I-Worm/Luder worm still lurking about

By james_k1988 ยท 4 replies
May 2, 2007
  1. I recently got a worm on my PC called i-worm/luder (was AVG that picked it up). AVG started spamming me with message about how all these random exe files had been corrupted with this worm, and if tried to open any of the exe files it said a message like "Cannot access file,achive or path. Please make sure you have the proper permissions".

    I looked online and saw lots of stuff about i-worm/luder.A and although the name wasnt the same, i tried the same methods to fix it but it didnt work. Also tried other antiviruses (online scanners, prolex (something like that) and avast) but they never even picked it up,was only avg.

    I managed to get AVG working to scan, luckily it never got to the .exe file that launches that. It detected about 388 corrupted .exe files and put em all in quarintine, and i assumed it was all over

    When i got back from the shops earlier, when i got onto the pc i saw a message the same as before saying a random file had been corrupted with i-worm/luder (although it vanished before i could click anything). Once it went away i didnt get any more, and i just done a scan and it found nothing.

    A little afraid that this worm is still lurking about my computer. Has anyone had this thing before or know how to ensure its not on the computer? And even know how the hell it gets onto your pc? (i looked but couldnt find much on this one, just the i-worm/luder.A one). Ive never had a virus thats done anything like this before, that actaully stops the pc running properly. Thanks to the guidelines and instructions on these forums, ive always been pretty clear of spy/adware and all that stuff.

    If someone knows about this bugger please let me know. Cheers
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    This is taken from HERE.

    Once you`ve done that, please post a fresh HJT log as per the instructions HERE.

    Regards Howard :)

    This thread is for the use of james_k1988 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. james_k1988

    james_k1988 TS Rookie Topic Starter Posts: 163

    I used that, was one of the first i found :knock:

    Im at college at the moment so ill get a HJT log when i get home. But i must mention something. Im doing a project at college and i save all my files on my USB 512mb flash drive. Its lately been plugged in often, and this is when ig ot this vorus.

    Normally i wouldnt bother with this but now that i recall, it was when i tried to openthe flash drive the other day there, the system went a bit weird and then said (i think) "Win35 socket has encourered a problem and needs to close" (cant remember exact name unfortinately) and then about 2 mintues later i got this worm.

    I have used a few computers today at colelge and every one i plug the flash drive into i get this message from norton, and i keep getting these even after its cleaned it

    Scan type: Auto-Protect Scan
    Event: Security Risk Found!
    Risk: W32.Whybo!inf
    File: C:\pnp\lan\setup.exe
    Location: Unknown Storage
    Computer: 1327-10
    User: 1327-10\SYSTEM
    Action taken: Clean succeeded : Access allowed
    Date found: 03 May 2007 12:27:36
    Please contact the Helpdesk on 2258

    ANd here is a screen of the other screen im getting from norton


    It is not the same "virus" but is still a bad file nonetheless (it seems). THink i should format the flash drive and backup my stuff. Any thoughts?

    (Although last night when i got that one off message about i-worm/luder the flash drive was not inserted. Just thinking this flash drive may be where it came from, although i dunno how :()

    Will post HJT log when i get home :)
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Yes, you should reformat the flash drive, otherwise it`s going to infect any machine you plug it into.

    Due to what you`ve said, rather than just posting a HJT log, please do the following.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :)

    This thread is for the use of james_k1988 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  5. james_k1988

    james_k1988 TS Rookie Topic Starter Posts: 163

    Sorry for no reply, im still here! :eek:

    I havnt had a chance to run through that yet becuase of what i mentioned before this project. As soon as i get a chance ill do a scan and paste it up. I gotta do this project so i can pass me HND and go in for A+ so its been taking over my life recently :(

    Thanks for the help thus far and ill reply asap once ive got it all done!
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...