Solved rundll32.exe and virus on $recycle.bin

BryanJames16

New member
Member
VIP
Local time
7:01 AM
Messages
78
Location
Philippines
My brother downloaded a virus yesterday. It was now deleted in both C: and recycle bin. I run a smart scan using my antivirus. And it found 4 virus on $Recycle.bin. Also, on the task manager, on the processes tab, there is a foreign process called rundll32.exe. Ending this process does nothing I think. Whenever I right click any process inside the task manager (and in the task bar) the menu hide itself behind the task manager so I can't click any options. Is this some sort of virus or what? How can I delete those virus on $Recycle.Bin? Thanks!

Here's the screenshot:
 

Attachments

  • Report.PNG
    Report.PNG
    21 KB · Views: 22

My Computer My Computer

At a glance

Windows 7 Ultimate 64-bitIntel Mobile Core 2 Duo SP94004.00GB Dual-Channel DDR3 (7-7-7-20)Intel Mobile Intel 4 Series Express Chipset F...
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Ultimate 64-bit
CPU
Intel Mobile Core 2 Duo SP9400
Motherboard
Dell Inc. 0MR506 (Microprocessor)
Memory
4.00GB Dual-Channel DDR3 (7-7-7-20)
Graphics Card(s)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800
Hard Drives
232GB Western Digital WDC WD2500BEVT-75ZCT2 ATA Device (SATA)
Case
Dell
Keyboard
Dell
Mouse
Dell
Antivirus
ESET NOD32 10
Browser
Google Chrome, Mozilla Firefox, Internet Explorer

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
I found some threats but the threat in $Recycle.bin is still there. Is there anything I can do to delete these virus?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 64-bitIntel Mobile Core 2 Duo SP94004.00GB Dual-Channel DDR3 (7-7-7-20)Intel Mobile Intel 4 Series Express Chipset F...
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Ultimate 64-bit
CPU
Intel Mobile Core 2 Duo SP9400
Motherboard
Dell Inc. 0MR506 (Microprocessor)
Memory
4.00GB Dual-Channel DDR3 (7-7-7-20)
Graphics Card(s)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800
Hard Drives
232GB Western Digital WDC WD2500BEVT-75ZCT2 ATA Device (SATA)
Case
Dell
Keyboard
Dell
Mouse
Dell
Antivirus
ESET NOD32 10
Browser
Google Chrome, Mozilla Firefox, Internet Explorer
Try to restore the recycle bin to default using this tutorial:

Recycle Bin Corrupted - Cannot Delete File or Folder

Next, please do the following:


Let see what else is going on here:

1.) Download malwarebytes anti malware found here:

https://www.malwarebytes.org/

Choose the Free version download.

2.) After it downloads, run the installation and install it.

3.) After install, open malwarebytes.

Choose to update now.

picture.php


When your updated, you should see something like this in the screenshot:

picture.php


4.) Then choose to run a scan after updates complete.

picture.php


5.)
After the scan completes, Remove anything found. Restart the computer.

6.) Open malwarebytes. Click the history button.
picture.php


Then Click on application logs.
picture.php


Choose the latest scan log, and click the view button.

picture.php


picture.php


Click on the export button, then choose text file. Save it somewhere.


7.) Post your results by using the paperclip and upload the log.

picture.php
 

My Computer My Computer

At a glance

Windows 10 ProAMD Ryzen 5 2400G Processor with Radeon RX Ve...G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-P...2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
BryanJames16,

Please use the following diagnostic tool. It has a powerful detection mechanism, and may help us get to the cause of your issues:

:info: Please use the Farbar Recovery Scan Tool.
Download: Farbar Recovery Scan Tool Download
Select the version that applies to your system: 64-bit
Save it to your Desktop.
Double-click the downloaded file to run it.

When the tool opens click Yes to the disclaimer.
At the program's console, press the Scan button.

When done, the tool produces a log, FRST.txt, in the same directory from which the tool is run (Desktop).
:ar: Please provide the FRST.txt in your reply.

