W32.Palevo

By JubileeX in Worms

Translate To:

Threat Scorecard

Ranking:	3,296
Threat Level:	50 % (Medium)
Infected Computers:	25,222

First Seen:	January 8, 2010
Last Seen:	September 18, 2023
OS(es) Affected:	Windows

W32.Palevo (also known as Palevo Worm) is a worm virus that typically infects a computer by exploiting known software vulnerabilities. W32.Palevo may also designate its own registry entries in order to begin running as soon as Windows starts up. In addition to this, W32.Palevo may end security-related processes on the compromised computer, lowering security settings.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Panda	Trj/Rimecud.a
Fortinet	W32/Kryptik.ANQ!tr
AhnLab-V3	Win32/Palevo3.worm.Gen
Comodo	MalCrypt.Indus!
Avast	Win32:Crumpache [Cryp]
F-Prot	W32/Rimecud.H.gen!Eldorado
K7AntiVirus	EmailWorm
Symantec	W32.Pilleuz!gen1
NOD32	a variant of Win32/Kryptik.DCT
CAT-QuickHeal	Win32.Worm.Silly.gen.3.Pack
McAfee+Artemis	W32/Palevo.gen.a
Ikarus	Backdoor.Win32.Rbot.esp
Prevx1	Heuristic: Suspicious File With Covert Attributes
Sophos	Sus/ComPack-C
Kaspersky	Trojan.Win32.Jorik.Fraud.kct

