W32/Palevo.gen.a

By GoldSparrow in Worms

Translate To:

W32/Palevo.gen.a is a worm that targets computers with Windows Operating systems. W32/Palevo.gen.a propagates via removable drives and can also be obtained from file-sharing or peer-to-peer networks. Once inside a PC, W32/Palevo.gen.a will create a start-up registry entry. W32/Palevo.gen.a connects to a remote server and downloads other harmful programs onto an infected PC. W32/Palevo.gen.a may also steal saved usernames and passwords by accessing certain web browser related files.

File System Details

W32/Palevo.gen.a may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	[Removable Drive]:\SVETICEE\severinchich.exe
Name: [Removable Drive]:\SVETICEE\severinchich.exe Type: Executable File
2.	%UserProfile%\csrss.exe
Name: %UserProfile%\csrss.exe Type: Executable File
3.	[Removable Drive]:\aurorun.inf
Name: [Removable Drive]:\aurorun.inf

Registry Details

W32/Palevo.gen.a may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

"Taskman:" = "%userprofile%\csrss.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon\]

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

W32/Palevo.gen.a

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen