Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Need Help Fixing Virus Damaged Registry

  • Please log in to reply
1 reply to this topic

#1 BillDub


  • Members
  • 1 posts
  • Local time:03:02 AM

Posted 28 March 2010 - 01:10 PM

I recently contracted a Virus/Trojan. I am running a Laptop with Windows XP Media Center Edition. My Virus Scan App is through McAfee...

The Trojan appeared as one of those Fake Anti-Virus programs. I used MBam (MalwareBytes) to attempt to clean the infection (ave.exe), but after the re-boot, any executable that I selected was deactivated. I received a Windows Pop-up asking me what application I wanted to open the file with... I was also receiving an Error Message that stated Windows couldn't find Rundll32....

MsConfig, Regedit, will not work under the damaged profile...

I did manage to create another Admin Profile on the Laptop and that, fortunately, is the only way I am able to use the Laptop. I would like to clean up the remnants of the Virus, as well as fix the damaged registry under my old profile. All of my files and apps were attached to that profile.

I have also tried Super Antispyware. Although that is working under the new profile, nothing has corrected the damage.

Any and all help would be greatly appreciated.


Edit: Moved from Virus, Trojan, Spyware, and Malware Removal Logs forum.

Edited by Budapest, 28 March 2010 - 04:33 PM.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,489 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:06:02 AM

Posted 28 March 2010 - 04:45 PM


RunDLL32.exe is a legit Windows file that loads .dll files which too can be legit or malware related. The Cannot find or error loading error message usually occurs when the associated .dll has been removed. The file may have been removed during an anti-virus scan, the uninstall of a program or use of a specialized fix tool. However, an associated registry entry remains and is telling Windows to load the file when you boot up.

If the file was removed but not the entry, Windows will display an error message indicating that the file was not found or there was an error loading. You need to remove this registry entry so Windows stops searching for the program when it loads.

To resolve this download and run Autoruns, search for the related entry and then delete it.
  • Create a new folder on your hard drive called AutoRuns and extract (unzip) the file there. (click here if your not sure how to do this.)
  • Open the folder and double-click on autoruns.exe to launch it.
  • Please be patient as it scans and populates the entries.
  • When done scanning, it will say Ready at the bottom.
  • Scroll through the list and look for a startup entry related to the file with the error message.
  • Right-click on the file and choose delete.
  • Reboot your computer and see if the startup error returns.

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users