# Malware: Pushdo

# Problem description

A Windows computer in your network is likely infected with the Pushdo malware (also known with the name Pandex). Pushdo is a very common type of malware that affects only Windows systems. It belongs to a category of malware called trojans, which usually infect your machine when you open a link or an attachment in an email or in an instant messaging chat.

After your computer has been infected, this family of malware allows an attacker to remotely connect to your computer, eavesdrop on everything you see and type on your computer, steal your personal and financial data, delete your files, or use your computer for other malicious purposes.

Your infected PC is sending out messages to the Internet that indicate that it is likely infected with this malware. Our research partner Fitsec has detected these messages and have identified that the IP address that you are following is potentially infected, or the potentially infected host is in a network behind this IP address.

# Suggestions for repair

First of all you need to identify the computer in your network which is likely infected by this type of malware. Please read our instructions on locating vulnerable devices.

You should then use an antivirus tool to scan and disinfect your Windows computer. Microsoft Windows Defender application should be able to detect and remove this malware. Other common antivirus software from vendors such as F-Secure, Symantec, AVG, MacAfee or Sophos can also find and remove it. Microsoft has published these instructions how to detect this type or malware and fix your computer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor%3AWin32%2FPushdo.A (opens new window). You can also consider reinstalling your computer with a fresh Windows installation to make sure you get rid of the malware infection.