Rundll32.exe Application Error

By TheNoob101
Jul 28, 2008
Topic Status:
Not open for further replies.
  1. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Okay thanks for helping. I am using Zonealarm firewall.I have avg antivirus free,SUPERantispyware, and spyware doctor
  2. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    one thing we may try is right click on the zone alarm icon in system tray -> restore zone alarm -> find the program in the list and make sure there is green checks next to it
  3. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Yep there are.
  4. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Lets look at a few things - I just had an idea

    Highjackthis Instructions
    • Make sure you have the LATEST version of HJT (currently v2.0.0.2) it can be downloaded from HERE
    • Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
    • After installing, the program launches automatically, select Scan now and save a log
    • After the scan is complete please attach your log onto the forums using the paper clip icon above your reply.
  5. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Here is the log.
  6. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    I'll start putting some instructions together - this is my specialty - you have some malware on there. Don't know if it will completely solve the problem, but at least I can get you clean
  7. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Okay,thanks ill wait for it to come.
  8. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Remove bad HijackThis entries
    • Run HijackThis
    • Click on the System Scan Only button
    • Put a check beside all of the items listed below (if present):

      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O1 - Hosts: 72.18.196.155 www.webcheats.com.br
      O1 - Hosts: 72.18.196.155 webcheats.com.br
      O1 - Hosts: 72.18.196.155 www.cheatsbrasil.com
      O1 - Hosts: 72.18.196.155 cheatsbrasil.com
      O1 - Hosts: 72.18.196.155 www.cheatsbrasil.com.br
      O1 - Hosts: 72.18.196.155 cheatsbrasil.com.br
      O1 - Hosts: 72.18.196.155 www.bothack.net
      O1 - Hosts: 72.18.196.155 bothack.net
      O1 - Hosts: 72.18.196.155 www.cheatstotal.net
      O1 - Hosts: 72.18.196.155 cheatstotal.net
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O3 - Toolbar: (no name) - {4AD56E6F-7074-41EE-8A40-583C2C76EFCD} - (no file)
      O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} -
      O20 - Winlogon Notify: wvuvutr - wvuvutr.dll (file missing)
    • Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.

    -----------------------------------------------------------------------------------

    Download the HostsXpert 4.2 - Hosts File Manager.
    • Unzip HostsXpert 4.2 - Hosts File Manager to a convenient folder such as C:\HostsXpert 4.2 - Hosts File Manager
    • Run HostsXpert 4.2 - Hosts File Manager from its new home
    • Click on "File Handling".
    • Click on "Restore MS Hosts File".
    • Click OK on the Confirmation box.
    • Click on "Make Read Only?"
    • Click the X to exit the program.
    • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

    --------------------------------------------------------------------------

    Malwarebytes' Anti-Malware

    • [​IMG] Please download Malwarebytes' Anti-Malware from from Here or Here
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to
      • Update Malwarebytes' Anti-Malware
      • and Launch Malwarebytes' Anti-Malware
    • then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform full scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. please attach this log with your reply
      • If you accidently close it, the log file is saved here and will be named like this:
      • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

    -------------------------------------------------------------------

    Update your Java Runtime Environment

    • [​IMG]First try going to Start -> Control Panel -> double click Java
    • Select the Update Tab at the top of the Java console
    • Click the Check for Updates button at the bottom
    • If it finds the newer version (Java 6 Update 7) Follow the on screen instructions (uncheck the yahoo toolbar option)
    • After it installs the newest version Go back to Control Panel -> Add/remove programs (programs and features in vista)
    • Uninstall any older versions of Java

    If for some reason you couldn't update through the above instructions.
    Update your Java Runtime Environment
    • Click the following link
      Java Runtime Environment 6 Update 7
    • The 5th option down is the one you want (click Download)
    • Check the box to agree to terms of service
    • Check the box for your operating system and click 'Download selected'at the bottom
    • After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    • Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_07 folder

    ----------------------------------------------------------------------------

    Now run a fresh scan with hijackthis

    Attach here:
    1) MBAM log
    2) Fresh Hijackthis log
  9. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    I just got a popup from AVG.
    It says:Multiple Threat Detection
    Infections list:
    C:\system volume
    information\_restore{A7E71E0D-2C8D-4DCA-B14A-C0B065D1E3D5}\RP583\A0237872.dll
    Threat name: adware generic2.ACBR
    detected to open

    File name:C:\System Volume Information\_restore{A7E71E0D-2C8D-4DCA-B14A-C0B065D1E3D5}\RP583\A0237873

    [ ] Remove threat as Power User

    [Remove Threats] [Ignore] [Help]

    I don't know if I should remove because of Volume.
    What should i do?
    Details shows this is malwarebytes. Says there is Trojan on it
  10. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    yea, a lot of the tools we use can get detected as threats because they access the same files as the malicious programs. Not a big deal - ignore malwarebytes being detected - but let it remove the volume information one - that is your old restore point which we will clear in a little bit
  11. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Details said both were MalwareBytes.
     
  12. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    ok, then just ignore both - Avast just went through this same thing but I think they already corrected the error - AVG is just a step behind
  13. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Okay scan finished,here are the logs.
    For the Java uninstalling There is Java 6 update 2
    and a Java 6 update 7
  14. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    ok, good work - uninstall java 6 update 2

    Disable AVG realtime protection by right clicking it in the system tray and disabling

    Combofix
    • Download Combofix to your desktop.
    • Double click combofix.exe & follow the prompts.
    • A window will open with a warning.
    • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
    Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

    Combofix will automatically save the log file to C:\combofix.txt
  15. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    There is no option for disabling the real time protection.
  16. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    what about resident sheild
  17. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Yep ill turn that off
    BTW Uninstalling the Java 6 update 2 thing cant it says fatal error and didnt remove it
    It says:Internal error 2753. RegUtils

    Another popup says Fatal error during installation.

    Also after opening Combofix spyware doctor blocked it saying there is a trojan.
    Another popup comes it says:Windows cannot open file:pV.cfexe
    To open this, windows needs to know what program created it.Windows can go online to look for it automatically, or you can manually select from a list of programs on your computer.
    [ ] use web to find
    [ ] choose from list
  18. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

     
  19. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Where do i find microsoft installer cleanup utility
  20. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Just click the link to it that i provided and it should pop up for you to save it to your desktop
  21. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Ok, I installed it. Now what? <- sorry for asking i'm really dumb at this
  22. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    it's been a while since I used it - let me download it too, and I'll give you instructions in a sec
  23. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Alright thanks =D
  24. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    First you double click the installer -> close all open windows-> follow the prompts to install -> if vista you may need to right click and select run as admin instead -> select you agree to the license terms -> click Next -> yes you are ready -> Finish


    Then navigate to C:\Program Files\Windows Installer Cleanup Utility\msicuu.exe <- doubleclick on this file
  25. TheNoob101

    TheNoob101 Newcomer, in training Topic Starter Posts: 50

    Okay all done.Do I proceed with Combofixer?
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.