• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6025
  • Last Modified:

ms32dll.dll.32 virus removal

I have removed ms32dll.dll.vbs from my system with a combination of nod32 and manually deleting registry entries.

I have deleted all instances of autorun.inf.

I did a repair reinstall of xp sp2.

but when i double-click on any drive i still get "can't find ms32dll.dll.vbs" message.

it's driving me crazy !!!
0
chrisfixit
Asked:
chrisfixit
  • 5
  • 3
5 Solutions
 
Christopher McKayMicrosoft Network AdministratorCommented:
Have you turned off your system resotre when doing this?

See here for steps to follow in removal:
http://www.symantec.com/security_response/writeup.jsp?docid=2006-112416-3424-99&tabid=3

Hope this helps!

:o)

Bartender_1
0
 
chrisfixitAuthor Commented:
yeah did that, but still same problem. there are NO registry entries containing MS32dll.dll.vbs.

Now however when I double-click on the D: Drive I get there is no file associated with... at least i think that'swhat it saysas its my girlfriends laptop wiuth german windows ;-)
0
 
Asta CuCommented:
Checked start-run-msconfig for start ups to see if something there is calling this?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Asta CuCommented:
Excerpt and link (friend had the same intrusion) .....  but another Expert above also cited a link that may already have helped resolve this (I hope).
RecommendationsSymantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":

Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites.
Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

Writeup By: Kazumasa Itabashi
Source for more: http://www.symantec.com/security_response/writeup.jsp?docid=2006-112416-3424-99&tabid=2

Asta
0
 
chrisfixitAuthor Commented:
thx read that tho' - still no luck ;-(
0
 
Asta CuCommented:
Tried MS Windows Defender, or some of these other tools?
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Security/home
http://www.microsoft.com/athome/security/default.mspx
Get a free safety scan for your computer
Windows Live OneCare safety scanner helps tune up your computer
http://www.microsoft.com/athome/security/update/windows_live_safety_center.mspx?wt.svl=body
0
 
Asta CuCommented:
Malicious Software Removal Tool
Published: January 11, 2005 | Updated: March 13, 2007
http://www.microsoft.com/security/malwareremove/default.mspx
0
 
chrisfixitAuthor Commented:
ok, thanks all - ran bitdefebder online scanner - found another instabce - all's ok now.
0
 
Asta CuCommented:
Thanks for the good news.  Hopefully the next few reboots will still find things resolved.
Best wishes,
":0)  Asta
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now