Solved

Need help removing Trojan.Pandex from Windows XP SP3

Posted on 2008-10-02
11
1,068 Views
Last Modified: 2013-12-09
Hi,

I have tried unsuccessfully to remove Trojan.Pandex using the following programs:
Spybot, AdAware 2007, Symantec Endpoint 11 client, AVG, SuperAntiSpyware.  Is there some kind of removal tool for this trojan?  I checked with Symantec's website and basically all it says is turn off system restore, update pattern file, run virus scan in safe mode, which I have done.  Still no luck.  I am in desperate need on how to fix as 2 of our executives systems are infected.  I appreciate your help with this.
0
Comment
Question by:jmattson30
  • 3
  • 3
  • 2
  • +3
11 Comments
 
LVL 16

Accepted Solution

by:
speshalyst earned 100 total points
ID: 22625668
try downloading the SmitFraud removal tool. Google shud give u a download link..

Follow the instructions and hopefully it'd clear out the infection
0
 
LVL 27

Assisted Solution

by:David-Howard
David-Howard earned 100 total points
ID: 22625774
I've read of removal success using Kaspersky. It's free.
HOW TO REMOVE Trojan.Pandex!inf :
1. Temporarily disable System Restore (Windows Me/XP).
Disable System Restore by:
1. On the Desktop, Right Click on My Computer
2. Select the System Restore Tab
3. Mark the "Turn Off System Restore" to disable and UnMark to Enable
4. Click Apply on the Bottom of the Dialog Box to save the settings.
5. A message "This deletes all existing restore points" will appear, click Yes to disable.
6. Click OK.
Note: You must have an Administrator Privilege to be able to disable System Restore on Windows XP.
2. Download Kaspersky AntiVirus Personal Edition (Trial) and save it to a desired location on your Hard Drive.
3. After downloading, browse where the file was saved and double click to install it.
4. After installation, connect to internet and download all necessary updates.
5. Reboot your computer in SafeMode [how to]
6. Run Kaspersky and do a full scan of your computer. Delete all infected files.
0
 
LVL 8

Assisted Solution

by:eXpeLLeD_4RM_heLL
eXpeLLeD_4RM_heLL earned 100 total points
ID: 22626301
Download Superantispyware from www.superantispyware.com, update your definition files and run a scan.
0
 

Author Comment

by:jmattson30
ID: 22626437
Hi eXpeLLeD,

I had already tried this as mentioned in my question.  Please let me know if there are any removal tools for this virus or an exceptionally effective anti-virus program/anti-spyware.
0
 
LVL 20

Assisted Solution

by:IndiGenus
IndiGenus earned 100 total points
ID: 22626515
It would help if we could see what was going on with your computer. I suggest that you download, run, and upload a HijackThis log from the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Click on "Do a system scan and save a log file" button. Post the text from the log file. Do not have HJT fix anything at this point.

Please do not post the log into the comment window. Use "Attach File" under the comment window to post the log
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 20

Expert Comment

by:IndiGenus
ID: 22626526
We'll probably be looking at running something like combofix, or potentially MalwareBytes' Anti-Malware if not too bad.
0
 
LVL 27

Assisted Solution

by:Jonvee
Jonvee earned 100 total points
ID: 22627777
Yes, a HijackThis logfile would be very useful, the analysis of which would help us decide which tool to use against the Trojan.Pandex.  This free, easy to use tool is also known to remove Trojans>

a-squared Free:
http://www.emsisoft.com/en/software/free/
0
 

Author Closing Comment

by:jmattson30
ID: 31502437
Hi Everyone,

I tried 5 different well known programs such as spybot, SuperAnti Spyware, Symantec, AVG,  and was not able to clean entirely off the system.  I just went ahead and re-built the system after backing up data after ensuring that data was not affected.  Since you all had good suggestions, I am distributing points to all who suggested a solution.

Thanks for all your help!
0
 
LVL 20

Expert Comment

by:IndiGenus
ID: 22680815
Sorry it did not work out better with a fix here. Sometimes a re-install is the only way to go, but if we had a HijackThis log here we may have been able to advise one of the more robust tools such as combofix with success. Fixing this without the wipe and re-load. Maybe next time...;)

Regards,
Dave
0
 

Author Comment

by:jmattson30
ID: 22681100
Sorry I couldn't go that route as I had already had the executive assigned to this computer down too long.  I had to use at the time my last resort.  I'm sure what you suggested would have worked but time was a factor at that point.  Have a good day!
0
 
LVL 27

Expert Comment

by:Jonvee
ID: 22681193
Thanks for the report.  
Jonvee.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of the most commonly posted questions in the "Virus & Malware" Zones are related to the family of rogue malware with the date "2012" somewhere in the title. Examples: XP Antispyware 2012 XP Antivirus 2012 XP Security 2012   XP Home Sec…
If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now