SpyHunter Detects & Remove W32.Palevo

File System Details

W32.Palevo may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	nissan.exe	05789b909404764f56eca83f8f6398a2	426
Name: nissan.exe MD5: 05789b909404764f56eca83f8f6398a2 Size: 215.04 KB (215040 bytes) Detections: 426 Type: Executable File Path: %SystemDrive%\RECYCLER\S-1-5-21-4427126503-8481981807-691466079-2203 Group: Malware file Last Updated: February 11, 2013
2.	wingn.exe	9b414125c67805d9002c4842c387ffd2	269
Name: wingn.exe MD5: 9b414125c67805d9002c4842c387ffd2 Size: 103.93 KB (103936 bytes) Detections: 269 Type: Executable File Path: %SystemDrive%\RECYCLER\S-1-5-21-0030198935-7878845576-912342483-3651 Group: Malware file Last Updated: June 15, 2017
3.	SyncHost.exe	dcb6cde1604aaa06dfc1edc4f21d57cd	62
Name: SyncHost.exe MD5: dcb6cde1604aaa06dfc1edc4f21d57cd Size: 657.4 KB (657408 bytes) Detections: 62 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Chrome\SyncHost.exe Group: Malware file Last Updated: June 26, 2020
4.	wpbt0.dll	0aa9271971152531c2e16e7bbc0ada7f	37
Name: wpbt0.dll MD5: 0aa9271971152531c2e16e7bbc0ada7f Size: 165.37 KB (165376 bytes) Detections: 37 Type: Dynamic link library Path: %TEMP% Group: Malware file Last Updated: December 27, 2011
5.	StikyNot.exe	9a8bbd5b6f2307ed22f4a9f718ac6958	35
Name: StikyNot.exe MD5: 9a8bbd5b6f2307ed22f4a9f718ac6958 Size: 635.39 KB (635392 bytes) Detections: 35 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Chrome\StikyNot.exe Group: Malware file Last Updated: June 26, 2020
6.	nvsvc32.exe	b40a73cad42287b8a4dd2b13efb0e534	16
Name: nvsvc32.exe MD5: b40a73cad42287b8a4dd2b13efb0e534 Size: 1.15 MB (1150976 bytes) Detections: 16 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: October 27, 2017
7.	BookWorm.exe	ac36cdf278098c3d7a1de5c4892e5f53	12
Name: BookWorm.exe MD5: ac36cdf278098c3d7a1de5c4892e5f53 Size: 1.69 MB (1695744 bytes) Detections: 12 Type: Executable File Path: C:\Program Files (x86)\BookWorm\BookWorm.exe Group: Malware file Last Updated: March 27, 2022
8.	gjcdvqzsjj.exe	2f41e67099963316c30ee1a07955ab90	11
Name: gjcdvqzsjj.exe MD5: 2f41e67099963316c30ee1a07955ab90 Size: 3.65 MB (3651072 bytes) Detections: 11 Type: Executable File Path: %ALLUSERSPROFILE%\xicaewlylld Group: Malware file Last Updated: December 23, 2011
9.	yt_crypted-with-er.exe	d0ec711818a79d21844e88a82a392402	8
Name: yt_crypted-with-er.exe MD5: d0ec711818a79d21844e88a82a392402 Size: 787.45 KB (787456 bytes) Detections: 8 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: December 23, 2011
10.	nvsvc32.exe	f98ba3ecada0a36f6e785dfc95980702	5
Name: nvsvc32.exe MD5: f98ba3ecada0a36f6e785dfc95980702 Size: 16.63 KB (16636 bytes) Detections: 5 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: October 27, 2017
11.	wins.exe	f00b0fd26105016c562a42f3a9eb798b	4
Name: wins.exe MD5: f00b0fd26105016c562a42f3a9eb798b Size: 2.44 MB (2448896 bytes) Detections: 4 Type: Executable File Path: %WINDIR%\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service Group: Malware file Last Updated: December 23, 2011
12.	nvsvc32.exe	4ea2cbf4ad6fe480505bbd336216b15f	4
Name: nvsvc32.exe MD5: 4ea2cbf4ad6fe480505bbd336216b15f Size: 153.08 KB (153088 bytes) Detections: 4 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: October 27, 2017
13.	csrss.exe	b2a1c39bc86305addbdb24508c305318	4
Name: csrss.exe MD5: b2a1c39bc86305addbdb24508c305318 Size: 144.38 KB (144384 bytes) Detections: 4 Type: Executable File Path: %USERPROFILE% Group: Malware file Last Updated: February 11, 2013
14.	nvsvc32.exe	215f76fa41463cf45e06b839ecafca21	4
Name: nvsvc32.exe MD5: 215f76fa41463cf45e06b839ecafca21 Size: 185.85 KB (185856 bytes) Detections: 4 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: October 27, 2017
15.	D61.exe	f0a590b7d07905e30c75ca2c43bc73d6	3
Name: D61.exe MD5: f0a590b7d07905e30c75ca2c43bc73d6 Size: 290.81 KB (290816 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES%\LP\8B30 Group: Malware file Last Updated: December 27, 2011
16.	nvsvc32.exe	290f5ef8e208933aabe938bad09484cb	3
Name: nvsvc32.exe MD5: 290f5ef8e208933aabe938bad09484cb Size: 113.15 KB (113152 bytes) Detections: 3 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: October 27, 2017
17.	ew9hbm5.exe	d0fca681834850523da7d69b2a956c4f	2
Name: ew9hbm5.exe MD5: d0fca681834850523da7d69b2a956c4f Size: 141.31 KB (141312 bytes) Detections: 2 Type: Executable File Path: %ALLUSERSPROFILE% Group: Malware file Last Updated: December 23, 2011
18.	q0pfMFHDFjaus5.exe	842de7793defc1272362eee195f826f5	2
Name: q0pfMFHDFjaus5.exe MD5: 842de7793defc1272362eee195f826f5 Size: 353.53 KB (353536 bytes) Detections: 2 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: December 27, 2011
19.	Craagle 4.0.exe	87f167e924754c463eef856cd7b9db7e	2
Name: Craagle 4.0.exe MD5: 87f167e924754c463eef856cd7b9db7e Size: 1.09 MB (1092917 bytes) Detections: 2 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: December 23, 2011
20.	xpmklcm.dll	3523ecf668e22b03dad16ee90086101c	2
Name: xpmklcm.dll MD5: 3523ecf668e22b03dad16ee90086101c Size: 237.77 KB (237771 bytes) Detections: 2 Type: Dynamic link library Path: %SYSTEMDRIVE%\uswwn\xpmklcm.dll Group: Malware file Last Updated: June 26, 2020
21.	yweryx.exe	4bea43f7fc1d009f009bf5d68eefe2a3	1
Name: yweryx.exe MD5: 4bea43f7fc1d009f009bf5d68eefe2a3 Size: 38.4 KB (38400 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\system32 Group: Malware file Last Updated: December 23, 2011
22.	winlogin.exe	0ef737e43a579f08ea9a69883a74587d	1
Name: winlogin.exe MD5: 0ef737e43a579f08ea9a69883a74587d Size: 144.3 KB (144306 bytes) Detections: 1 Type: Executable File Path: %USERPROFILE%\Start Menu\Programs\Startup Group: Malware file Last Updated: December 23, 2011
23.	pR4M4lQURfCqzP.exe	7415942d35a0c9b747ffd74b50cac171	1
Name: pR4M4lQURfCqzP.exe MD5: 7415942d35a0c9b747ffd74b50cac171 Size: 351.88 KB (351880 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Application Data Group: Malware file Last Updated: December 23, 2011
24.	3496.exe	e3761db807ed03def4f2f345df55d017	1
Name: 3496.exe MD5: e3761db807ed03def4f2f345df55d017 Size: 307.2 KB (307200 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: December 23, 2011
25.	B6232F3A21A.exe	9700c695a9f7e6adfb01d3b79251a00c	1
Name: B6232F3A21A.exe MD5: 9700c695a9f7e6adfb01d3b79251a00c Size: 198.14 KB (198144 bytes) Detections: 1 Type: Executable File Path: %SystemDrive%\Recycle.Bin Group: Malware file Last Updated: December 27, 2011
26.	rpy.exe	47f586190428e82cceeaaa0363ceaf7f	1
Name: rpy.exe MD5: 47f586190428e82cceeaaa0363ceaf7f Size: 330.75 KB (330752 bytes) Detections: 1 Type: Executable File Path: %USERPROFILE%\Local Settings\Application Data Group: Malware file Last Updated: December 23, 2011
27.	wintask.exe	704fd093116d1af07fbc760db5e11e08	1
Name: wintask.exe MD5: 704fd093116d1af07fbc760db5e11e08 Size: 191.48 KB (191488 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES% Group: Malware file Last Updated: December 23, 2011
28.	file.exe	c09cf891d3cbf0ce358335f9d697092f	0
Name: file.exe MD5: c09cf891d3cbf0ce358335f9d697092f Size: 112.64 KB (112640 bytes) Detections: 0 Type: Executable File Path: %USERPROFILE% Group: Malware file Last Updated: January 17, 2017

More files

Directories

W32.Palevo may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\srtserv

%ALLUSERSPROFILE%\srtserv

%LOCALAPPDATA%\Chrome

%UserProfile%\Local Settings\Application Data\Chrome

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

W32.Palevo

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove W32.Palevo

File System Details

Directories

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen