Malware: Palevo
Problem description
A Windows computer in your network is likely infected with the Palevo malware. Palevo is a very common type of malware that affects only Windows systems. It belongs to a category of malware called worms, which usually copy themselves automatically onto your computer from a removable drive or USB stick, from network drives, through email attachments, filesharing services or links received through instant messaging chat applications. The infection most often happens through a Windows feature called "autorun", in which a program is automatically executed when you plug in a USB memory stick or a removable drive. The worm infects your machine through this automatic execution mechanism. Another very common way to infect your machine is if you click a link in an email or chat message you receive from someone whose computer has also been infected by this malware.
After your computer has been infected, this family of malware can be used to perform many kinds of bad actions, such as using your computer to make denial-of-service attacks against other victims in the Internet, to steal your sensitive personal or financial data, or perform computing tasks such as mining cryptocurrency or cracking passwords. The malware is also trying to spread to other computers in your network and elsewhere in the Internet. It may try to send emails or chat messages to your friends or other people in your address book, and get those people to click the link that causes an infection.
Your infected PC is sending out messages to the Internet that indicate that it is likely infected with this malware. Our research partner Fitsec has detected these messages and have identified that the IP address that you are following is potentially infected, or the potentially infected host is in a network behind this IP address.
Suggestions for repair
First of all you need to identify the computer in your network which is likely infected by this type of malware. Please read our instructions on locating vulnerable devices.
You should then use an antivirus tool to scan and disinfect your Windows computer. Microsoft Windows Defender application should be able to detect and remove this malware. Other common antivirus software from vendors such as F-Secure, Symantec, AVG, MacAfee or Sophos can also find and remove it. Microsoft has published these instructions how to use Windows Defender to fix your computer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Worm%3AWin32%2FPalevo. You can also consider reinstalling your computer with a fresh Windows installation to make sure you get rid of the malware infection.