Infostealer.Snifula.B

Detected by Symantec

Infostealer.Snifula.B is threat that aims on stealing information from the compromised computer. This is a detection given by Symantec or Norton to name this specific type of malware. Just like any other data-gathering malware, this threat was made to steal user name, password, online credentials, or any desired data as arranged on its code. Other than that, Infostealer.Snifula.B also records hardware and software data, installed programs, and security setup on the infected PC.

Threat behavior

Installation

Normal routine to deploy a copy of Infostealer.Snifula.B includes spam email messages. It is sent as a misleading letter from a known person, company, or institution. Body of the email may contain messages that intend to draw user's attention into executing attached file.

Compromised web sites that will redirect users to Infostealer.Snifula.B location is reported as another method used by attacker to propagate this malware. Plagiarize software, serial key-generator, and misleading online advertisements are also used to drop a copy of Infostealer.Snifula.B.

Payload

When executed, Infostealer.Snifula.B will create files under Windows folder. In addition, it will arrange a start-up process by injecting registry entries without user's notice. This threat constantly connects to a remote server in order to download more malware.

Changes are also made to Windows firewall to allow network traffic that is required for Infostealer.Snifula.B to send gathered data to a remote computer. Running processes that are relevant to security software will also be disabled by this threat to avoid detection and removal.

Symptoms

Due to the ways and means of Infostealer.Snifula.B to work silently, there may be no obvious symptoms. Symantec anti-virus software may send an alert if it able to identify the threat at it tries to enters the system.

How can you remove Infostealer.Snifula.B?

To totally remove Infostealer.Snifula.B from the computer and get rid of relevant virus and trojan, please execute the procedures as stated on this page. Make sure that you have completely scan the system with suggested malware removal tools and virus scanners.

First step: Scan the computer with Norton Power Eraser

1. Download Norton Power Eraser from the link below. Save the file on your hard drive.

NPE Download Link (this will open on a new window).

2. Once the download completes, double-click on the file NPE.EXE to run the program.

3. You will be prompted with End User License Agreement. Please click on Accept to continue.

4. Norton Power Eraser will check for the most recent version. Then, the main window will appear. Click on Scan for Risks to the scan and removal process for Infostealer.Snifula.B.

NPE-Main

5. By default, Norton Power Eraser was configured to perform rootkit scan. This is essential to get rid of Infostealer.Snifula.B or other relevant malware. To accomplish this, you will need to restart the computer. Please click Restart button.

NPE-Rootkit

6. After restarting Windows, the program will check for possible database update and then, proceeds with the scan. It may take a while, please wait for the scan process to complete.

NPE-Scanning

7. Once scanning is done, Norton Power Eraser will display a list of threats including Infostealer.Snifula.B. Review identified threats and remove/repair them from the PC by clicking on Fix Now button.

8. If you are prompted to restart the computer in order to complete the virus removal process, please click on Restart Now.

Second step: Run Sophos Virus Removal Tool

1. Download Sophos Virus Removal Tool from the link below. Save the file to your Desktop so that we can access the file easily.

2. After downloading, navigate to the file location and double-click it. This will start the instllation procedure. User Account Control will prompt if you want to run the program, click Yes to continue.

3. On initial launch of the program, it will display a Welcome Screen as shown in the image below. Click Next to start the installation procedure.

sophos-welcome

4. Next, you need to accept the license agreement before Sophos Virus Removal Tool can be installed onto the computer. Choose 'I accept the terms in the license agreement'. Then, click Next button.

sophos-license

5. On the next prompts, please click appropriate button to proceed. At the end of the installation process, it will display InstallShield Wizard Completed. Just leave the Launch Sophos Virus Removal Tool with a check mark. Then, click Finish.

6. The tool will download necessary updates so Internet connection is required at this point. Lastly, Sophos Virus Removal Tool displays the welcome screen.

7. Click on Start Scanning button to begin checking the system for presence of rootkit and virus. The tool reveals items that were found linked to Infostealer.Snifula.B. It also detects and removes other malicious files.

sophos-startscan

2 thoughts on “Infostealer.Snifula.B

  1. sam_u

    For me norton power earser didn’t find infostealer-snifula-b. What should I do?

Leave a Reply

Your email address will not be published. Required fields are marked *