The first time the tool is run, it also makes another log: Addition.txt
:ar: Also post the Addition.txt in your reply.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
It's now fixed! The recycle bin has now restore to default and the files have been deleted. Thank you :)
 

My Computer My Computer

At a glance

Windows 7 Ultimate 64-bitIntel Mobile Core 2 Duo SP94004.00GB Dual-Channel DDR3 (7-7-7-20)Intel Mobile Intel 4 Series Express Chipset F...
Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Ultimate 64-bit
CPU
Intel Mobile Core 2 Duo SP9400
Motherboard
Dell Inc. 0MR506 (Microprocessor)
Memory
4.00GB Dual-Channel DDR3 (7-7-7-20)
Graphics Card(s)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800
Hard Drives
232GB Western Digital WDC WD2500BEVT-75ZCT2 ATA Device (SATA)
Case
Dell
Keyboard
Dell
Mouse
Dell
Antivirus
ESET NOD32 10
Browser
Google Chrome, Mozilla Firefox, Internet Explorer
What worked for you?

The recycle bin corrupt tutorial?

I Still suggest doing what cottenball and I suggested with the scans to be sure you are clean.
 

My Computer My Computer

At a glance

Windows 10 ProAMD Ryzen 5 2400G Processor with Radeon RX Ve...G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-P...2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Built
OS
Windows 10 Pro
CPU
AMD Ryzen 5 2400G Processor with Radeon RX Vega 11 Graphics
Motherboard
ASRock X470 Master SLI/AC AM4 AMD Promontory X470 SATA 6Gb/s
Memory
G.SKILL Ripjaws V Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM D
Graphics Card(s)
2047MB NVIDIA GeForce GTX 1060 6GB (EVGA)
Sound Card
Motherboard Built in
Monitor(s) Displays
Acer R240HY bidx 23.8-Inch IPS HDMI DVI VGA (1920 x 1080) Wi
Screen Resolution
1920 x 1080
Hard Drives
1TB Sandisk SSD PLUS (Main drive)
500 GB Seagate 7200 RPM (Games)
500 GB Western Digital 7200 RPM (Virtual Machines)
PSU
CORSAIR TX Series TX650M 650W 80+ Gold Modular Power Supply
Case
CORSAIR CARBIDE SPEC-02 Mid-Tower Gaming Case, Red LED Fan
Cooling
220mm, two 120mm, and four 60mm fans
Keyboard
Wired Dell keyboard
Mouse
Wireless Logitech mouse
Internet Speed
250mb down, 30mb up
Antivirus
Panda Cloud Antivirus
Browser
Chrome-ish x64
Other Info
Your awesome for reading this.
Yep well I suggested some too but whether they were down or not I suppose is irrelevant:sarc:
 

My Computer My Computer

At a glance

Desk1 7 Home Prem / Desk2 10 Pro / Main lap A...Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i...Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop...Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Own build (new) Desk1 / Asus ROG Win 7 / Desk2 1st build
OS
Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
CPU
Desk1 i5 3750K / Laptop i7 GTX 860M / Desk2 i5 2500
Motherboard
Desk1 Asus P877-V / Desk2 Gigabyte H67 UD3H / Laptop ?
Memory
Desk1 8GB (1866) / Desk2 16GB (1333) / Laptop 8Gb DDR3
Graphics Card(s)
Desk 1& 2NVidia GTX 650 & Laptops on board Intel
Sound Card
Desk 1 & 2 -XONAR DG Realtek High Def audio Laptop
Monitor(s) Displays
Desk 1 Benq HD 2450 / Desk2 Philips 24" / Laptop 17.5"
Screen Resolution
1920x1080 D1 & D2 & Laptop 1
Hard Drives
Desk1 Samsung 120GB 830 SSD
Asus ROG 256GB 850 Pro SSD
Desk2 Samsung 840 256 SSD
Toshiba 120GB EVO
PSU
Desk 1 Corsair HX 1050/ Laptop ? / Desk 2 Corsair HX 650
Case
Desk 1 Cooler HAF XM ? Toshiba laptop / Desk2 Coolermaster
Cooling
Fans on all Desk1 -2 Desk2 - all Coolermasters 5 Laptop ?
Keyboard
Desk 1 MS Sidewinder X6 Desk 2 MS Sidewinder X 4
Mouse
Desk 1&2 - Gigabyte MS 900 gamer - laptop - Logitec wireless
Internet Speed
ADSL2+
Other Info
One other Desktop (tester) and spare Toshba laptop both with SSD's
Running Kaspersky 2016 ISS on all machines config'd identically
Logitec audio stereo systems on each machine (x3)
Canon MG5250MFC
Router/modem TP-Link running WPA2SK
I agree with andrew. If you are dealing with something like ZeroAccess, it is best to be safe than sorry.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
Back
Top