W32/Palevo.gen.a
W32/Palevo.gen.a is a computer worm that propagates to other drives connected to the infected computer. W32/Palevo.gen.a may steal information such as usernames and passwords related to file-sharing networks or P2P programs. W32/Palevo.gen.a operates stealthily and can download and execute more malware on the compromised computer via a backdoor conduit. Use a reliable malware remover to terminate W32/Palevo.gen.a as soon as it has been detected.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\csrss.exe 2 [Removable Drive]:\aurorun.inf 3 [Removable Drive]:\SVETICEE\severinchich.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon\]HKEY..\..\..\..{RegistryKeys}"Taskman:" = "%userprofile%\csrss.exe"
Security Protection wont let me surf the net. It wont even let me open up some of my files. It keeps saying "warning: your computer is infected" .. I don't get it, infected with what? Seems to me Security Protection is not real or it is the real infection itself. Going to try your Malware Scanner. Keeping fingers crossed!