Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Infected with a bug or false positive????

  • Please log in to reply
2 replies to this topic

#1 67lsx


  • Members
  • 2 posts
  • Local time:03:37 PM

Posted 28 January 2015 - 11:04 PM



 Using Symantec endpoint 12.1 which detects "Spyware.Spymail" then deletes it without giving a file name or location. I have been working with Symantec on this and they have come up with nothing. 

 It is detected on 20+ computers intermittently might go two three days with nothing then its back. I have installed AVG Free, Malwarebyte, spybot, super anti spyware, sophos virus removal and tries spyhunter. none of those show the detection. I have re-imaged, re-installed from scratch blocked the IPs that Symantec shows as the attacking IP's and still pops up.

 It only affects Windows 7 Pro machines, I have some XP boxes but they do not show it. The servers do not show it 2008 r2 and 2003. I have run hijack this and it shows nothing. I am at my wits end. I believe its a false positive but dont want to blow it off its not, any ideas???



BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,490 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:37 PM

Posted 29 January 2015 - 06:07 AM


Each security vendor uses their own naming conventions to identify various types of malware so it's difficult to determine exactly what has been detected or the nature of the threat without knowing more information about the actually file(s) involved and where they are located (full file path).
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 67lsx

  • Topic Starter

  • Members
  • 2 posts
  • Local time:03:37 PM

Posted 29 January 2015 - 08:12 AM

Yes without a file name or even file location it is making this extremely difficult. 

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users