Malware issues! rundll32 can't be found

hatrik · Apr 15, 2010

Did as much of the Post marked "read me first" as possible.

I encountered the following problems:

I can't add and remove programs because my computer tells me that it can't find rundll32.exe (it appears as a page in the system 32 folder)

I have tried to reassociate the .exe with a registry fix as suggested in other posts but this didn't fix the problem. I've also looked for other backup copies but they are all pages as well. I believe malware caused the problem (I didn't delete it manually).

I was unable to install Superantispyware but all other applications were fine. I got an error concerning MSIEXEC during the installation process.

I've attached the logs from MBAM, MGTools, Combofix, and root repeal.

Please help! I'm lost.

TimW · Apr 15, 2010

Sorry to give you the bad news but you will have to do a total clean reinstall.

I can see the reason for your problems. Your Combo log show that your Windows Operating system files have become infected by a Virut infection and there is no known reliable fix for this. In addition there are many many other infected files. We could spend a lot of time trying to remove this infection, but odds are that it will not work because the nature of the infection has so many executable system files infected that as soon as we fix one file, other files that are infected will almost immediately or upon the next reboot, just reinfect the files. In addition, your PC would still basically be unreliable/untrustworthy even if we manage to fix the infected files that we can see since there could be many more that we are not seeing.

The safest thing for you to do is backup your personal data immediately since your PC could possibly become unbootable at any point in time. Do not back up any executable files. This includes programs that you have downloaded since any of them could be infected. Anything you may have already backed up that is an executable type file (things you downloaded to install programs....etc) are most likely infected and will cause you to be reinfected if you reuse these files.

Once you backup, you need to format partitions and reinstall Windows and all other software especially your protection software. Then install all updates for all software. DO NOT reinstall from any executable file backups you made while this PC was infected or you will just be reinstalling the infection.

hatrik · Apr 15, 2010

I was worried I would have to do that.
So once I backup my personal files, do you have a good post or website I can look at for how to do the format partitions and reinstall??

I've never had to do this before. :S

And thanks so much for the response, it's appreciated!

TimW · Apr 15, 2010

I assume you will backup your personal data and files to a dvd. Once done, put your xp cd in the drive. Reboot and as soon as it starts up, press F2 key ( there will be a very short flash indicating which key to get you into the bios or "setup" ). Once in the bios, scroll with the arrow key to the boot tab and again using maybe the + or - key, move the CD-rom to the first boot device. F10 will save and exit the bios and start the boot process again. You will see a message to press any key to boot from the cd. It will start loading files and then ask if you want to install or repair. Choose install and follow the prompts. You want to do a compete format and reinstall. If you wish to set a partition, you can do so after you finish doing the install.

Log in or Sign up

Malware issues! rundll32 can't be found

hatrik Private E-2

Attached Files:

root repeal log 1.txt

MGlogs.zip

ComboFix.txt

mbam-log-2010-04-15 (14-27-27).txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

hatrik Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member