What is mivvx.dll?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I've never had this.

Look:

http://farm1.static.flickr.com/175/422530976_2349564b3a_o.png

This one happened to me only two or three days after I re-installed
(clean install) my XP Pro system.

Right after I login to my account, before my desktop icons loom up, an
error popup window says, Can't access mivvx.dll, access denied.  Or
something like that.  I click the OK button on this popup and then
windows proceed to load my desktop just fine.

I browsed to C:\Windows\System32 and found this perpetrator as shown
in the PNG image above.  My AVG says it is a thread, but was not able
to heal it.

Google turns out no hit.  Is this something new?  Please advise and
let me know how I can get rid of this bad guy.

Thanks.


Re: What is mivvx.dll?


| I've never had this.
|
| Look:
|
| http://farm1.static.flickr.com/175/422530976_2349564b3a_o.png
|
| This one happened to me only two or three days after I re-installed
| (clean install) my XP Pro system.
|
| Right after I login to my account, before my desktop icons loom up, an
| error popup window says, Can't access mivvx.dll, access denied.  Or
| something like that.  I click the OK button on this popup and then
| windows proceed to load my desktop just fine.
|
| I browsed to C:\Windows\System32 and found this perpetrator as shown
| in the PNG image above.  My AVG says it is a thread, but was not able
| to heal it.
|
| Google turns out no hit.  Is this something new?  Please advise and
| let me know how I can get rid of this bad guy.
|
| Thanks.

Just becuase Google doesn't turn up anything mean much except the chances of it
being
legititimate is low.


Please submit a sample of  "mivvx.dll"  to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it.  In addition,
unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN

When you get the report, please post back the exact results.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: What is mivvx.dll?

wrote:
Quoted text here. Click to load it
Davehttp://www.claymania.com/removal-trojan-adware.htmlhttp://www.ik-cs.com/got-a-virus.htm

Thanks.

I've sent mivvx.dll to scan@virustotal.com as an attachment.
Submitting from virustotal web was not successful.

Not sure how long it's gonna take for me to get the result.


Re: What is mivvx.dll?

wrote:
Quoted text here. Click to load it
Davehttp://www.claymania.com/removal-trojan-adware.htmlhttp://www.ik-cs.com/got-a-virus.htm

Here is the result.  It looks like it is not a virus.

Complete scanning result of "mivvx.dll", processed in VirusTotal at
03/16/2007 02:00:07 (CET).

[ file data ]
* name: mivvx.dll
* size: 0
* md5.: d41d8cd98f00b204e9800998ecf8427e
* sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709

[ scan result ]
 AhnLab-V3      2007.3.15.0/20070315    found nothing
AntiVir 7.3.1.43/20070315       found nothing
Authentium      4.93.8/20070315 found nothing
Avast   4.7.936.0/20070315      found nothing
AVG     7.5.0.447/20070315      found nothing
BitDefender     7.2/20070316    found nothing
CAT-QuickHeal   9.00/20070315   found nothing
ClamAV  0.90.1/20070315 found nothing
DrWeb   4.33/20070315   found nothing
eSafe   7.0.14.0/20070315       found nothing
eTrust-Vet      30.6.3481/20070315      found nothing
Ewido   4.0/20070315    found nothing
F-Prot  4.3.1.45/20070315       found nothing
F-Secure        6.70.13030.0/20070315   found nothing
FileAdvisor     1/20070316      found [No threat detected]
Fortinet        2.85.0.0/20070315       found nothing
Ikarus  T3.1.1.3/20070315       found nothing
Kaspersky       4.0.2.24/20070316       found nothing
McAfee  4985/20070315   found nothing
Microsoft       1.2306/20070315 found nothing
NOD32v2 2117/20070315   found nothing
Norman  5.80.02/20070315        found nothing
Panda   9.0.0.4/20070315        found nothing
Prevx1  V2/20070316     found nothing
Sophos  4.15.0/20070313 found nothing
Sunbelt 2.2.907.0/20070315      found nothing
Symantec        10/20070316     found nothing
TheHacker       6.1.6.076/20070315      found nothing
UNA     1.83/20070315   found nothing
VBA32   3.11.2/20070315 found nothing
VirusBuster     4.3.7:9/20070315        found nothing

