W32/Jeefo, Win32:Jeefo, Win32/HLLP.Jeefo, Win32.HLLP.Jeefo.36352, Win32.Hidrag
Win32/Hidrag.A, Win32.Jeefo.A, Virus.Win32.Hidrag.a, Virus.Win32.Hidrag , PE_JEEFO.A
Category: Computer Virus
30 Apr 2003
The malware W32.Jeefo is parasitic and memory resident Win32 virus. This virus can infect Win32 PE executable files. It is capable of encrypting a block of target files while infecting. The virus will then stay in the Windows memory as a running process and look for executable files starting with drive C:\ and then infect them. This virus’ infection is quite hard to detect since infected machines may not show signs of typical virus infections at all.
W32.Jeefo Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer virus removal tool to automatically clean W32.Jeefo from your computer.
More details about W32.Jeefo
Upon successfully infecting an executable file in the compromised machine, the W32.Jeefo malware will create another exe file. On operating systems based on Windows 9x, the virus will create a registry entry that will permit it to execute every time that Windows starts up. On the other hand, on systems running on Windows XP, 2000 or NT, the virus will install itself as a fake Windows service with the name ‘Power Manager’, the description ‘Manages the power save features of the computer’, the startup type ‘Automatic’ and the Log On As ‘LocalSystem’. When the virus becomes memory resident, it will occasionally search the machine for PE files that it can infect.
As a parasitic virus, the W32.Jeefo can modify the infected file’s code while the file will remain completely or to some extent functional. Parasitic viruses can either be appending, prepending or inserting. Prepending viruses write their code to the beginning of the target file, prepending viruses, to the end of the target file and inserting viruses, in the middle of the target file. The infection of the W32.Jeefo can be removed best with the aid of a reliable antivirus program since it is fairly hard to detect. Make sure that your antivirus program’s virus definitions are updated or update the definitions by yourself before scanning the system for traces of the virus infection.