Need help with the virus msvctvrl.dll

Discussion in 'Malware Help (A Specialist Will Reply)' started by bat21, Sep 16, 2007.

  1. bat21

    bat21 Private E-2

    I found that I have the virus msvctvrl.dll

    I have Norton Internet Security and Anti-Virus that does not identify the threat. I have used the scan three times without success. (Does not locate it)

    The virus pops up and states that this file msvctvrl.dll is not found. Reinstall it to fix the problem. I ran an internal search and it was not found. According to a Google search I did, one person posted that it was attached to the file IMM32.dll which I can not find on a scan of my computer as well.

    Is there a way to remove this virus?

    Thanks
     
    bat21, Sep 16, 2007
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Welcome to MG's!

    I will have you run our initial READ & RUN ME but I would first like to get this out of the way.

    This is a trojan that works by code injection into kernel files. We need to replace the infected imm32.dll, which is the tree that contains six dll files including "msvctvrl.dll"'.


    Do you have your Windows XP disc? If so, please follow the below.

    This is assuming you have Windows installed to the C:\ drive and also your CD/DVD Drive as D:\ drive.

    Copy the contents of the below Quote Box to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file copyme.bat and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.) Then double-click on the copyme.bat file on your desktop.

    If you had any problems with the above OR you do not have a WinXP disc please let me know before continuing the next steps.


    http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    • Make sure you check version numbers and get all updates.
    http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

    http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

    http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis
    • Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around..
    http://www.majorgeeks.com/images/grenade.gifWhen you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
    • CounterSpy Log - only for Windows XP, 2K, & NT users
    • AVG Antispyware Log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
    • Bitdefender Log - from step 6
    • Panda Scan Log - from step 6
    • runkeys.txt - the log from GetRunKey.bat
    • newfiles.txt - the log from ShowNew.bat
    • HijackThis Log
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    Last edited: Sep 17, 2007
    bjgarrick, Sep 16, 2007
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds