Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

tinalau313

13 Posts

6444

July 13th, 2007 10:00

Trojan Virus (Infostealer and Infostealer.gampass) detected. Removal help

Does anyone know how to remove this particular virus, Infostealer and Infostealer.gampass? My Norton antivirus detected an entire list of Infostealer .exe threats but was unable to remove or repair any. I tried manually removing it in the system registry and it didn't work (came back after restart)! The infected files were said to be in temporary internet files but is actually all over the place now. I ran a scan using Kaspersky and there's about 1000+ registry errors right now!
 
 
Somehow, the virus was originally from my desktop and when I used wireless, my laptop was infected with the same virus! Is this contangious or what!? my desktop is reformatted and upgraded to windows vista so the problem is solved. However, i tried to reformat my laptop using the system restore and it didn't work. The virus came back so i suppose my system restore is infected! Any tips people? Thanks!

Bugbatter

20.5K Posts

July 13th, 2007 11:00

Try running your Norton Anti-virus in Safemode. Then follow with Super AntiSpyware:
Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Click Close to exit the program.


Let us know if that helps.

tinalau313

13 Posts

July 14th, 2007 08:00

I did that before in safemode and it didn't work :smileysad: I would still have a virus alert popup for the infostealer virus consistently everytime I restart and load windows. Thanks for the tip anyway:smileyhappy:
 
I just spent hours reinstalling the windows operation system for my old xps m140 laptop and now downloading all the required system drivers. I deleted the system restore as well so it should be free of viruses. This virus is sure a killer. Removal is said to be easy but somehow it keeps replicating itself to different .exe threats!

Bugbatter

20.5K Posts

July 14th, 2007 16:00

QUOTE:
"I did that before in safemode and it didn't work"

Please post your log from Super AntiSpyware along with a Hijackthis log on the HijackThis Board, and wait for a trained analyst to reply. A list of analysts along with instructions for downloading Hijackthis is in HOW TO POST A HIJACKTHIS LOG at the top of that board.

View More

View All

No Events found!

Top