[ notes ]
Bit9 info:
http://fileadvisor.bit9.com/services/extinfo.aspx?md5=d41d8cd98f00b204e9800998ecf8427e


Re: What is mivvx.dll?



|
| Here is the result.  It looks like it is not a virus.
|
| Complete scanning result of "mivvx.dll", processed in VirusTotal at
| 03/16/2007 02:00:07 (CET).
|
| [ file data ]
| * name: mivvx.dll
| * size: 0
| * md5.: d41d8cd98f00b204e9800998ecf8427e
| * sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709
|

< snip >

size: 0  it was never submitted.
The file handle was held open and the file could not be copied for submission.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: What is mivvx.dll?

wrote:
Quoted text here. Click to load it
Davehttp://www.claymania.com/removal-trojan-adware.htmlhttp://www.ik-cs.com/got-a-virus.htm

OK, I did not realize that.  But then, there is no easy way to submit
it.  Gmail does not allow sending executables, and submitting from
virustotal web also returns "size 0".  Maybe I'll try using Yahoo!
Mail and see what happens.

Will get back to you later.  Thanks.


Re: What is mivvx.dll?



|
| OK, I did not realize that.  But then, there is no easy way to submit
| it.  Gmail does not allow sending executables, and submitting from
| virustotal web also returns "size 0".  Maybe I'll try using Yahoo!
| Mail and see what happens.
|
| Will get back to you later.  Thanks.

No.  The process that loaded it has to be killed first so the file handle is
closed and THEN
it can be submitted.

It also is indicative that this was a righteous call and this a a dowloader
Trojan and AVG
said it was.


Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis_v2.zip

Create a HJT log file and post it in one of the below locations...

{ Please - Do NOT post the HJT Log here ! }

Forums where you can get expert advice for HiJack This! (HJT) logs.

NOTE: Registration is not required in the below before posting a log
http://www.thespykiller.co.uk/forum/?action=forum


NOTE: Registration is REQUIRED in any of the below before posting a log
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.malwarebytes.org/forums/index.php?showforum=7
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security /
http://forums.security-central.us/forumdisplay.php?f=13


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: What is mivvx.dll?

wrote:
Quoted text here. Click to load it
Davehttp://www.claymania.com/removal-trojan-adware.htmlhttp://www.ik-cs.com/got-a-virus.htm


Thank.  I just uploaded the hijackthis log at
http://www.thespykiller.co.uk/forum/?action=forum .

The subject is hijackthis log file. In the message body, I have: Check
the attachment for details. Thanks.


Re: What is mivvx.dll?

On Mar 16, 12:29 am, "antonyliu2...@yahoo.com"
Quoted text here. Click to load it

Look at the following screen snapshot:

http://farm1.static.flickr.com/131/422806116_01861fcff1_o.jpg

This popup occurs right after I login password is accepted by windows
xp and before the desktop icons loom up.  After I click the OK button
of this popup, windows proceed to load the desktop.

I forgot to say in my previous posts:

1.  I am not sure what process is using this mivvx.dll.
2.  I tried booting to safe mode and attempted to delete mivvx.dll.
It was not successful.  Windows says that I cannot delete it because
some other program is using it.


Re: What is mivvx.dll?





| Thank.  I just uploaded the hijackthis log at
| http://www.thespykiller.co.uk/forum/?action=forum .

| The subject is hijackthis log file. In the message body, I have: Check
| the attachment for details. Thanks.


Derek says you do have to Register and post in this Forum...
http://www.thespykiller.co.uk/index.php?board=3.0

You posted in the malware upload forum.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: What is mivvx.dll?

antonyliu2002@yahoo.com wrote:
Quoted text here. Click to load it

In addition to the preferred method, submitting samples to VT and/or
Jotti, you can send samples to AV vendors by email. In most cases, you
want to put the sample in a password-protected archive (zip file) and
attach that to the email. Here is how to send a sample to Kaspersky Labs.

  http://forum.kaspersky.com/index.php?showtopic=13881

You can check with other vendors for similar procedures. In most cases,
you don't have to be a customer in order to submit a file.

Ron :)

Site Timeline