5 Replies Latest reply on Feb 29, 2016 6:48 AM by andrep1

    How to permanently remove Trojan "W32/Pinkslipbot!mem" ?


      I have servers protected by Virus Scan Enterprise and AntiSpryware Enterprise 8.8. with DAT updated to 8079 or later.

      For those which infected by W32/Pinkslipbot!mem trojan, though they reported it was removed after scan, the same alert was generated on next day or so. Infected files are more or less the same;  explorer.exe under c:\windows or C:\Windows\SysWOW64 .


      Does anyone encounter this problem before and how can this problem solved. Any suggestion will be much appreciated. Thanks in advance.


      PS : McAfee has an article W32/Pinkslipbot!mem - Malware - McAfee Labs Threat Center fo this. But its date was 2011-06-01

           A more recent article describe a similar one, but malware name is not identical ( W32/Pinkslipbot ). Its URL is https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/ 22000/PD22960/en_US/McAfee-Labs-ThreatAd…