Posts by Comatose

I'm sorry if this is a wrong place to ask but I'm becoming desperate.

I removed rundll32.exe from my computer [partly accidently as I thought it was a virus] and now I want it back.

Can I find it somewhere? Search in the internet has not given any results.

What Operating system are we talking about?

After Taking The plunge, and going ahead and deleting rundll32.exe, I found some things in the system DID NOT WORK. So, it turns out that the OS (WINDOWS) actually DOES use rundll32.exe. It's not just some program that's fun to have. It wouldn't let me load properties of my computer (right click on my computer, properties) and things of that nature. :)

:) too cool, too cool.

Well I can certainly code a dll, but for rundll32.exe is a whole different discussion

*wipes his forehead*

whew.

Thanks.

Yeah, I know it loads DLL into Memory for use with programs. I'm just not so sure that WINDOWS requires it. I know that a TON of spyware and adware is run as DLL files... so, if I could completely disable rundll32.exe (which loads a lot of the spyware dll's) then I could effectively stop the dll's from loading (things like bho's) while I remove them manually (or with a small peice of code that I'd write).

Basically, My question is this:

Is rundll32.exe ESSENTIAL to the OS, Or is it just a nice tool to have, that you could actually function without? I mean, would it be possible to rename completely, or even remove it, or does windows actually load files with it?

I never thought of that.... but probably.

After a lot of research and fiddling with shell.dll and shell32.dll, reinstalling that file is a good idea too. I've had a similar experience, with 98 (not 95) where a few of the icons went awry. I replaced shell.dll and shell32.dll, and it worked fine. Maybe something to look at.

You rebooted after changing the settings back? Reinstalled the needed drivers?

Using their IP address is generally a bad idea. This stems from the fact that not everyone has a static (permanent) IP address. People who use dial up, for instance, will not always get the same IP (in fact, it's usually different). So, what happens if you get 2, or 3 people that use the same ISP. One person votes, and gets offline. Someone else signs on, stumbles across your site, with the same IP as the first person.... they can't vote now.

Cookies are a good idea, but keep in mind that cookies can be erased/refused by the visitor. There is always a way for someone to get around it, so that they can vote more than once if they really want to.

It was my pleasure....

To My Knowledge, it would require a more powerful language than javascript. In PHP, or Perl (and probably ASP, though I don't like it) you can most likely write to images. It, too, requires a bit of work (I believe).

Did you check if the webserver's settings could do this?

I'm sure I could come up with a hack job of a way, but I know there is a better way (maybe with the web-server's configuration?)

Sure Would! :)

Works Fine For Me (Firefox 1.0)

Alex,

While I Agree with it being taboo to alter a dynamic link library, however, it seems to me that the resource kit changes the logo for IE (and from what I can tell, IE only). This doesn't solve the problem of changing the animated logo in the "my computer" window (and the others like it). It's quite a difficult task, understandably confusing, and if there is a solution that is more elegant, I, personally would like to use it.

start
run
regedit
hit 'f3'
and search for: wualcts.exe

Ok,
In Reshacker, after loading the file, it's under bitmaps, then 240 (once you open 240, click the green thing, and it will load the picture in the right pane). The picture is saved in the dll file, as a long vertical banner. This is actually the frames of the image as it's loaded in the window (in the right corner, it's an animated picture, not a still picture), and the very last image to be displayed (and the one that stays there for the duration of the window being open), is the very top frame. You can export the bitmap (right click on the green light thing), and edit it with paint. Then you can replace the resource with your modified bitmap (again, right click the green light thing). I colored mine all grey, but you can put just about any thing that will fit in the banner in there (But don't modify the height or width of the picture). Then, click File, and Save as... and save the file to someplace you won't forget with the name of shell32.dll and get ready for some difficult task. In XP, Windows seems to replace files when they turn up missing, so, if you can delete the shell32.dll, and replace it with the modified one, then you're good to go. Boot up in safe mode, remove shell32.dll (this required me to build a program that scanned the process list, and terminated the PID for shell32.dll, then removed shell32.dll, and replaced …

Alright,
After extreme periods of digging and searching (and even attempts with findwindow and findwindowex api's??) I was able to find how to do it. Right now, it's narrowed down to (because I didn't replace, I removed all the bitmaps that resembled that particular icon). Anyway, there is a program called "reshack", which allows you to open "resource" files (exe's, dll's, etc). I found the picture that appears up there in the file %windir%\system32\shell32.dll. Under The "Bitmap" folder, there are a number of folders. 240, 241, 242, 245, 246, and 247 all contained that particular image (the ugly white backgrounded windows logo). I made a backup first (of course) before modifying shell32.dll, then deleted all of those bitmaps. It was a pain to actually kill the process running that DLL, and replace it with my current version, but I do have it working without the logo in the upper right (it's actually a completely black square right now). Tomorrow, after I get some sleep and after work, I will continue my efforts to pinpoint which of those resources actually belongs to the "my computer" like windows.

