Microsoft Security Virus Discussions
 
Linux
(1)
WinSockFix.shtml
(1)
XP
(1)
MoveOnBoot
(1)
Report
(1)
PanHandler
(1)
ExePack
(1)
Winsockfix
(1)

Trojan OD1MID.DLL

Asked By Mingo
04-Jul-07 03:01 AM
Reply
Hello,

I did a scan with "MULTI_AV" and 2 trojan were found. One of the infected
files was delete automatically and the otherone "OD1MID.DLL" is still in the
system.

Is this file part of windows system?

Thank you!

Mingo

-----------------Scan report--------------------------

?  AVPDOS32 Start  03-07-2007 14:26:43


Version 3.0 build 135
Last update: 03.07.2007, 357107 records.

Command line: /- /E /* /MD /MP /Y /Z- /W+=ScanReport.txt C:\
Profile defdos32.prf (from 27.06.2001 03:00:00)

c:\AV-CLS\MULTI_AV.EXE archive: ZIP

...snip..

c:\WINDOWS\AVP.EXE infected: Trojan-PSW.Win32.Maran.gb
c:\WINDOWS\AVP.EXE deleted: Trojan-PSW.Win32.Maran.gb
c:\WINDOWS\HPQ1280H.BMP archive: Tar
c:\WINDOWS\HPQ1280H.BMP Tar: unknown format.

...Snip...

c:\WINDOWS\SYSTEM32\OD1MID.DLL infected: Trojan-PSW.Win32.Maran.gb
c:\WINDOWS\SYSTEM32\SHARE.EXE packed: ExePack
c:\WINDOWS\SYSTEM32\SHARE.EXE packed: Com2Exe

...snip..

Scan process completed.

Result for all objects:

Sector Objects :      0              Known viruses :      2
Files : 163713               Virus bodies :      2
Folders :   2535                Disinfected :      0
Archives :  10809                    Deleted :      1
Packed :    176                   Warnings :      0
Suspicious :      0
Scan speed (Kb/sec) :   1609                  Corrupted :      0
Scan time :  01:23:06              I/O Errors :      0
--------------------------------------------------------------------------------------------

Trojan OD1MID.DLL

Asked By Maximus the Mad
04-Jul-07 03:42 PM
Reply
On 7/4/2007 3:01 AM, Mingo after much thought,came up with this jewel:
...Snip...

...snip..

Try removing with MoveOnBoot.(see removal instructions below)
max
--
My Pages:
Virus Removal Instructions:
http://www.freespaces.com/maxwachtel/removal.html
Keeping Windows Clean:
http://www.freespaces.com/maxwachtel/keepingclean.html
Tools: http://www.freespaces.com/maxwachtel/tools.html
Change nomail.afraid.org to gmail.com to reply. nomail.afraid.org is
specifically setup for USENET.Feel free to use it yourself.
Always remember - only download files from Trusted Sites.
Infections, Spyware, Trojans and Adware. -PanHandler
Registered Linux User #393236

Hello Maximus,I deleted the file OD1MID.

Asked By Mingo
04-Jul-07 09:39 PM
Reply
Hello Maximus,

I deleted the file OD1MID.DLL

Now i'm unable to surf the net, but I can still browse through my network.
Was this file part of IE6?

Thank you for your help.

Mingo



???????:f6gt9m$em2$1@news.albasani.net...
infected
the

That file damages the Winsock layer of XP.

Asked By Sharon Franks
04-Jul-07 10:06 PM
Reply
That file damages the Winsock layer of XP. You need to download Winsockfix
and run it.
http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml



--

Sharon Franks
MCC group
Microsoft Certified Solutions Developer (MCSD)
Microsoft Certified Trainer (MCT).
Trojan OD1MID.DLL
Asked By Peter Foldes
04-Jul-07 10:29 PM
Reply
You need to reload the Winsock which you probably corrupted

http://www.majorgeeks.com/download4372.html

--=20
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

network.=20
jewel:
still in=20
Thank you very much Peter / Sharon Franks for your kind help.
Asked By Mingo
04-Jul-07 10:38 PM
Reply
Thank you very much Peter / Sharon Franks for your kind help. My winsock was
corrupted and now it's fixed.

Regards,

Mingo




You need to reload the Winsock which you probably corrupted

http://www.majorgeeks.com/download4372.html

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
Whoops.
Asked By Peter Foldes
04-Jul-07 11:01 PM
Reply
Whoops. Sorry Sharon I did not see your post when I posted

--=20
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

Winsockfix=20
network.
jewel:
still=20
Trojan-PSW.Win32.Maran.gb
is
Trojan OD1MID.DLL
Asked By Maximus the Mad
05-Jul-07 12:58 AM
Reply
On 7/4/2007 9:39 PM, Mingo after much thought,came up with this jewel:

On my page, just below MoveOnBoot, was a link to the winsock fix.

max
--
My Pages:
Virus Removal Instructions:
http://www.freespaces.com/maxwachtel/removal.html
Keeping Windows Clean:
http://www.freespaces.com/maxwachtel/keepingclean.html
Tools: http://www.freespaces.com/maxwachtel/tools.html
Change nomail.afraid.org to gmail.com to reply. nomail.afraid.org is
specifically setup for USENET.Feel free to use it yourself.
Always remember - only download files from Trusted Sites.
Infections, Spyware, Trojans and Adware. -PanHandler
Registered Linux User #393236
Previous Discussion:  Free virus scanning tool for boot sector and CMOS
Post Question To EggHeadCafe