I have balloons popping up 10 times per hour, about onlinegame.infostealer being blocked.

But it won't delete it? Wtf?

http://img822.imageshack.us/img822/6710/106201051929am.png

Moved to own thread for better exposure.

zueff:

Do not run the Norton Power Eraser.  It may be dangerous for your system.  Infostealer was often one of the names of a rootkit infection.  If the NPE finds a problem, its only option is to delete it, which causes serious problems if it involves a windows system file.

Please click on the downloader entry and let us know the path.  Is it blocked from running on your machine or blocked from entering your machine.  Do the same thing with the trojan.  It is best to find out what it is first.

@yogesh_mohan

Norton 360 found a trojan: OneG838208.exe

http://img268.imageshack.us/img268/3075/107201041723am.png

Norton Power Eraser found a suspicious file: 1075268j08.dll

http://img683.imageshack.us/img683/9441/107201043623am.png

@delphinium

It's a trojan according to this page:

http://xinyu8.5d6d.com/thread-15480-1-1.html

I got over 10 OneG*.exe's hanging in Temp and not being deleted.

What should I do next?

Restart the computer in Safe Mode, and run a full system scan with Norton 360. Fix the threats it detects, and clear the Windows Temporary Files. Run NPE again and check if it detects anything suspicious.

Yogesh

Do you communicate via QQ or Baidu? These instructions are available ona Baidu forum.

Baidu forum

  1. Need to manually delete the two files, one is C: \ Documents and Settings \ makv \ Local Settings \ Temp \ CD plus the number. Exe that file, one is C: \ WINDOWS \ system32 \ kav.exe.