Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C\Windows\System32\Rundll32.exe


  • Please log in to reply
9 replies to this topic

#1 AustinTerry

AustinTerry

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:09:20 PM

Posted 01 May 2010 - 06:20 PM

I am helping a friend with his Dell Inspirion 1521 laptop,
and I know he has allot of malware on it I am going to try and clean up, but I can't install or run anything because I get the message

C\Windows\System32\Rundll32.exe
Application not found

or it pulls up a window and asks which program I want to use to open the file, which not is the correct.
He doesn't have any Vista discs so is there a good way to copy the file from somewhere else.

I looked in C\Windows\System32 file and it has a rundll32.exe file there.

Thanks!

BC AdBot (Login to Remove)

 


#2 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:09:20 PM

Posted 01 May 2010 - 07:15 PM

You should run RKill and then run other tools like MBAM, DrWeb Cureit etc listed here : http://www.bleepingcomputer.com/forums/t/308364/rkill-what-it-does-and-what-it-doesnt-a-brief-introduction-to-the-program/

RKill would fix the exe associations and polices etc so you can run programs.

#3 AustinTerry

AustinTerry
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:09:20 PM

Posted 01 May 2010 - 07:26 PM

I've used RKill in the past, but thought it only killed processes that malware might be running.
I think what ever is on this laptop, removed the rundll.exe file from the system\32 folder.

I'll give it a shot and see if it will allow me to install Mbam and MS Security Essentials to run.

Edited by Orange Blossom, 01 May 2010 - 07:53 PM.
Move to AII forum. ~ OB


#4 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:09:20 PM

Posted 01 May 2010 - 08:01 PM

It can be a entry in the registry that may have disabled rundll32.exe

#5 AustinTerry

AustinTerry
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:09:20 PM

Posted 01 May 2010 - 08:34 PM

OK... I running under safe mode, ran Rkill, and was able to download and install MBAM, it is running right now.
I tried to do the same just in safe mode and would not work, so THANK YOU!

The only process it stopped was Microsoft\Windows\Temporary Internet Files\Content.IE5\RPXUBDF4\rkill[1].com

It almost looks like it killed itself... ?

#6 AustinTerry

AustinTerry
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:09:20 PM

Posted 01 May 2010 - 09:41 PM

MBAM picked up a few rogue antiviruses while in safe mode, so I removed them, rebooted, and started RKill in normal mode.
I started to install MS Security Essentials since I have heard it is a good, lightweight anti-malware program, and as I was doing that (RKill), I guess the Trend Micro Pc Cillin 14 that was installed already was able to update and tried to run, but I cut it short, so I could run Essentials and then run MBam again in normal mode while still running Rkill.

Is PC Cillin14 a good Trend Micro program? The funny thing is I don't see it listed under Programs. Could that be malware?

I would like to upload a hijackthis or whatever log, to see if all is clean when I'm done, if anyone could give me assistance. (I know it could take a while...)

Thanks again...

#7 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:09:20 PM

Posted 01 May 2010 - 10:46 PM

In my opinion both Trend Micro and Microsoft Security Essentials have low detection rates. I would install avast! or Avira instead. Also scan your system with Super Antispyware. BC recommends MBAM and Super Antispyware these days.

If your Trend Micro installation is corrupt, here is a tool to uninstall Trend Micro : http://esupport.trendmicro.com/1/How-do-I-...in-my-comp.aspx

#8 AustinTerry

AustinTerry
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:09:20 PM

Posted 01 May 2010 - 11:31 PM

Thanks again..

Essentials came up clean, as well did MBAM, so in the morning, I'll run your other suggestions.

looking good so far...

#9 AustinTerry

AustinTerry
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, TX
  • Local time:09:20 PM

Posted 03 May 2010 - 12:13 PM

Even tho everything came up clean now, should I still follow the instructions in the Virus, Trojan, Spyware, Malware Removal Logs forum and post all of my logs there, just to make sure I'm really all clean?

#10 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:09:20 PM

Posted 03 May 2010 - 12:43 PM

Go ahead :thumbsup: You should have peace of mind.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users