    mflynn Newcomer, in training Posts: 2,793

    10 hours! Geeze!

    These logs look good!

    I think you have it!

    Boot back to Normal and rename ComboFix to 1cbf then run 1cbf and post the log!

    Update and run Avast.

    Mike
  19. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    well i need some help here, avg and Norton aren't in add/remove programs, i hate Symantec, i can never remove it all. i actually had to download a product from them to take their antivirus off my computer, wtf is that all about? anyways, can you help me locate these files to get them off?

    also, "Take this out of the Trusted Zone Security is less there- not good for a jukebox." what do you mean? can you explain it to me? sorry, i'm not that great with computers, but ask me to model a car in 3dsMax and i'm all good lol
  20. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    ok heres the new log from "1cbf" now i need to do avast, a full scan? but that usually crashes and stays at 1%
  21. mflynn

    mflynn Newcomer, in training Posts: 2,793

    OK that Log is OK. Good job!

    Have been busy.

    Have friends and relatives over for Dinner.

    Will be back later this evening to post cleanup steps for those old Virus scanners etc!

    After cleaning with all the other tools and removing several issues an Avast Scan may be successful now if not we need to reinstall Avast!

    For now I think all you need to scan is the OS drive c:

    Mike
  22. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    ok that's nice, enjoy your dinner, i reinstalled avast anyways cause i was removing all the tools i didn't need. so far i had to reboot cause it found a virus in the memory so it's doing that now.
  23. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I did not mean to confuse you- perhaps Mike was going to do this later on. We do things differently.

    In order to remove Norton completely, you should use the Norton Removal Tool:
    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039

    About the Trusted Zone: Here is the description of this zone from Microsoft:
    It would help you to read about the different zones for security settings:
    http://support.microsoft.com/kb/174360

    The main thing to know is that any sites in the Trusted Zone are not subject to most of the security settings in your browser. No site actually needs to be put in the Trusted Zone, although you may get emails saying something like 'please put us in the Trusted Zone to be sure your get the newsletter' (or whatever). It's because these senders know the security is low and it's easier to get junk through to your system.

    Music Match is a digital music player, at one time, incorporating the MMJukebox. There is no reason to allow any music match files on your system with less security. I have nothing in the Trusted Zone.

    To change: For your safety.
    Control Panel> Internet Options> Security tab> Trusted Zone> Sites> highlight and remove MusicMatch> Apply> OK.

    Mike, please take a look at the # of bytes on the last Combofix log. He is adding bytes.
  24. mflynn

    mflynn Newcomer, in training Posts: 2,793

    D/L RegSeeker http://www.hoverdesk.net/freeware.htm

    See this Link Q5 remove Norton, use in addition to above! [http://www.techspot.com/vb/post742832-6.html

    Once the Q5 operation is finished run RegSeeker click Find in Registry and find and delete
    1st norton
    2nd symantec
    3rd symevent

    Then click Clean the Registry check all boxes and delete all found!

    Last do a Windows disk search for
    1st norton*.*
    2nd syman*.*
    3rd symeven*.*
    Delete all found.

    This is enough for one post so when finished....

    Get back and we will do the others.

    Mike
  25. sephirothvswill

    sephirothvswill Newcomer, in training Topic Starter Posts: 25

    ok i finally got the scan completed, it had to run at boot up, and it found a ton of trojans, some of them dealing wit the rundll32.exe but i don't have a log file of them. so what so i need t do next? and i'll take mmjukebox off of the trusted sites now
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.