"Is not a valid win32 application" errors after removing Vundo

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Deadly Delusion, Jan 31, 2009.

  1. Deadly Delusion

    Deadly Delusion Private E-2

    So I got Vundo and a bunch of other malware yesterday. I bet I got some of them before that, but I didn't get any noticable symptoms before then. I ran a virus scan because something was quite clearly wrong with my computer (got constant BSODs for one thing) and got about 10 results. I deleted them, but of course, things can never be that easy. Some of them decided to copy themselves so that they would survive, and suddenly the symptoms started getting even worse. My computer became nearly unusuable in non-safe mode because everything froze constantly and Vundo started displaying constant ads.

    So I found the solution here on MajorGeeks, went through all the stuff that needed to be done. The malware all seems to be gone now, and I didn't get any results with AVG or Spybot S&D, so it's probably clean. However, a problem that the malware caused has remained. Namely, some applications refuse to run and give me a "Is not a valid Win32 application" error. The malware disabling most of them makes sense (HijackThis, ComboFix, VundoFix) but some others don't make sense. (WinRar, and I also think this is the reason I can't patch Oblivion) Reinstalling WinRar doesn't help.

    Does some of the malware remain, or has it just made some changes to my system that weren't reverted?

    Thank you.

    (Note that the HijackThis log is very recent, but the SUPERAntiSpyware log is from when I was removing the malware in the first place. I'll run a new scan on request.)

    Also note that I couldn't follow your procedures properly, since most of the applications refused to work.
     

    Attached Files:

    Last edited: Jan 31, 2009
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Have you renamed the applications (MBAM, ComboFix)? Have you tried running them in safe mode?

    You need to attach the entire C:\MGLogs.zip, not just the hjt log.
     
  3. Deadly Delusion

    Deadly Delusion Private E-2

    Yes, I tried renaming them, and yes, I tried safe mode. As I said in my first post, I couldn't follow all the procedures because some of the applications refused to run. MGLogs wouldn't work because the swreg file or whatever it was called got the win32 error.

    Anyway, I ended up reformatting my computer, so consider this problem solved.
     
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Sorry to hear that.....hope all is well now.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds