Skip to main content
Microsoft Security Intelligence
Published Jan 27, 2010 | Updated Apr 16, 2011


Detected by Microsoft Defender Antivirus

Aliases: W32/ (McAfee) SDBot.gen8 (Norman) W32.Palevo (Symantec) P2P-Worm.Win32.Palevo (Kaspersky)


Win32/Pushbot is detection for a family of malware that spreads via MSN Messenger, Yahoo Messenger and AIM when commanded to by a remote attacker. This worm contains backdoor functionality that allows unauthorized access and control of an affected machine.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner ( For more information, see
Follow us