Ghoul Slayer
New member
Hello,
I'm infected and I would like some help in removing this nasty and any others I may not be able to find. I attempted to run DDS but every time I do it doesn't give me the logfile and it locks up my computer. Before I read the "before you post" thread I ran Ccleaner (windows, applications and registry cleaners). I also missed the instructions on how to turn off teatimer properly so I used the Ccleaner startup section to do it. After I read how to properly disable teatimer I did so and re-enabled the other check box in that same folder where you are supposed to uncheck the teatimer checkbox I also saved the results of that move (see below). I also ran Spybot which found Win32.Palevo but it hasn't been able to remove it. My definitions are up to date. I had AVG but it didn't find anything. I uninstalled it and installed Avira it didn't find anything either. I'm running firefox with adblock plus and noscript installed.
Here is the top part of the spybot log:
Win32.Palevo: [SBI $3437A25D] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman=...C:\RECYCLER\*\*.exe...
Here is the log entry from when I disabled teatimer via spybot (after Ccleaner):
7/26/2011 11:46:07 AM Allowed (based on user decision) value "SpybotSD TeaTimer" (new data: "") deleted in System Startup user entry!
I'm infected and I would like some help in removing this nasty and any others I may not be able to find. I attempted to run DDS but every time I do it doesn't give me the logfile and it locks up my computer. Before I read the "before you post" thread I ran Ccleaner (windows, applications and registry cleaners). I also missed the instructions on how to turn off teatimer properly so I used the Ccleaner startup section to do it. After I read how to properly disable teatimer I did so and re-enabled the other check box in that same folder where you are supposed to uncheck the teatimer checkbox I also saved the results of that move (see below). I also ran Spybot which found Win32.Palevo but it hasn't been able to remove it. My definitions are up to date. I had AVG but it didn't find anything. I uninstalled it and installed Avira it didn't find anything either. I'm running firefox with adblock plus and noscript installed.
Here is the top part of the spybot log:
Win32.Palevo: [SBI $3437A25D] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman=...C:\RECYCLER\*\*.exe...
Here is the log entry from when I disabled teatimer via spybot (after Ccleaner):
7/26/2011 11:46:07 AM Allowed (based on user decision) value "SpybotSD TeaTimer" (new data: "") deleted in System Startup user entry!
