Please Help with Removal of Infostealer and Downloader

By rudedogz
Jan 31, 2008
  1. Hello,

    I would like to get some assistance with the removal of Infostealer and Downloader if possible. I am working on computer for a friend of mine whose system was running very slow. His anti-virus was out of date and he had no spyware protection. I installed Symantec End-Point Protection, updated it and rebooted into safe mode. I then ran a scan and quarantined or deleted everything it found. I then downloaded and updated Spybot S&D and ran it several times fixing everything it found. I then defragged the system and thought I was done when Symantec Auto-Protected started popping up saying it found Infostealer and Downloader. It says it deleted them but it continues to find them. When I run a full scan with Symantec it doesn't find anything. I have followed all the steps on the Viruses/Spyware/Malware, preliminary removal instructions. I did have a problem getting Combofix to run so per the instructions I ran DSS instead. I have attached the requested log files for DSS, AVG Antispyware and HJT. The Panda Antirootkit scan did not find any thing. I would greatly appreciate any help.
  2. rudedogz

    rudedogz TS Rookie Topic Starter

    I have reattached the HJT Log.

    Sorry but I had run HJT in Safe Mode and posted the log, I looked over the instructions again and realized I should have run it in normal mode. I have run it again in normal mode and attached it. Please advise as to what my next step should be. Thanks.
  3. rudedogz

    rudedogz TS Rookie Topic Starter

    Also appear to have Backdoor.Trojan

    Am I doing something wrong? Is there another means to get help? Syamntec Auto-protect is now finding Backdoor.Trojan. Could someone please give me some assistance?
  4. jobeard

    jobeard TS Ambassador Posts: 9,342   +622

    For sure this is wrong
    O15 - Trusted IP range:
    O15 - Trusted IP range:
    O15 - Trusted IP range:
    O15 - Trusted IP range:
    O15 - Trusted IP range:
    delete these puppies!
    the report-scan-212103.txt has identified and quarantined the suspects!

    Backdoor.Agent.dwh remove the B variant here
    Downloader.Agent.ayj Please use SmitfraudFix to remove this threat.
    this tool may be helpfull
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...