Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with a bug or false positive????


  • Please log in to reply
2 replies to this topic

#1 67lsx

67lsx

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 28 January 2015 - 11:04 PM

Hello

 

 Using Symantec endpoint 12.1 which detects "Spyware.Spymail" then deletes it without giving a file name or location. I have been working with Symantec on this and they have come up with nothing. 

 It is detected on 20+ computers intermittently might go two three days with nothing then its back. I have installed AVG Free, Malwarebyte, spybot, super anti spyware, sophos virus removal and tries spyhunter. none of those show the detection. I have re-imaged, re-installed from scratch blocked the IPs that Symantec shows as the attacking IP's and still pops up.

 It only affects Windows 7 Pro machines, I have some XP boxes but they do not show it. The servers do not show it 2008 r2 and 2003. I have run hijack this and it shows nothing. I am at my wits end. I believe its a false positive but dont want to blow it off its not, any ideas???

 

Thanks



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:51 AM

Posted 29 January 2015 - 06:07 AM

Spyware.SpyMail

Each security vendor uses their own naming conventions to identify various types of malware so it's difficult to determine exactly what has been detected or the nature of the threat without knowing more information about the actually file(s) involved and where they are located (full file path).
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 67lsx

67lsx
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 29 January 2015 - 08:12 AM

Yes without a file name or even file location it is making this extremely difficult. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users