W95/Spaces.1445 and worm/datom virusses

From: Jester2k (contact_at_jester2k.co.uk)
Date: 06/12/03

Next message: Brett Flanagan: "New user set-up problems"
Previous message: Craig O'Grady: "Windows XP Pro - User Profiles"
In reply to: Trevor: "W95/Spaces.1445 and worm/datom virusses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 12 Jun 2003 04:23:05 -0700

These 3 files ARE the virus
(http://www.lhric.org/netwrk/virus/d/datom.html) Let AVG
delete them they serve no other legitment purpose on you
r PC.

>From the link above

W32.Datom.Worm exists as three files:

Msvxd.exe
Msvxd16.dll
Msvxd32.dll

These files are located in the %Windir% folder.

NOTE: %Windir% is a variable. The worm locates the
Windows main installation folder (by default this is
C:\Windows or C:\Winnt) and copies itself to that
location.

The tasks in each file have likely been separated in an
attempt to avoid heuristic detection:
Msvxd.exe simply runs Msvxd16.dll.
Msvxd16.dll adds a reference to Msvxd.exe to the registry
and then runs Msvxd32.dll.
Msvxd32.dll enumerates network shares and copies all
three files to those shares into the %Windir% folder and
adds a reference to Msvxd.exe in the Run= line in
Win.ini.

Regards

Jester2K
www.jester2k.co.uk

>-----Original Message-----
>The above two virusses have logged themselves into/onto
>the following to the following three files on my
computer
>and my anti-virus program connot remove the virus or
heal
>the files. (AVG Anti-virus):
>
>c:\WINDOWS\MSVXD32.DLL
>C:\WINDOWS\MSVXD16.DLL
>C:\WINDOWS\MSVXD.EXE
>and their restore files.
>
>AVG recommends that the files be qaurentined and deleted
>but I am sure this will create major problems for me.
>
>Can anyone help with this little monster in my computer
>before it starts it's path of distruction?
>
>Thanks
>
>.
>

Next message: Brett Flanagan: "New user set-up problems"
Previous message: Craig O'Grady: "Windows XP Pro - User Profiles"
In reply to: Trevor: "W95/Spaces.1445 and worm/datom virusses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Search doesnt find folder
... An AVG virus scan showed three trojans, all located in a folder and its subfolders on my E: ... When I used XP's Search function to find crack.exe, it found an occurrence, but not on either of the hard drives or their partitions, and it didn't appear on my desktop. ...
(microsoft.public.windowsxp.general)
Re: A virus which Im having incredible removing
... > I have the reccomended AVG free virus remover from Grisoft. ... information folder. ... You can use DOS and ...
(microsoft.public.security.virus)
Re: TURN OFF EMAIL SCANNING (was Re: Do not turn off email scanning)
... I have been using AVG version 6 for the last year and have had excellent ... Have never had a problem with the virus vault whatsover. ... | AVG not only checked that folder but the folder above it as well. ... |> Move the infected file to an INFECTED folder. ...
(microsoft.public.windows.inetexplorer.ie6_outlookexpress)
Re: Is this really a Worm?
... may be left-over files from a virus that AVG had previously cleaned. ... Folder in Program Files is empty, ...
(microsoft.public.windowsxp.general)
Re: Trojan horse Downloader.Generic.ML
... I would also download and run HiJackThis and post your results to one ... 'restore as' in AVG continues to hang. ... >> AVG 718 06.14.2005 no virus found ... >>> Yes but then there's that sudden detection that appears NOT to>>> correspond to any event related to that theory. ...
(comp.security.firewalls)