Solved

palladium virus - how to remove it?

Posted on 2011-02-14
13
1,289 Views
Last Modified: 2013-11-22

User opened a "u have a Fedex delivery" type email and now she has this.

What to do?

They have win xp
0
Comment
Question by:fcek
13 Comments
 
LVL 38

Expert Comment

by:younghv
ID: 34888631

Download, install, and run
CCleaner (www.ccleaner.com)

Malwarebytes (http://www.malwarebytes.org/mbam.php)
The instructions are included right in that link.

Read my Article here:
http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_1940-BASIC-MALWARE-TROUBLESHOOTING.html
0
 
LVL 9

Expert Comment

by:wellhole
ID: 34888651
I recommend running Combofix. It solves most of my malware/spyware issues in half an hour.

http://www.infospyware.net/antimalware/combofix/
0
 
LVL 38

Accepted Solution

by:
younghv earned 500 total points
ID: 34888664
MBAM's forum actually has a detailed guide for how to remove this:
http://www.bleepingcomputer.com/virus-removal/remove-palladium-pro
0
 
LVL 38

Expert Comment

by:younghv
ID: 34888690
@fcek,
Please DO NOT follow the advice to use ComboFix.
There are some variants of malware that require its use, but "Palladium" is not one of them.

@wellhole - please do not tell our Members to use ComboFix as a first choice of malware remover. It is not always needed and you should never casually suggest it - the potential for computer system damage is far greater than with lesser tools.
0
 
LVL 38

Expert Comment

by:younghv
ID: 34888741
It should also be noted that you are better off downloading ComboFix from the site that actually has the instructions for using it:

"ComboFix" (http://www.bleepingcomputer.com/combofix/how-to-use-combofix).

0
 
LVL 23

Expert Comment

by:edbedb
ID: 34892537
Talk about overkill, I saw that palladium malware 2 days ago. It didn't even put up a fight.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 38

Expert Comment

by:younghv
ID: 34892653
@edbedb,
I concur.
My phone rings off the hook when something serious comes around, but I've not not a single customer call on this one.

I am seeing in on other forums though and MBAM seems to clean it right up.

Started loading MBAM-Pro on all my customer's computers about a year ago and it has been pretty amazing as a 'preventive' application.
0
 

Expert Comment

by:Navid_rvl
ID: 34893084
If u want a simpler solution that worked for me.

Here's how

First :1.Instal trojan remover and give a scan in safe mode if virus detected shows just click ok to take action.

Download link:  http://www.simplysup.com/tremover/download.html

2. then after it worked give a full computer scan in normal mode with bit defender online scanner

http://www.bitdefender.com/scanner/online/free.html

It could solve the problem easily. If still occurs repair widows.
0
 
LVL 38

Expert Comment

by:younghv
ID: 34893307

Navid_rvl,

Having never heard of "Simply Super" software, I thought I would check out the link.

No forums, no apparent support for the product, and no evaluation from any malware forum that I could find.

Do you have links to somewhere that I could learn more about it?
0
 
LVL 2

Expert Comment

by:Hapexamendios
ID: 34896070
Hi fcek,

I wouldn't disagree with any of the advice you've been given by esteemed experts.

However, remember to use your judgement when advised in a forum to install multiple pieces of software, there's the obvious possibility the "anti-malware" is itself a Trojan or stager for a rootkit (younghv touches on this diplomatically above). But that's not all; many anti-malware products include filter drivers which can, in certain circumstances, cause unexpected behaviour in Windows which is tricky to diagnose and resolve (other experts, this is in reference to the default value of the IRPStakcSize registry value in Windows).

Also, the type or brand name of the anti-virus product is not necessarily the determining factor in terms of which can clean what,. although it matters a great deal that any product is well-known and authentic. The entry point for this "crimeware" is, as per younghv's comments, vulnerabilities in the software on the computer, and in many circumstances your anti-virus can't constantly protect you if this hasn't been patched. Too many times this last ends up mistranslated into a p***ing contest between different security software, and one or other's perceived failure.

Rest assured that if a vulnerabillity exists on a computer, if a prospective attacker can reach it, and sometimes additionally if the user can be induced to do something they perhaps shouldn't, your anti-virus software will prove to be an irrelevant hassle to that attacker, regardless of its publisher, update status etc.

Conclusions (all obvious, but nevertheless need stating):

Always assess any software you're thinking of installing
Persuade your bosses that none of this security software will, on its own, mitigate the risk psoed by uneducated staff
Always attempt to scan an infected computer from safe, read-only media wherever possible, and ideally using a different operating system (which cannot be "hooked" by a virus designed for e.g. Windows).

I wish you luck, and if for some reason none of the advice from other experts resolves, post back and I'll take a turn :)
0
 

Author Closing Comment

by:fcek
ID: 34945644
This was perfect.
0
 

Expert Comment

by:JoeyTheGreat
ID: 35027212
just as a starter, log on and keep pushing ctrl alt delete to get into task manager before paladium can launch. next what I do, I open cmd by clicking to open program in task manager while holding the ctrl key. that opens command prompt. I then am usually set to be able to start killing the virus which can be found in task manager while deleting them from the hard drive using the command. I also use a combination of tools in cmd like tasklist taskkill etc. I then use sysinternals autoruns to get a rouh view of drivers, runs in registry,startups in start etc. Next you can use other anti malwares to finish off the unseens.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35027274
@JoeyTheGreat,

You may not have noticed that the problem was solved and the question already closed.

As a general rule, I find it much better to use automated tools for these functions - especially when they are well-documented and even have pictures to help those of us who need them
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now