I recently downloaded Avast after finally getting around to adressing my expired Norton.
First run I do, this wonderful facility finds a ton of viruses (mostly Trojans) on my laptop, including a nasty Win32:Goldun-HB[Tri] located in a file in the system32 folder of Windows. Unfortunately, ever since I quaranted this Msvcrl.dll, Internet explorer refuses to launch claiming it needs this file to work. (I am using Firefox since)
Now, I actually like firefox, but it has its fair share of limits from not being the mainstream browser. I have done my fair share of hunting around and more or less come to the same conclusions; the only way to get IE to work again is to reinstall it.
If the following sounds ridiculous, just humour my ignorane please. My version of windows came installed on the laptop, I don’t have the Windows CD; all I have is a recovery CD that is supposed to put the computer back to its factory state. I don’t have enough backup memory on my external hard drive to save everything on my laptop, so I would prefer not to wipe my hard drive if possible.
3 questions :
Is there anything else I can do other than reformat my drive if I want to get back IE?;
Am I being overcautious in assuming that you can’t choose which components you want to reinstall from the CD
Is there anything else I should need to know or can I keep assuming that recovering IE is my only problem?
ps : if its possible to avoid downloading hijack this I’d appreciate it. I’m lost as it is…
You can download it at Microsoft site and (re)install it.
You can’t select to install only IE from Windows, but you can overinstall all Windows and you won’t lose your programs, settings, data, files, etc. Just choose ‘Repair’ installation of Windows and install ‘over’ the old installation.
Tech, I quarantined it with Avast, my Norton was too old to pick it up apparently. I’ll check out the Microsoft site a little more closely now that I have some guidelines.
DavidR, from what I’ve seen its a Trojan that modifies the IE executable file and then arranges things so that it can’t run without the trojan in question being available.
I’ll check out the topic and I’ll let you know what comes of it.
If you still have “my Norton was too old to pick it up apparently,” installed on your system it should be uninstalled.
Having two resident scanners installed is not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable.
You may also need to run another tool to remove remnants, depending on the version you have. So what version of NAV do you have.
Can you restore it to a temporary folder and submit it to: Virustotal (best) Jotti
There is also Kaspersky File Scanner (The file should not be larger than 1 MB).
msvcrl.dll Manual Detection
Below are manual removal instructions for msvcrl.dll so you can remove the unwanted file from your PC. Always be sure to back up your PC before you modify anything.
Step 1: Use Windows File Search Tool to Find msvcrl.dll Path
Go to Start > Search > All Files or Folders.
In the “All or part of the the file name” section, type in “msvcrl.dll” file name(s).
To get better results, select “Look in: Local Hard Drives” or “Look in: My Computer” and then click “Search” button.
When Windows finishes your search, hover over the “In Folder” of “msvcrl.dll”, highlight the file and copy/paste the path into the address bar. Save the file’s path on your clipboard because you’ll need the file path to delete msvcrl.dll in the following manual removal steps.
Step 2: Use Windows Command Prompt to Unregister msvcrl.dll Files
To open the Windows Command Prompt, go to Start > Run > type regedit and then click the “OK” button.
Type “cd” in order to change the current directory, press the “space” button, enter the full path to where you believe the msvcrl.dll DLL file is located and press the “Enter” button on your keyboard. If don’t know where msvcrl.dll DLL file is located, use the “dir” command to display the directory’s contents.
To unregister “msvcrl.dll” DLL file, type in the exact directory path + “regsvr32 /u” + [DLL_NAME] (for example, :C\Spyware-folder> regsvr32 /u msvcrl.dll.dll) and press the “Enter” button. A message will pop up that says you successfully unregistered the file.
Step 3: Detect and Delete Other msvcrl.dll Files
To open the Windows Command Prompt, go to Start > Run > cmd and then press the “OK” button.
Type in “dir /A name_of_the_folder” (for example, C:\Spyware-folder), which will display the folder’s content even the hidden files.
To change directory, type in “cd name_of_the_folder”.
Once you have the file you’re looking for type in del “name_of_the_file”.
To delete a file in folder, type in “del name_of_the_file”.
To delete the entire folder, type in “rmdir /S name_of_the_folder”.
Select the “msvcrl.dll” process and click on the “End Process” button to kill it.
This tool should remove any remnants of NAV 2005, it is a program removal tool that can remove the remnants of a number of different Norton Programs: Removing your Norton program using SymNRT