1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Infostealer Snufula.B

System Infected: Infostealer Snufula.B

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects Infostealer.Snifula.B activity which could result in the downloading and executing of files from the Internet on a compromised host.

Additional Information

Infostealer.Snifula.B is a Trojan horse that steals information on the compromised computer and also downloads and executes files from the Internet.

Affected

  • Microsoft Windows 95 SR2
  • Microsoft Windows 98
  • Microsoft Windows 98SE
  • Microsoft Windows ME
  • Microsoft Windows NT 3.5, 4.0 SP6a alpha
  • Microsoft Windows Server 2003 Datacenter Edition Itanium
  • Microsoft Windows Server 2003 Web Edition SP1 Beta 1
  • Microsoft Windows XP Home
  • Microsoft Windows XP Tablet PC Edition SP2

Response

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

Disable System Restore (Windows Me/XP).
Update the virus definitions.
Restart the computer in Safe mode or Safe mode with Command Prompt.
Run a full system scan.
Delete any values added to the registry.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube