PDA

View Full Version : Can't remove Win32.Palevo


vanboe
2011-09-06, 19:55
Problem:
Win32.Palevo
Kind:
1 entries TrojansC-02
Registry Value:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman=...C:\RECYCLER\*\*.exe...

Hi,
Search and Destroy keeps coming up with above problem after I "Fix selected problem" multiple times.
1. Does this mean it is not removed or do I keep going to sites or.. from where this is put on my machine again and again?
2. What does this Win32.Palevo do, i.e. how severe is it?
3. What can be done to permanently remove it?

Thanks for your reply in advance!
tashi
2011-09-06, 22:11
Hello vanboe,

Please open Spybot Search & Destroy > Help > About and let us know the version and date of last definitions. :)

Also, have you tried running Spybot-S&D while in safe mode?

Best regards.
vanboe
2011-09-06, 22:40
Thanks for your reaction tashi.

In answer to your Qs
1. version 1.6.2.46
Latest detection update :8/17/2011 (=date of last definitions?)
2. I run S&D in Default mode. How do I run it in Safe mode, is this under Advanced mode?

Back to you...:)
tashi
2011-09-06, 23:12
Hello vanboe,

Latest detection update :8/17/2011 (=date of last definitions?)


Need to update. ;) Updates: 2011-08-31 (http://forums.spybot.info/showthread.php?t=63767)


2. I run S&D in Default mode. How do I run it in Safe mode, is this under Advanced mode?For future reference: http://forums.spybot.info/showpost.php?p=23629&postcount=2

But I am going to link you to the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) sticky which includes guidelines and instructions in post #2 on how to provide preliminary "DDS" logs used for analysis.

"BEFORE You POST"(Please read this Procedure Before Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start a new topic in that forum posting the logs as shown and a volunteer analyst will advise you when available. :)

Best regards.
vanboe
2011-09-06, 23:26
OK, I will proceed as instructed.
:thanks:
tashi
2011-09-07, 00:52
Hi there,

Log split off and moved to the malware forum. :)

http://forums.spybot.info/showthread.php?t=63816
vanboe
2011-09-07, 01:04
:thanks: tashi.
I will proceed from the new location -malware forum- and wait for a volunteer analyst to advise further.
tashi
2011-09-07, 06:31
Hello vanboe,

Ken has responded. :)