Malware rundll32.exe

[Malhorne]

Okay guys,

I spent the half day with this **** for a poor result...
I got a malware that uses the process rundll32.exe you know the little dll of windows.
So sometimes it starts itself and then eat 25% of my UC
All I have to do is to stop the process but it starts again and again >_<

Another problem is that sometimes it close my browser (Chromium (not Chrome)) and open other tabs with publicity ><

Google didn't help me AT ALL so please don't do the classic google it !

Thanks in advance for everybody who try to help.

 

[chobibo]

You on windows? Have you tried using system restore?
Tell us what operating system your computer is running on (xp, vista, 7, 8, etc.)

 

[Malhorne]

Got Windows 7, I can't system restore because I don't have any backup.
Any system restore tool are to pay or useless (at least those I found today).
With what I have done it shows less than before (it was every 2m before ><)

 

[GhostWolf]

Actually google gave all sorts of useful results, but hey, no google.

 

[Malhorne]

^I would like to thank you for the useless comment.

Then, if you at least rode what I wrote what those forums tell is pretty useless for the problem.
The only solution that seemed to work, is the system restore which is impossible as I said earlier. So if you're here to bash for nothing please stop it.

 

[saphiree]

If you have paid anti virus I'm pretty sure you can contact their support for help. Maybe even if it's free, but I don't know.

I would just format my PC, but I don't know how precious your files are to you

 

[Dr Super Good]

Try starting in safe mode. If it is still running then it may have permanently damaged the dll so you may need to reinstall the PC.

 

[gorillabull]

isnt rundll32 in the sys32 folder? if its running from somewhere else you could try to delete it

 

[Daffa]

In this situation, I recommend to backup everything that's necessary and reinstall the PC.

 

[Malhorne]

I can't backup. I think the main problem is that the rundll32 is corrupted from what I saw. There is maybe something more in relation with browser but didn't find yet.

Now the problems are those : sometimes the browser is closed and (not each time ) a tab of pub appears and then on the Task Manager I see rundll32.exe taking 25 per cent of UC.

 

[andreasaspenberg]

in that case i suggest finding a version that isnt corrupted and simply installing that.

 

[Malhorne]

I didn't find it :/
Anyway thanks for trying

 

[andreasaspenberg]

maybe i can give you a copy of one of mine but then i need to know what system you are running.

 

[Malhorne]

No don't give copy ^^'
I don't think it will work

I'm using Windows 7 as I said but I never checked updates and anything ^^'

 

[andreasaspenberg]

it should work but, you might have to install it from dos. i dont really know how to get dos working in windows 7 so, when you find it out i can provide the file.

 

[Malhorne]

OK thanks for your help I'll ask you if I find a way !

 

[Velmarshal]

Did you try to boot a linux LiveCD? I used to use it to clean all sorts of pests and in the worst case, backup the data before I do a complete wipe and a fresh install. In my experience with infections windows safe mode rarely helps, and system restore never does (I even turned it off so it doesn't waste 10Gb of SSD space).
Same thing goes for infected USB sticks, always format them on a linux PC. There aren't many crossOS infections, yet.

 

[Malhorne]

I don't know how to wipe problems with booting linux live ^^
I got one but don't know how to use this :/
But as I said the problem isn't very boring since chobibo helped me, because only the dll is corrupted and sometimes run but my browser never got close anymore xD

 

[Velmarshal]

You do it the same way like when you want to reinstall the system from a cd, except instead of choosing install select live cd boot. Then it just boots linux from the cd without touching your hdd.
But its understandable if you dont want to fiddle around with it.

 

[Malhorne]

I got a USB bootable on linux.
But I don't know how to clean the problems while on linux xD

 

[Velmarshal]

You can try uploading the exe here to check what it is: https://www.virustotal.com
Tried scanning it with Malwarebytes?
For cleanup on linux, i usually delete all the infected files which were previously found by my antivirus or malwarebytes. But rundll32.exe ia a system file so you should scan it first on virus total and malwarebytes just to be sure.

 

[Malhorne]

Okay thanks for your help I'll try to see this later

 

[Statharas]

No don't give copy ^^'
I don't think it will work

I'm using Windows 7 as I said but I never checked updates and anything ^^'

Deposit your dll for a file check
https://www.virustotal.com/

 

[Rui]

I doubt any software foreign to your computer can help you getting a system restore. After all, it's your data. If you don't have a backup in your disk, then no one does.

Good luck solving the problem, I know what it's like when you have an issue such as this. =(

 

[andreasaspenberg]

if you get linux running then you can possibly replace the file through that. my offer to provide you the file still stands.

 

[Malhorne]

Yes but I don't know how to replace files with linux that's the matter xD !
Anyway thanks everyone for trying to help !

Deposit your dll for a file check
https://www.virustotal.com/

It shows nothing suspicious.

 

[andreasaspenberg]

i could try to find it out for you if you want.

 

[Malhorne]

If you find something by luck I'd be glad you to share the link