Hmn, I was able to remove the windows logo from my start button.... I'll keep trying.

I stand corrected in regards to my grammar. Also, I understand that coding a virus is not a criminal activity, but regardless of the legalities, unless someone could prove that their intent is pure (creating a virus removal utility?), there is no way that I will offer any help or support on the subject.

If it's pascal, I'm guessing it's something like a text-based prog?

I wouldn't use it. People have different Idea's about it, but I can't see how channeling my information through someone else is more secure... unless I know and trust them with whatever I'm passing through them.

Yes They Can. I read an article about the proxy's, and a lot of them maintain a certain amount of information about your surfing habits and other internet based activities. It started as a great idea, and turned into something else.

Did you try a system restore?

Honestly, I prefer firefox to anything else, as my browser of choice. It's really a nice browser, and can be downloaded from: http://www.mozilla.org/products/firefox/.

*Smiles* I know the feeling. Let me know the outcome.

Mkay, Try His Post?
http://www.daniweb.com/techtalkforums/thread16364.html

Yikes!

Alright, Right click on the IE Icon, and go to properties. Under General Tab, Click On Settings... Go To "View Objects" And Look for anything that is out of place, or doesn't seem like you would want it installed. I would personally clear the history and cookies and files (Cache) afterword. Maybe that will help?

You Could Uninstall and then Reinstall Internet Explorer? Load up Control Panel, add remove programs, then add/remove windows componants. Uncheck Internet Explorer, Reboot, and Then Recheck Internet Explorer (You might need an XP CD, I'm not sure).
That could fix it.

Have You Rebooted?

Programming something more constructive, I might help with..... but virii No.

Yes, That Should work fine. This is assuming that your BIOS will support a larger hard drive (should be no problem).

dim tmpvar as string

open "c:\somefile.txt" for input as #1
do until eof(1)
line input #1, tmpvar
DATA tmpvar
loop
close #1

This is assuming you have a file called "c:\somefile.txt" with the numbers in them that will be used for the DATA statement.

There are a couple of methods.... with different softwares and names. You need to look for a something called a "Proxy." This is a program that will act as your needed bridge.

I don't like to give it as advice, but you could boot into "safe mode" and then delete them. That might do the trick.

I'm assuming you have administrative rights to the registry and so forth. So my next guess is that there is a program (exe) or a dll of some kind (or a hot bar) that is making these changes. If you load task manager, look for something that is running (in the process) that is out of place, and terminate that process. You might be able to change it then.

Click Start, Go To Run, Type in "Regedit" (without quotes)
Find The left pane of the regedit window, and find HKEY_LOCAL_MACHINE
open that folder, and find "Software" and open that. Find Microsoft, Open It.
Find "Internet Explorer" and open that. Find Main, And click it so that it is highlighted.
Now On the Right Pane, Find "Start Page", and make sure it is set to what you want. The "Local Page" Value May have an impact also.

I had this same problem, and this is the fix that I used.

I forgot to mention, that the Default_Page_URL Value Might Be There, And need to be changed also.

alc6379 ;) knoppix is exactly what I meant (leaning a little toward syphilis, though Phlak is nice too). I also know it's a bit, uh, taboo, but there isn't a tool to decrypt (externally) encrypted folders?

If you put advertisments in the same place, people will tend to not even look at it. It will be sort of zoned out... like the "ad section" of the site.

Have You Rebooted?

There is an extremely complicated solution that I know of, but it requires a pretty comfortable knowledge of unix. Do you know Unix?

You can disable the shutdown with this:
click start
click run
type shutdown /a

But I don't think this is the solution to your problem. This will stop you from being shutdown, but I would be willing to bet that there is some nasty virus that's making this happen (Sasser.F).

This Site Might Also Help: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SASSER.F

Good Luck, And May The Source Be With You.

Can't Use...

me.borderstyle = 0

?

anyone know how to get around this:

WshShell.RegWrite "HKEY_CLASSES_ROOT\exefile\shell\open\command\", ""%1"%
*"

I cant seem to include more than 2 " at the end there if i just do "%1 %
*" then it will succesfully write to the registry but it needs the extra 2 " in there & i dont know how to get around that, anyone know???

WshShell.RegWrite "HKEY_CLASSES_ROOT\exefile\shell\open\command\", chr(34) & "%1" & chr(34) & "%*"

the chr(asc) function returns the character represented by the ascii code passed to it. 34 happens to be the ascii double quote character. So, You terminate your string, use concantenation ( the & ) to append the character code 34 (double quotes) to your string.