Mal/Palevo-A
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 50 % (Medium) |
Infected Computers: | 5 |
First Seen: | December 7, 2011 |
Last Seen: | February 18, 2022 |
OS(es) Affected: | Windows |
Mal/Palevo-A is a malware infection that belongs to the Palevo family of malware, a group of dangerous worms that are among the most common malware threats. Discovered in 2009, the Mal/Palevo-A worm is often present in external memory devices, such as USB memory sticks or Flash cards. Mal/Palevo-A is designed to infect computer systems running the Windows operating system up to Windows Vista. According to ESG security researchers, Mal/Palevo-A presents a threat to your security and privacy; however, most reliable anti-virus applications should be able to stop the Mal/Palevo-A worm in its tracks. Removing the Mal/Palevo-A worm is not very practical, since the very nature of this infection involves Mal/Palevo-A making numerous copies of itself both on the victim's hard drive and on any shared folders and external memory devices that are found. To remove the Mal/Palevo-A worm, it is also necessary to revert any harmful changes that the Mal/Palevo-A worm makes to the infected computer system's Windows Registry. According to ESG malware analysts, the Mal/Palevo-A worm is designed to open a backdoor onto the infected computer system and to receive automatic commands via an IRC server at the address web.installloader.biz:47221. However, PC security researchers report that this server is no longer available.
Other Symptoms of a Mal/Palevo-A Worm Infection
Due to its very nature, the Mal/Palevo-A worm tries to remain hidden on the infected computer system displaying practically no symptoms. However, the sudden appearance of strange files on your computer system that refuses to go away or return after being deleted may be a sign of a Mal/Palevo-A worm infection. The Mal/Palevo-A worm is also capable of disabling your computer system's security measures by removing much-needed protective measures and blocking access to the most popular security applications. The Mal/Palevo-A worm uses several known Microsoft Windows vulnerabilities in order to spread itself, including security exploits involving Microsoft Windows' Plug and Play feature and Remote Message Queuing.
Protecting Your Computer System from the Mal/Palevo-A Worm
While a reliable firewall and anti-virus program should be enough to stop and detect most malware infections, criminals will usually bypass these measures by using deception and other social engineering methods. This is why it is important to learn basic online safe practices such as using strong passwords, setting low privileges on any computers on your networks, disabling AutoPlay for executable files both from removable drives and network folders and disabling file sharing when it is not essential. It is also important never to open unsolicited email attachments or visit websites that are generally considered being unsafe.
Aliases
10 security vendors flagged this file as malicious.
Anti-Virus Software | Detection |
---|---|
AVG | SHeur3.GXG |
Ikarus | Trojan.Peerfrag |
Symantec | W32.Pilleuz!gen1 |
Sophos | Mal/Palevo-A |
McAfee-GW-Edition | Trojan.Peerfrag.GG |
AntiVir | TR/Peerfrag.GG |
DrWeb | Win32.HLLW.Lime.18 |
a-squared | Trojan.Peerfrag!IK |
NOD32 | a variant of Win32/Kryptik.DCT |
McAfee+Artemis | W32/Palevo.gen.a |
SpyHunter Detects & Remove Mal/Palevo-A

File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | csrss.exe | 6125b2e66843eb727768ba506e27d105 | 1 |
2. | C:\Documents and Settings\user-account-name\Local Settings\rthdti.exe |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.