have you checked out this link and then check for the two specific executables.

I have searched for both and found none. Nor could I found any of the listed registry entries.

Well I checked with Intuit and there has been a recent spike in these fraudulent emails starting from back in sept. '09. They have no info on what to do and said that all the major AV companies have been alerted. So far all I can find about snifula.b does not seem to relate to anything currently visible on my machine. Getting frustrated.

Hi Bigfoot

Please run a full scan with the free version of Malwarebytes to see if we can catch this culprit and then please post the log in the forum using the add attachment line.

Download the free version, install and update then run a FULL scan. After the scan completes you should post the logs back to this thread.

You can find Malwarebytes here

http://www.filehippo.com/download_malwarebytes_anti_malware/

It is a safer location to get the program from than malwarebytes themselves because some malware creators have large lists of sites that they block. Please be careful to down load the correct program ----the FREE version of MALWAREBYTES

(Thanks to Delph for providing the alternative site)

Here is the log file from malware, it found the trojan. Will malwarebyte take care of it or is further action required?

Hi bigfoot

You can go into Malwarebytes and tell it to clean up what it found. I would also suggest to uninstall your P2P program you have on your computer. That is a huge source of malware also.It's not what I would consider as practicing safe computing. That folder shows up as infected also.

After you tell malwarebytes to fix it, you can run a full scan with SuperAntiSpyware and see if that picks up anything further. Reboot before you try the SuperAntiSpyware scan.

Here is a free on demand antimalware scanner. It is safe to use on demand with your Norton product.


http://www.superantispyware.com/

After you are cleaned up, I would also recommend removing your restore point and creating a new one.

Thanks floplot, all systems normal. I appreciate your help and the links to the extra software.

Hi bigfoot

I'm glad you got everything cleaned up now and everything is working normally. Would you please mark the post which solved your problem so that everyone will know that the thread has been solved and will be able to find the solution quickly. If you have any other problems in the future, please feel free to come back and open up a new thread. Thanks.

Seems a shame that Norton was identifying an issue as Infostealer and Malwarebytes finds three issues which Norton did not detect in a full scan and none of which were infostealer. We are also unaware as to which of the three issues found by Malwarebytes could have been responsible for the ident of Snifula. I am also not sure that either of the three issues would actually produce a memory trace. Well at least the OP is happy!