I am trying to fix my parents' computer that has been infected with several nasties including Vundo, prg(ntos.exe), and what Symantec identifies as Looksky, which includes the msvcrl.dll file. I don't have a HJT log with me at the moment, but I can get one and post it. I was hoping someone could give some suggestions concerning this particular file.

When I delete or move the file then IE6 cannot start - it throws an error stating that it is missing msvcrl.dll. Also I've noticed that the task manager does not work properly when this file is not present. It appears to run because the green task manager icon appears in the notification area of the taskbar, however the actual window never appears. If I replace the file and reboot then both IE and task manager work as normal again, but obviously some malicious code execution is occurring.

Can anyone suggest a way that I might remove calls to this dll file from the applications? Should I give up and reformat at this point? Thanks in advance for any advice offered.

10 Years
Discussion Span
Last Post by Copperjohn

I would personally recommend a format and reinstall of Windows due to the number and types of threats you are dealing with.

With that being said, a hijackthis.log would be valuable to determine what other processes are potentially calling this DLL file.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.