RunDLL Issues

[SacredCultivator]

Dear Readers,

Okay after numerous years, I don't know what I was thinking as this hasn't happened to me ever and I haven't used Anti-Virus/Malware for well over 7 years now.

So sadly I misclicked one of the links in the IDM thread and one of the patches was a crazy spyware.

So it installed sooo many things onto my laptop. I was able to get rid of most of them.

Then I ran MalwareByte Anti-Malware and it was able to find nearly 200 more Objects and so I Removed them all ad then after rebooting is when this issue came up.

Whenever I boot up I get these RunDLL pop-up messages that say they are missing an Entry (Registry Entry I assume)

Only have 3 that pop up and it's been a long time but I don't quite know how to go about this to fix it without a Format.

So please advise me and I'll do my best to provide any details needed.

Thank you.

[Ballistic Gelatin]

If you haven't already, run Windows System File Checker. Open a command prompt (be sure to run it as Administrator), then enter:

sfc /scannow

It will take a while, so be patient. Good luck.

[SacredCultivator]

Sadly it said everything is fine.

[dcs18]

The best thing you could try is to restore to an image prior to the infection, if possible.

So sadly I misclicked one of the links in the IDM thread and one of the patches was a crazy spyware.

This is just one of the many other reasons, I avoid patches. :(

[SacredCultivator]

Oddly enough after doing some more Googling I gave 2 other programs a shot;

AdwCleaner and that fixed another issue I had with Firefox

And the 2nd tool; ComboFix.

I think ComboFIx did the trick as I don't get any popup messages at bootup.. but will test tomorrow at work to be sure.

[Chancer]

If all appears well - I would run scannow and Malwarebytes again!

[VileTouch]

it's just a missing scheduled task. either go into the scheduled tasks and delete any invalid ones or clean the registry and startup entries with ccleaner or something. nothing to be worried about.

[jimbojet2011]

Open regedit from the run option

Then search for the missing entry

And delete it

[Ballistic Gelatin]

Open regedit from the run option

Then search for the missing entry

And delete it

But be sure to back up your registry before deleting anything.

[steven36]

Oddly enough after doing some more Googling I gave 2 other programs a shot;

AdwCleaner and that fixed another issue I had with Firefox

And the 2nd tool; ComboFix.

I think ComboFIx did the trick as I don't get any popup messages at bootup.. but will test tomorrow at work to be sure.

Witch patch was it and why did you not report it so they can check and see if its infected ? So others could avoid it.

I been using cracks since the early 2000s and in that whole time Ive downloaded 1 keygen that was really infected . The probability is really low but still there are some bad people and it could happen and has happen . IDM is a good target because its like the most pirated program. there is. :rolleyes:

[SacredCultivator]

All seems clear.

For the Task Scheduler yes I checked there and nothing suspicious was found.

Registry wasn't able to find those strings.

Also for the patch in question seems it's "safe" as people liked said post.

One I'm referring to is This One

[november_ra1n]

All seems clear.

For the Task Scheduler yes I checked there and nothing suspicious was found.

Registry wasn't able to find those strings.

Also for the patch in question seems it's "safe" as people liked said post.

One I'm referring to is This One

I am only guessing you maybe using few nasty download links on solidfiles download side --- Click Direct Download Link and not other fake links! I am on Adguard and brilliantly clean all the fake download link for me only when i disable protection i see those nasty links. See the screenshot below what you need to hit to download safely:

Other good thing even if i mistakenly click the fake download button before download start Kaspersky immediately block without getting infected PC. No bulshitting Kaspersky delivered five star protection over 12 years to me.

xanax is one of the few high reputation member i have know in this forum. Beside i have tried earlier his IDM Patch version it was clean to me.

[macnavarra]

turn system restore off and see if you can delete the infected drive volume information B)

[SacredCultivator]

I am only guessing you maybe using few nasty download links on solidfiles download side --- Click Direct Download Link and not other fake links! I am on Adguard and brilliantly clean all the fake download link for me only when i disable protection i see those nasty links. See the screenshot below what you need to hit to download safely:

Other good thing even if i mistakenly click the fake download button before download start Kaspersky immediately block without getting infected PC. No bulshitting Kaspersky delivered five star protection over 12 years to me.

xanax is

one of the few high reputation member i have know in this forum. Beside i have tried earlier his IDM Patch version it was clean to me.

Meh I didn't see that "Direct Download" so f me in the butt on that mistake. But glad I was able to fix things before it got worse.

And I haven't been too active (in posting) on the forums so most members sorta just go by me and I only know of some members, so reputation-wise I can't say much on xanax. But I'll be more careful in future.

[Holmes]

All seems clear.

For the Task Scheduler yes I checked there and nothing suspicious was found.

Registry wasn't able to find those strings.

Also for the patch in question seems it's "safe" as people liked said post.

One I'm referring to is This One

I meant to post yesterday I didnt have time. I would have suggested combofix its one of the main programs I have in my anti-malware tool set. It doesnt matter if I didnt help you what matters is you got the problem fixed which is good. I recommend you install a anti-virus (which antivirus to use I recommend avast free eset kaspersky bitdefender avast uses gmer technology which is the best anti-rootkit detection there is) and keep malwarebytes as a second opinion scanner also download and update your hosts file:

http://winhelp2002.mvps.org/hosts.htm

Use this one its very good..

`

[SacredCultivator]

Thank you for the advise/suggestions, never really messed with Hosts file, think only time I've touched it was actually for IDM. But shall give it a go whenever I get home from work much later in the day.

[AlienForce1]

If you clicked on the green `Download` instead of `Direct download link` -> here`s why you`ve got such a `nice` infection in your PC :

( idm.6.23.x.retail.u7-patch.rar.exe , Detection ratio: 18 / 55 )