ms32dll.dll.32 virus removal

I have removed ms32dll.dll.vbs from my system with a combination of nod32 and manually deleting registry entries.

I have deleted all instances of autorun.inf.

I did a repair reinstall of xp sp2.

but when i double-click on any drive i still get "can't find ms32dll.dll.vbs" message.

it's driving me crazy !!!
LVL 1
chrisfixitAsked:
Who is Participating?
 
Christopher McKayMicrosoft Network AdministratorCommented:
Have you turned off your system resotre when doing this?

See here for steps to follow in removal:
http://www.symantec.com/security_response/writeup.jsp?docid=2006-112416-3424-99&tabid=3

Hope this helps!

:o)

Bartender_1
0
 
chrisfixitAuthor Commented:
yeah did that, but still same problem. there are NO registry entries containing MS32dll.dll.vbs.

Now however when I double-click on the D: Drive I get there is no file associated with... at least i think that'swhat it saysas its my girlfriends laptop wiuth german windows ;-)
0
 
Asta CuTechnical consultant & graphic designCommented:
Checked start-run-msconfig for start ups to see if something there is calling this?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Asta CuTechnical consultant & graphic designCommented:
Excerpt and link (friend had the same intrusion) .....  but another Expert above also cited a link that may already have helped resolve this (I hope).
RecommendationsSymantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":

Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites.
Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

Writeup By: Kazumasa Itabashi
Source for more: http://www.symantec.com/security_response/writeup.jsp?docid=2006-112416-3424-99&tabid=2

Asta
0
 
chrisfixitAuthor Commented:
thx read that tho' - still no luck ;-(
0
 
Asta CuTechnical consultant & graphic designCommented:
Tried MS Windows Defender, or some of these other tools?
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Security/home
http://www.microsoft.com/athome/security/default.mspx
Get a free safety scan for your computer
Windows Live OneCare safety scanner helps tune up your computer
http://www.microsoft.com/athome/security/update/windows_live_safety_center.mspx?wt.svl=body
0
 
Asta CuTechnical consultant & graphic designCommented:
Malicious Software Removal Tool
Published: January 11, 2005 | Updated: March 13, 2007
http://www.microsoft.com/security/malwareremove/default.mspx
0
 
chrisfixitAuthor Commented:
ok, thanks all - ran bitdefebder online scanner - found another instabce - all's ok now.
0
 
Asta CuTechnical consultant & graphic designCommented:
Thanks for the good news.  Hopefully the next few reboots will still find things resolved.
Best wishes,
":0)  Asta
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.