(XP SP3)

Right so I was Sending some emails from MS Outlook when suddenly AVG gave me an alert that a program with the name AAX.exe was trying to access the Internet.

I know enough about computers not to allow anything that looks suspicious so I denied access to it. About 1 second later Automatic updates warned me that they were switched off and another alert came from AVG saying that it had found an infected file (AAX.exe).

I transferred it to the virus vault and thought that was the end of it.

It wasn't, I decided to open Firefox and a window appeared saying 'open with' (you all know what one I'm talking about)

So I tried opening it from C/Program Files .... When I pressed My Computer I got a alert box saying that rundll32.exe could not be found. I can't open anything (I mean anything) because it either comes up with the Open With box or xxxx.exe could not be found (xxxx being the program name)

I can't open system restore to restore and perform a scan :confused:

This is the first compromise I've had in a good 2 years aswell.

And if you're wondering how I'm writing this then I'm using Tapatalk so excuse any funny words appearing ;)

Thanks in advance!

Hi.
a friend had the same thing happen last week, he had McAfee security on his windows Xp machine and it got rid of the virus, the following link is to download "Stinger" a fee download from McAfee it is a one off Virus scan with the up to date pattern file as of friday http://www.mcafee.com/us/downloads/free-tools/stinger.aspx give this a try maybe it will work?. if not then i would make sure all imprtant info is backed up and seek help there is a download to re-install the rundll32.exe but depending on how serious the virus is then i may even stop that running. if so then to save days of trying to re-create a system folder a clean install of windows would cure it, but make sure you low level format the hard drive before doing the windows install. i have known viruses survive a windows format! my cousin last year had this.

hope this helps...

I would download, install and update something called malwarebytes (http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button).

Then turn off your computer and turn it back on, when it's just starting up spam the F8 key and boot the computer into safe mode. Run the malwarebytes are remove anything it finds, then also run a full virus scan! (I'd recommend microsoft security essentials for anyone using free products). Once both finished and anything found removed restart your computer as normal! Good luck :)

Thanks guys for your replies,

I got malware bytes to run off my pen drive in safe mode on the administrator account. It found the infection and removed it.

Now that I've removed the infection I still can't open any programs because of the rundll32.exe problem and Open With window :confused:

I think that I full wipe of the system is the only answer as I can't open anything such as Internet. I have everything backed up so it's no problem if I do decide to start again.

Thanks guys for your replies,

I got malware bytes to run off my pen drive in safe mode on the administrator account. It found the infection and removed it.

Now that I've removed the infection I still can't open any programs because of the rundll32.exe problem and Open With window :confused:

I think that I full wipe of the system is the only answer as I can't open anything such as Internet. I have everything backed up so it's no problem if I do decide to start again.

Does is pop up with a window saying run32.dll is missing?

http://www.dougknox.com/xp/file_assoc.htm

Download and run the 9th one down. Exe file association fix!

http://www.dougknox.com/xp/file_assoc.htm

Download and run the 9th one down. Exe file association fix!

Thank you SO much!!! That fixed it! :) Now that that is fixed I'll do a deep scan using AVG and then another scan from Malwarebytes.

Saved that link incase it will come in handy again!!

Thank you again!! ;)

Thank you SO much!!! That fixed it! :) Now that that is fixed I'll do a deep scan using AVG and then another scan from Malwarebytes.

Saved that link incase it will come in handy again!!

Thank you again!! ;)

Where do I sent the invoice :P

Any other problems let me know.