Solved

Need help removing Trojan.Pandex from Windows XP SP3

Posted on 2008-10-02
11
1,058 Views
Last Modified: 2013-12-09
Hi,

I have tried unsuccessfully to remove Trojan.Pandex using the following programs:
Spybot, AdAware 2007, Symantec Endpoint 11 client, AVG, SuperAntiSpyware.  Is there some kind of removal tool for this trojan?  I checked with Symantec's website and basically all it says is turn off system restore, update pattern file, run virus scan in safe mode, which I have done.  Still no luck.  I am in desperate need on how to fix as 2 of our executives systems are infected.  I appreciate your help with this.
0
Comment
Question by:jmattson30
  • 3
  • 3
  • 2
  • +3
11 Comments
 
LVL 16

Accepted Solution

by:
speshalyst earned 100 total points
ID: 22625668
try downloading the SmitFraud removal tool. Google shud give u a download link..

Follow the instructions and hopefully it'd clear out the infection
0
 
LVL 27

Assisted Solution

by:David-Howard
David-Howard earned 100 total points
ID: 22625774
I've read of removal success using Kaspersky. It's free.
HOW TO REMOVE Trojan.Pandex!inf :
1. Temporarily disable System Restore (Windows Me/XP).
Disable System Restore by:
1. On the Desktop, Right Click on My Computer
2. Select the System Restore Tab
3. Mark the "Turn Off System Restore" to disable and UnMark to Enable
4. Click Apply on the Bottom of the Dialog Box to save the settings.
5. A message "This deletes all existing restore points" will appear, click Yes to disable.
6. Click OK.
Note: You must have an Administrator Privilege to be able to disable System Restore on Windows XP.
2. Download Kaspersky AntiVirus Personal Edition (Trial) and save it to a desired location on your Hard Drive.
3. After downloading, browse where the file was saved and double click to install it.
4. After installation, connect to internet and download all necessary updates.
5. Reboot your computer in SafeMode [how to]
6. Run Kaspersky and do a full scan of your computer. Delete all infected files.
0
 
LVL 8

Assisted Solution

by:eXpeLLeD_4RM_heLL
eXpeLLeD_4RM_heLL earned 100 total points
ID: 22626301
Download Superantispyware from www.superantispyware.com, update your definition files and run a scan.
0
 

Author Comment

by:jmattson30
ID: 22626437
Hi eXpeLLeD,

I had already tried this as mentioned in my question.  Please let me know if there are any removal tools for this virus or an exceptionally effective anti-virus program/anti-spyware.
0
 
LVL 20

Assisted Solution

by:IndiGenus
IndiGenus earned 100 total points
ID: 22626515
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Click on "Do a system scan and save a log file" button. Post the text from the log file. Do not have HJT fix anything at this point.

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 20

Expert Comment

by:IndiGenus
ID: 22626526
We'll probably be looking at running something like combofix, or potentially MalwareBytes' Anti-Malware if not too bad.
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 100 total points
ID: 22627777
Yes, a HijackThis logfile would be very useful, the analysis of which would help us decide which tool to use against the Trojan.Pandex.  This free, easy to use tool is also known to remove Trojans>

a-squared Free:
http://www.emsisoft.com/en/software/free/
0
 

Author Closing Comment

by:jmattson30
ID: 31502437
Hi Everyone,

I tried 5 different well known programs such as spybot, SuperAnti Spyware, Symantec, AVG,  and was not able to clean entirely off the system.  I just went ahead and re-built the system after backing up data after ensuring that data was not affected.  Since you all had good suggestions, I am distributing points to all who suggested a solution.

Thanks for all your help!
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 22680815
Sorry it did not work out better with a fix here. Sometimes a re-install is the only way to go, but if we had a HijackThis log here we may have been able to advise one of the more robust tools such as combofix with success. Fixing this without the wipe and re-load. Maybe next time...;)

Regards,
Dave
0
 

Author Comment

by:jmattson30
ID: 22681100
Sorry I couldn't go that route as I had already had the executive assigned to this computer down too long.  I had to use at the time my last resort.  I'm sure what you suggested would have worked but time was a factor at that point.  Have a good day!
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 22681193
Thanks for the report.  
Jonvee.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Malware seems to be getting smarter and smarter. If you are having trouble being able to launch your malware removal tools such as (and recommended): MalwareBytes, HiJackThis, ComboFix, etc. you can try some of the workarounds listed below. 1. Ma…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now