Losfondup? - what is this?

NOD 5.0.95 has just begun finding randomly-named .dat files in my XP Pro 'C....\All Users\Application Data' folder. It tells me that the threat is 'W32/Losfondup.D Trojan'. Each time it says the infected file has been quarantined.

Sure enough, a visit to the Quarantine folder reveals numerous .dat files, with exotic names like 'rimrim124zxcb3.dat' and 'd413jmj65.dat'.

Incidentally, I emptied the folder of 40-odd listings about five minutes ago - there are now 10 new ones there. Ooops - now there's eleven.

Naturally, I've run several full NOD scans of C-drive but it's finding nothing.

Googling for 'Losfondup' doesn't seem to find any genuinely relevant info. Only NOD seems to know enough about it to tell me it's bad!

Well, that's a start. But I'd rather NOD eradicated the durn thing. Anyone able to help with this?

 

I'd suggest contacting Customer care and providing them with an ESET SysInspector (ESI) log for perusal. Alternatively you can email the ESI log along with a reference to this thread to samples[at]eset.com.

 

Virus signature file 6781 cites: Win32/Losfondup.D, therefore, you should have protection. You may also try a scan in safe mode to submit to ESET for analysis.

 

Marcos and Siljaline - thanks for your comments. I'll do the Safe Mode scan now. I've never submitted the results of a scan of this type (or any other, come to that ). Can someone explain just how that's done, please?

Incidentally - I have a hunch that the trouble might have started when I downloaded a link to an interactive London Underground Tube map. It's here: traintimes.org.uk/map/tube
I may be maligning the guy, but I'm sure the problem wasn't there before I started using the map.

Cheers


Oh, BTW: NOD was finding the data files alright. But isn't that shutting the door after the nag has bolted? I thought that if NOD was armed well enough to find Losfondup's output, it would also find its source files..?