windows Rundll32.exe bad image

[Kronos]

So I got myself a virus, one that prompts a fake antivirus and wants you to pay to get rid of it. It disabled taskmanager, but only in the user. If you located the taskmgr.exe and ran as administrator it popped right up. So I killed the process and the popup went away. Downloaded avg and ran a scan. Had quite a few Trojans, kryptik.ije mainly. I'm not positive but I think I remember it saying it cleaned up malware from n7oghUzavm.dll. After that all ended I rebooted as prompted. When it finished booting I got a message saying rundll32.exe bad image the application or dll C:\windows\system32\n7oghuzavm.dll is not a valid windows image. Please check this against your installation diskette.

This was replaced by another popup with the same filname n7oghuzavm or something.dll but it was an error about could not be found or something. Regedit was restricted by administrator so I kinda think there's still a bit of the virus on there. But I booted in safe mode and ran regedit. Found the dll for that and deleted on the advice of google. Rebooted and the first error about bad image came back. Now the computer only lasts about 10 minutes before freezing and I have to do a hard reboot.

I read somewhere that you can type in some command that i don't remember. Sc / something or sv/ something and it will ask for xp installation disk. I've got that at my moms house and can try it moro, but I'm wondering if anyone has any ideas on how to solve this. The only thing I've ran is avg and I'm on xp if that's helpful.

 

Thanks

[Jaaa!&]

The first thing I would try is to scan for possible corrupt dll's (Dynamic Link Library) files.

Start>Run> type in SFC /SCANNOW

Have your WinXP CD ready to insert when it asks for it.

 

is what you should do, but i have notes on it somewhere ill look

 

from microsoft

 

Sounds like you’ve system file corruption. As a first step of troubleshooting, I would suggest you to try running a system file checker.

How to use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista

http://support.microsoft.com/kb/929833

 

Sometimes, rundll32.exe could be a form of virus on your computer. So, let us try to perform an online scan on your computer. Visit the link below.

 

Windows Live One Care

http://onecare.live.com/site/en-US/default.htm

 

For your information, please backup all your data to an external hard drive if you’ve one.

[Kronos]

The first thing I would try is to scan for possible corrupt dll's (Dynamic Link Library) files.

Start>Run> type in SFC /SCANNOW

Have your WinXP CD ready to insert when it asks for it.

 

is what you should do, but i have notes on it somewhere ill look

 

from microsoft

 

Sounds like you’ve system file corruption. As a first step of troubleshooting, I would suggest you to try running a system file checker.

How to use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista

http://support.microsoft.com/kb/929833

 

Sometimes, rundll32.exe could be a form of virus on your computer. So, let us try to perform an online scan on your computer. Visit the link below.

 

Windows Live One Care

http://onecare.live.com/site/en-US/default.htm

 

For your information, please backup all your data to an external hard drive if you’ve one.

Thanks for replying

Yeah that was the command. I'll try that one tomorrow when I've got the disks handy.

I saw that microsoft thread, but I wasn't sure if I should try it. It says windows vista and I'm running xp.

[Vanaraud]

1st of all and the most important, try to backup your files\data so it won´t carry on infection.

2nd of all BACKUP ETKEY- saves ur lvl + XP for WOLF:ET

3rd of all backup all data.

And then you´ve got 2 possibilities:

1) AVG may or may not have cleaned your system- so I´ve seen in spybots forum(years ago) some 5 step cleaneing process involveing hijackthis etc antivir progs. Takes loads of time, but scanning with multiple antivirs makes possible that no infected file rally on your PC left. Installing 1 and deinstalling previous. Many antivir in same time worse than nothing.

2) With zerotest and reinstalling OS after backing up data you can be pretty sure nothing is left and saves loads of time

[SkyeDarkhawk]

Other tools you might want to check out:

MalwareBytes, HijackThis, and Autoruns.

 

AVG is junk now a days, you'll want to pick yourself up some new Antivirus software; you might also want to pick up Spybot Search & Destroy for it's immunization features.

When cleaning a computer of infections, you will have to use multiple tools, and reboot the computer several times.

 

Another handy trick, create a new user account while in Safe Mode and try running your scans from that account with Windows booted normally (make sure it's an Administrator account).

[Kronos]

Malware bytes seems to have fixed everything. I used that program a long time ago and it cleared everything up great, but I forgot the name of it lol. Thanks for the help!

[Papito]

Malware bytes seems to have fixed everything. I used that program a long time ago and it cleared everything up great, but I forgot the name of it lol. Thanks for the help!

i did a tuto time ago, you can clean, fix and uninstall that pseudo anti-virus.

[detoren]

You coold run this it always fix my probb and i dont have a antivirus . http://www.surfright.nl/nl/downloads

[NoGooD]

Good to see you got it handled. Just curious how you think you got infected in the first place? If you use firefox, I'd highly recommend the use of ad-on's like NoScript and Adblock Plus. Half the time I surf the web I'm oblivious to those type of ad's/pop-ups. I only realized how bad it was the other day when I turned both of them off for a few hours just to see if they made a difference. They do.

 

Just invest a bit of time allowing the typical websites you visit through the NoScript Fiiters and you won't have to worry about setting them again.