PDA

View Full Version : win32.palevo



pchater
2015-03-07, 16:45
Ran Spybot and it found a problem:
Product: Win32.Palevo
Trojans-006
Rule id: C5E0F385
File: C:\Users\Windows 7\AppData\Local\Temp\.ini

Clicked on Fix Selected and the file was removed.

At the time I was not connected to the internet. I tried to find out more about the issue on the Sypbot forum but searching on Trojans-006 and the rule id didn’t come up with anything and with the product nothing very new. I restored the file to run Spybot again so I could use show details of the problem.
I ran Spybot just on the offending file and it came up clean!
I ran a full system scan and it found the problem again! I fixed it again and it quarantined it again.
So now a couple of question:
1) Since Spybot thinks its a problem and clean depending on how you run the scan do I have a problem?
2) If its a problem is it 100% fixed if the Spybot quarantines it. If not how do I fix it for sure?
I also ran AVG and Malwarebytes and neither found the problem. Is it a false positive?
I am running Windows 7 with all the latest updates. I have not noticed any other problems with my computer.
Spybot version: 2.4.40.0 free edition

Thanks for any help

Zenobia
2015-03-09, 02:48
I also ran AVG and Malwarebytes and neither found the problem. Is it a false positive?
You can ask if it might be a false positive in this section of the forum. :)

http://forums.spybot.info/forumdisplay.php?16-False-Positives

Please see the sticky post with more general info on what/how to post:
http://forums.spybot.info/showthread.php?19117-How-to-report-possible-False-Positives

pchater
2015-03-12, 18:44
I posted on the false positive page:
http://forums.spybot.info/showthread.php?72158-Win32-Palevo
There you wil find the logs and the offending file as a zip attachment

Regardless of if it is a flase positive there is still a problem with Spybot as it gives differing results depending on how the scan is done, system or individual.

Zenobia
2015-03-12, 23:21
Okay,thanks for posting in false positives. :)