Solved

Need help removing Trojan.Pandex from Windows XP SP3

Posted on 2008-10-02
11
1,098 Views
Last Modified: 2013-12-09
Hi,

I have tried unsuccessfully to remove Trojan.Pandex using the following programs:
Spybot, AdAware 2007, Symantec Endpoint 11 client, AVG, SuperAntiSpyware.  Is there some kind of removal tool for this trojan?  I checked with Symantec's website and basically all it says is turn off system restore, update pattern file, run virus scan in safe mode, which I have done.  Still no luck.  I am in desperate need on how to fix as 2 of our executives systems are infected.  I appreciate your help with this.
0
Comment
Question by:jmattson30
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +3
11 Comments
 
LVL 16

Accepted Solution

by:
speshalyst earned 100 total points
ID: 22625668
try downloading the SmitFraud removal tool. Google shud give u a download link..

Follow the instructions and hopefully it'd clear out the infection
0
 
LVL 27

Assisted Solution

by:David-Howard
David-Howard earned 100 total points
ID: 22625774
I've read of removal success using Kaspersky. It's free.
HOW TO REMOVE Trojan.Pandex!inf :
1. Temporarily disable System Restore (Windows Me/XP).
Disable System Restore by:
1. On the Desktop, Right Click on My Computer
2. Select the System Restore Tab
3. Mark the "Turn Off System Restore" to disable and UnMark to Enable
4. Click Apply on the Bottom of the Dialog Box to save the settings.
5. A message "This deletes all existing restore points" will appear, click Yes to disable.
6. Click OK.
Note: You must have an Administrator Privilege to be able to disable System Restore on Windows XP.
2. Download Kaspersky AntiVirus Personal Edition (Trial) and save it to a desired location on your Hard Drive.
3. After downloading, browse where the file was saved and double click to install it.
4. After installation, connect to internet and download all necessary updates.
5. Reboot your computer in SafeMode [how to]
6. Run Kaspersky and do a full scan of your computer. Delete all infected files.
0
 
LVL 8

Assisted Solution

by:eXpeLLeD_4RM_heLL
eXpeLLeD_4RM_heLL earned 100 total points
ID: 22626301
Download Superantispyware from www.superantispyware.com, update your definition files and run a scan.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 

Author Comment

by:jmattson30
ID: 22626437
Hi eXpeLLeD,

I had already tried this as mentioned in my question.  Please let me know if there are any removal tools for this virus or an exceptionally effective anti-virus program/anti-spyware.
0
 
LVL 20

Assisted Solution

by:IndiGenus
IndiGenus earned 100 total points
ID: 22626515
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Click on "Do a system scan and save a log file" button. Post the text from the log file. Do not have HJT fix anything at this point.

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 22626526
We'll probably be looking at running something like combofix, or potentially MalwareBytes' Anti-Malware if not too bad.
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 100 total points
ID: 22627777
Yes, a HijackThis logfile would be very useful, the analysis of which would help us decide which tool to use against the Trojan.Pandex.  This free, easy to use tool is also known to remove Trojans>

a-squared Free:
http://www.emsisoft.com/en/software/free/
0
 

Author Closing Comment

by:jmattson30
ID: 31502437
Hi Everyone,

I tried 5 different well known programs such as spybot, SuperAnti Spyware, Symantec, AVG,  and was not able to clean entirely off the system.  I just went ahead and re-built the system after backing up data after ensuring that data was not affected.  Since you all had good suggestions, I am distributing points to all who suggested a solution.

Thanks for all your help!
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 22680815
Sorry it did not work out better with a fix here. Sometimes a re-install is the only way to go, but if we had a HijackThis log here we may have been able to advise one of the more robust tools such as combofix with success. Fixing this without the wipe and re-load. Maybe next time...;)

Regards,
Dave
0
 

Author Comment

by:jmattson30
ID: 22681100
Sorry I couldn't go that route as I had already had the executive assigned to this computer down too long.  I had to use at the time my last resort.  I'm sure what you suggested would have worked but time was a factor at that point.  Have a good day!
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 22681193
Thanks for the report.  
Jonvee.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question