• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

trojan.pandex on found on MAC

Hello,

Today, I downloaded Norton Atnivirus,Firewall and Confidential which was provided through Comcast. When I ran the scan, /Volumes/FreeAgentDrive/$RECYCLE.BIN/$RLY50z5.zip for Trojan.Pandex came up. The repair failed twice. Would you be so kind as to tell me what this is, how bad is it and how to remove the infected file. Thank you so much!

Replies

Kudos0

Re: trojan.pandex on found on MAC

Hello,

Today, I downloaded Norton Atnivirus,Firewall and Confidential which was provided through Comcast. When I ran the scan, /Volumes/FreeAgentDrive/$RECYCLE.BIN/$RLY50z5.zip for Trojan.Pandex came up. The repair failed twice. Would you be so kind as to tell me what this is, how bad is it and how to remove the infected file. Thank you so much!

Kudos1 Stats

Re: trojan.pandex on found on MAC


Toragirl wrote:

Hello,

Today, I downloaded Norton Atnivirus,Firewall and Confidential which was provided through Comcast. When I ran the scan, /Volumes/FreeAgentDrive/$RECYCLE.BIN/$RLY50z5.zip for Trojan.Pandex came up. The repair failed twice. Would you be so kind as to tell me what this is, how bad is it and how to remove the infected file. Thank you so much!


It's a Windows trojan.

http://www.symantec.com/security_response/writeup.jsp?docid=2007-042001-1448-99

To delete use Finder->Go->Go to Folder… and type in /Volumes and drag the offending item to the trash and empty trash, providing an admin name and password if necessary. Do another scan. If it comes up again, please post the details.

Kudos1 Stats

Re: trojan.pandex on found on MAC

Toragirl, I would suggest one minor modification to the counsel of "x190av", it only refers to "Empty theTrash". I would suggest "Secure Empty the Trash", The difference is monumental. A Simple "Empty the Trash" leaves the data in place and raises the flag and tells the computer it can use that space, when it needs it. A "Secure Empty the Trash", actually goes to that address on the disk and overwrites it. therefore destroying it. It might take a little longer, but it is secure.

Kudos0

Re: trojan.pandex on found on MAC

Hi there, Thank you for your response. I did as you directed but the file does not come up in Finder. Even though I could not find the file, I rescanned with Norton and it still shows infected file and cannot repair. I checked the link you provide and am puzzled as to why I have a windows Trojan when I do not have Windows program on Mac. It is very odd. I even emptied the secure trash as suggested by the next person who responded to this message even though I could not find the file. Any other suggestions? Thanks again.

Kudos0

Re: trojan.pandex on found on MAC

Hello Grumpy48, thank you for your response. After trying to locate the file on Finder with no success, (see previous response message from x190av) I went ahead and did as you suggested, "Secure Empty the Trash" just for the heck of it. That did take time extra time but I believe it is very worthwhile. Thanks for the tip. I scanned with Norton again to see if it is still showing and sure enough, it still shows this file is infected and unrepairable. Puzzling especially since I do not have Windows program on my Mac. Any other suggestons?

Kudos2 Stats

Re: trojan.pandex on found on MAC

Toragirl, this is not just about you, but everybody on the web, including your family and friends. Part of the strategy cyber security is this, they actually use the Mac as carriers, like a disease. The carrier does not get sick, just the people around him. The problem is this, the end–user opens his own “Macintosh HD” and whole groups of folders are hidden. This was Apple's choice, in OS X 10.7.1, on your home page, much of your “Library” is closed. Therefore, when you find a virus, malware, Trojan or any anomaly, either Apple through AppleCare or Symantec need to find a way to remove it, AT NO CHARGE, AT ALL. Symantec, it is time to step up to the plate and do your part. If not, then just maybe we need to find a new computer security service. Toragirl, let them know, but be realistic in your expectations. Don't be angry, because they may not know that this function with this particular anomaly is not working. I have an idea of the size of the task that they are trying to accomplish, this is not like tweaking an old version, but a complete rewrite of the whole application. Let's both agree, doing system scans in a royal pain. But they may be really necessary in the prevention of more complex problems, so please bear with me. I want you to do a couple of things, first, yeah, do another blasted system scan. Second, I want you to write everything down about the results of that scam, including any messages left by the application. Now, I want to go towards the top of this page to “Norton for Mac” and click it. When the page fully loads, look at the right-hand side of the screen, you'll need to scroll down and you'll notice the actual Symantec people working on this project. Write them an e-mail and stating  everything going on, they can't work on this issue that they  don't know exists. Share as much information as possible in reference to it you did and their results. This is not a case of Grumpy48  not believing you, but one that I really don't have a good answer and I don't want to add to the confusion. 

Kudos1 Stats

Re: trojan.pandex on found on MAC


Toragirl wrote:

Hi there, Thank you for your response. I did as you directed but the file does not come up in Finder. Even though I could not find the file, I rescanned with Norton and it still shows infected file and cannot repair. I checked the link you provide and am puzzled as to why I have a windows Trojan when I do not have Windows program on Mac. It is very odd. I even emptied the secure trash as suggested by the next person who responded to this message even though I could not find the file. Any other suggestions? Thanks again.


Don't worry too much about G48, he's, well he's just a grumpy guy with an axe to grind.

I should have said this trojan will only run on Windows, so cannot harm a Mac. Sorry, I just woke up to the fact that you must be using an external Seagate FreeAgent Drive, correct?

From some scroogling I did just now, I think it might be a thorny problem to get this item off that drive due to possible formatting issues. You could try the following after rechecking that the file path is correct.

• Open Terminal.app found in Applications/Utilities while logged in to an admin account.

• Type in or copy & paste the following command and then press enter and type in your password if requested and again press enter.

sudo rm /Volumes/FreeAgentDrive/$RECYCLE.BIN/$RLY50z5.zip for Trojan.Pandex 

• If that fails or gives an error, I would suggest waiting for a Symantec employee to reply or you could PM Lee_G, if you do not get a timely reply.

Good Luck!

Kudos1 Stats

Re: trojan.pandex on found on MAC

"sudo rm /Volumes/FreeAgentDrive/$RECYCLE.BIN/$RLY50z5.zip for Trojan.Pandex "

Toragirl, I have a revision to that command for you. Please use the following format from an admin account instead.

sudo rm /Volumes/FreeAgentDrive/\$RECYCLE.BIN/\$RLY50z5.zip\ for\ Trojan.Pandex

Sorry about that! '$' and '<space>'  need to be escaped ('\') in the Terminal. Again, recheck the path in your Norton log.

Kudos1 Stats

Re: trojan.pandex on found on MAC

Hi X190av,

You are correct, the infected file is in my external Seagate FreeAgent Drive. I disconnected this drive and re-scanned and of course, no infected file showed. I will re-connect it and try the command you gave me. I will post as soon as I complete the task and find out if it works. If not, I will follow through with Symantic employees as suggested by you and G48. Thank you for all your "scroogling"   

Kudos0

Re: trojan.pandex on found on MAC

Thanks Grumpy 48, I will do so...thanks for all your input. Really appreciate it.

This thread is closed from further comment. Please visit the forum to start a new thread.