Rundll32.exe Application Error

Ok, go to start -> run -> type dxdiag -> press enter

Once it loads up the dx info -> click Save all Info -> save it to your desktop then attach it here for me

okay here it is

All looks good there ->

Go to start -> run -> type cmd

at the command prompt type ping www.ijji.com

click on the command icon in the top left corner -> go to edit -> select all -> do this again but select copy

Then paste it here

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Owner>ping www.ijji.com

Pinging www.ijji.com [206.82.212.79] with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 206.82.212.79:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Documents and Settings\Owner>

That's definitly the problem then -> what firewall or other security software do you have installed.

Also - I am going to message somebody else who is better at this now that we have identified the problem

Okay thanks for helping. I am using Zonealarm firewall.I have avg antivirus free,SUPERantispyware, and spyware doctor

one thing we may try is right click on the zone alarm icon in system tray -> restore zone alarm -> find the program in the list and make sure there is green checks next to it

Yep there are.

Lets look at a few things - I just had an idea

Highjackthis Instructions

• Make sure you have the LATEST version of HJT (currently v2.0.0.2) it can be downloaded from HERE
• Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
• After installing, the program launches automatically, select Scan now and save a log
• After the scan is complete please attach your log onto the forums using the paper clip icon above your reply.

Here is the log.

I'll start putting some instructions together - this is my specialty - you have some malware on there. Don't know if it will completely solve the problem, but at least I can get you clean

Okay,thanks ill wait for it to come.

Remove bad HijackThis entries

• Run HijackThis
• Click on the System Scan Only button
• Put a check beside all of the items listed below (if present):
  
  R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
  O1 - Hosts: 72.18.196.155 www.webcheats.com.br
  O1 - Hosts: 72.18.196.155 webcheats.com.br
  O1 - Hosts: 72.18.196.155 www.cheatsbrasil.com
  O1 - Hosts: 72.18.196.155 cheatsbrasil.com
  O1 - Hosts: 72.18.196.155 www.cheatsbrasil.com.br
  O1 - Hosts: 72.18.196.155 cheatsbrasil.com.br
  O1 - Hosts: 72.18.196.155 www.bothack.net
  O1 - Hosts: 72.18.196.155 bothack.net
  O1 - Hosts: 72.18.196.155 www.cheatstotal.net
  O1 - Hosts: 72.18.196.155 cheatstotal.net
  O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O3 - Toolbar: (no name) - {4AD56E6F-7074-41EE-8A40-583C2C76EFCD} - (no file)
  O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} -
  O20 - Winlogon Notify: wvuvutr - wvuvutr.dll (file missing)

• Close all open windows and browsers/email, etc...
• Click on the "Fix Checked" button
• When completed, close the application.

-----------------------------------------------------------------------------------

Download the HostsXpert 4.2 - Hosts File Manager.

• Unzip HostsXpert 4.2 - Hosts File Manager to a convenient folder such as C:\HostsXpert 4.2 - Hosts File Manager
• Run HostsXpert 4.2 - Hosts File Manager from its new home
• Click on "File Handling".
• Click on "Restore MS Hosts File".
• Click OK on the Confirmation box.
• Click on "Make Read Only?"
• Click the X to exit the program.
• Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

--------------------------------------------------------------------------

Malwarebytes' Anti-Malware

• Please download Malwarebytes' Anti-Malware from from Here or Here
  
• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. please attach this log with your reply
  • If you accidently close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

-------------------------------------------------------------------

Update your Java Runtime Environment

• First try going to Start -> Control Panel -> double click Java
  
• Select the Update Tab at the top of the Java console
• Click the Check for Updates button at the bottom
• If it finds the newer version (Java 6 Update 7) Follow the on screen instructions (uncheck the yahoo toolbar option)
• After it installs the newest version Go back to Control Panel -> Add/remove programs (programs and features in vista)
• Uninstall any older versions of Java

If for some reason you couldn't update through the above instructions.
Update your Java Runtime Environment

• Click the following link
  Java Runtime Environment 6 Update 7
• The 5th option down is the one you want (click Download)
• Check the box to agree to terms of service
• Check the box for your operating system and click 'Download selected'at the bottom
• After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
• Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_07 folder

----------------------------------------------------------------------------

Now run a fresh scan with hijackthis

Attach here:
1) MBAM log
2) Fresh Hijackthis log

I just got a popup from AVG.
It says:Multiple Threat Detection
Infections list:
C:\system volume
information\_restore{A7E71E0D-2C8D-4DCA-B14A-C0B065D1E3D5}\RP583\A0237872.dll
Threat name: adware generic2.ACBR
detected to open

File name:C:\System Volume Information\_restore{A7E71E0D-2C8D-4DCA-B14A-C0B065D1E3D5}\RP583\A0237873

[ ] Remove threat as Power User

[Remove Threats] [Ignore] [Help]

I don't know if I should remove because of Volume.
What should i do?
Details shows this is malwarebytes. Says there is Trojan on it

yea, a lot of the tools we use can get detected as threats because they access the same files as the malicious programs. Not a big deal - ignore malwarebytes being detected - but let it remove the volume information one - that is your old restore point which we will clear in a little bit

Details said both were MalwareBytes.

ok, then just ignore both - Avast just went through this same thing but I think they already corrected the error - AVG is just a step behind

Okay scan finished,here are the logs.
For the Java uninstalling There is Java 6 update 2
and a Java 6 update 7

ok, good work - uninstall java 6 update 2

Disable AVG realtime protection by right clicking it in the system tray and disabling

Combofix

• Download Combofix to your desktop.
• Double click combofix.exe & follow the prompts.
• A window will open with a warning.
• When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.

Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

Combofix will automatically save the log file to C:\combofix.txt

There is no option for disabling the real time protection.