Variant: Infostealer.Spunst
Operating Systems Affected: Windows 2000, Windows 9x, Windows Me, Windows NT, Windows Server, Windows XP, Windows Vista, Windows 7
Infostealer.Spunst is a Trojan horse that is primarily designed to steal personal confidential information on a compromised computer.
A Trojan horse, or Trojan, is a malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user’s computer system.[source: Wikipedia]
Step by step manual removal guide:
• Temporarily disable system restore (Windows ME/ XP) Click Start, right-click My Computer then click Properties. Click the System Restore tab, select Turn off System Restore or Turn off System Restore on all drives check box. Click OK.
• Reboot and login under safe mode with networking – While booting, press and hold the F8 Key.On the Windows Advanced Options Menu use arrow keys to move and choose Safe Mode with Networking then press Enter key.
• Show hidden files and folders - Open my computer, click folder options and choose view tab. Tick show hidden files and folders, untick hide protected operating system files.
• Navigate and delete Infostealer.Spunst infected files:
%UserProfile%\Application Data\colectinf.tag
%UserProfile%\Application Data\dllcache32.exe
• Navigate and delete Infostealer.Spunst registry added value: Start → run → type regedit
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”NoDriveTypeAutoRun” = “dllcache32.exe”
{Disclaimer: Registry modification is done at your own risk. Backup the registry before making any changes!}
• Re-enable system restore (Windows ME/ XP) - Click Start, right-click My Computer, then click Properties. Click the System Restore tab, clear the Turn off System Restore or Turn off System Restore on all drives check box.Click OK.
• Update AV definition files
• Run Anti-Virus full system scan
• Restart and boot under normal mode