PDA

View Full Version : Win32.Palevo



Ghoul Slayer
2011-07-26, 21:52
Hello,
I'm infected and I would like some help in removing this nasty and any others I may not be able to find. I attempted to run DDS but every time I do it doesn't give me the logfile and it locks up my computer. Before I read the "before you post" thread I ran Ccleaner (windows, applications and registry cleaners). I also missed the instructions on how to turn off teatimer properly so I used the Ccleaner startup section to do it. After I read how to properly disable teatimer I did so and re-enabled the other check box in that same folder where you are supposed to uncheck the teatimer checkbox I also saved the results of that move (see below). I also ran Spybot which found Win32.Palevo but it hasn't been able to remove it. My definitions are up to date. I had AVG but it didn't find anything. I uninstalled it and installed Avira it didn't find anything either. I'm running firefox with adblock plus and noscript installed.

Here is the top part of the spybot log:
Win32.Palevo: [SBI $3437A25D] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman=...C:\RECYCLER\*\*.exe...

Here is the log entry from when I disabled teatimer via spybot (after Ccleaner):
7/26/2011 11:46:07 AM Allowed (based on user decision) value "SpybotSD TeaTimer" (new data: "") deleted in System Startup user entry!

Blade81
2011-08-02, 10:24
Hi,

Please download and run this (http://download.bleepingcomputer.com/sUBs/Beta/dds.exe). Let the settings be as default and run. Post back the logs it creates.

Ghoul Slayer
2011-08-04, 05:16
I installed malware bytes and ran it. It got rid of the problem. I no longer require assistance. Thank you.

Blade81
2011-08-04, 19:34
Ok, thanks for letting us know. I'll close the topic then :)