Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

Sukhjeevan

41 Posts

113182

November 2nd, 2013 07:00

Windows host process(Rundll32) has stopped working error on every system start

Hi,

I have restored my laptop(Dell XPS) through dell data safe local back up DVD which I created at the time of laptop purchase.

Now every time when I start my laptop following message displays:

What should I do now.

Thanks

Sukhjeevan

41 Posts

November 6th, 2013 01:00

Problem resolved...

Actually I have following 3 software installed on my laptop:

1) QuickSet
2) Realtek audio driver
3) Sound Blaster

So I uninstalled all these software and then reinstalled all.

Now system working fine...

Thanks

Sukhjeevan

41 Posts

November 3rd, 2013 23:00

I have tried to debug the StartUp services through msconfig command and found that if I un-select the CTMasterOnOffMonitor start up program this problem resolved.

I'm having Windows 7 Home Premium.

Please find the screenshot given below:

So I want to delete this file but I couldn't find it on my laptop.

How to delete this file.


Thanks

speedstep

9 Legend

 • 

47K Posts

November 4th, 2013 05:00

Has to be done via Administrative Command prompt.

Sounds like toolbar malware.

[CTMasterOnOffMonitor] Rundll32.exe CTMWatch.dll StartCTMasterOnOffWatch

Legitimate  ctmwatch.dll is from Creative Technology Ltd

"Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"

This is a keylogger malware that steals your world of warcraft credentials.  Its installed by running an installer instead of manually installing a MOD for world of warcraft.

Startup type : Registry Startup
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

Display Name : CTMasterOnOffMonitor
Path : Rundll32.exe CTMWatch.dll StartCTMasterOnOffWatch

Open a command prompt. (Run a command prompt as Administrator in Windows vista/7/8)
Copy red command line and Paste.

echo Start
echo #
echo ######################## Default dirctory for x86 x64 ########################
echo #
echo this command is default system32 directory for x86 OS or x64 OS
cd %windir% & cd system32
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "CTMasterOnOffMonitor" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "CTMasterOnOffMonitor" /f
echo #
echo ######################## Change the dirctory for x64 ########################
echo #
echo this command is x86 application's registry for x64 OS
cd %windir% & cd syswow64
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "CTMasterOnOffMonitor" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "CTMasterOnOffMonitor" /f
echo End

Sukhjeevan

41 Posts

November 5th, 2013 08:00

Hi,

I did the same and got an error message.

Please find the error message as shown in given screenshot.

What does this mean.

What should I do now?

Thanks

Was this post helpful?

View All

No Events found!

Top