TechSpot

Trojan.Vundo Virus lo1[1]

By Lobo000
Jun 7, 2007
  1. Hello,

    My Nortin AntiVirus keeps finding a Trojan.Vundo virus for a file called lo1[1]

    This is what my North AntiVirus says:

    Virus Alert

    High Risk

    Norton AntiVirus has detected a virus on your computer.

    Object Name: C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\(this folder here keeps changing each time it finds it)\lo1[1]

    Virus Name: Trojan.Vundo
    Action Taken: Unable to fix file.
    Action Taken: Access to file denied.

    Then when i click on OK, Norton AntiVirus says i have another file with a viurs and says this:

    Virus Alert

    High Risk

    Norton AntiVirus has detected and removed a virus from your computer.

    Object Name: C:\WINDOWS\system32\geeda.dll (the dll file changes each time it finds it)
    Virus Name: Torjan.Vundo
    Action Taken: This file was automatically deleted.

    Then when i hit OK again, it brings up the screen to repair the file or remove it and when i do one of them it tells me to restart computer to complete process, which i do and then i run a full system scan and Norton AntiVirus finds no Viruses on my computer. Then about 15 minutes later, it starts all over again. Its like it removes it for like 15 miniutes and then its found again but in a differant folder. No matter what i do, i can't remove this virus. It keeps coming back. Its like a program or something is making it. The lo1[1] file seems to be the source of the problem. Can you guys help me with this?

    I have attached a copy of HiJackThis log to this.
     

    Attached Files:

  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is infected with a variety of malware.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of Lobo000 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...