any suggestions apart from anti-virus? it wont help me...
2006-06-21 01:54:03 · 6 answers · asked by ██████████ 3 in Computers & Internet ➔ Security
W32.Jeefo is a Windows Portable Executable (PE) file infector. Files infected by W32.Jeefo increase in size by 36,352 bytes.
W32.Jeefo detection is provided both for the W32.Jeefo stand-alone, first-generation executable and for a host application, which is infected with W32.Jeefo.
W32.Jeefo infects the host application in three steps. The virus:
Imports the host's resources.
Encrypts data that represents the host application with the stripped resources.
Appends this particular data to the newly constructed executable.
If W32.Jeefo detects that it is an infected host application, it will do the following:
Reconstruct the first-generation W32.Jeefo executable.
Drop it as Svchost.exe (36,352 bytes) into the %Windir% folder.
Then, the dropped file will be run with the program parameter that specifies an infected application, which has dropped and run Svchost.exe.
It will quit.
When svchost.exe (the first-generation W32.Jeefo executable) runs, it checks whether the program parameter specifies an infected application. If it detects that another application dropped and ran it, and that the application contains the following infection marker at a fixed file offset:it will perform the following actions:
Waits until the infected host quits so that its file is unlocked.
Reconstructs the original host by detaching appended data, decoding it, and moving the resources back to it.
Runs the reconstructed executable that does not contain W32.Jeefo code.
In other words, when an application infected with W32.Jeefo is executed, the dropped W32.Jeefo first-generation program repairs it.
If the operating system is Windows 95/98/Me, the first-generation W32.Jeefo performs the following actions:
Registers itself as a service process to hide itself from the task list.
Creates the value:
"PowerManager"="%windir%\svchost.exe"
in the registry key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
RunServices
so that the virus starts when you start or restart Windows 95/98/Me.
NOTE: %Windir% is a variable. W32.Jeefo locates the Windows main installation folder (by default this is C:\Windows or C:\Winnt) and uses it as a destination folder.
If the operating system is Windows NT/2000/XP, the first-generation W32.Jeefo performs the following actions:
Installs itself as the service, "Power Manager". The description of this service is "Manages the power save features of the computer."
Creates the PowerManagerMutant mutex. This mutex allows only one instance of the virus to execute in memory.
Finally, W32.Jeefo initiates the infection routine that will enumerate and infect the Windows PE files.
NOTE: The first generation W32.Jeefo (36,352 bytes) will grow in size by the amount of resources imported from the host application.
As the host application is appended with its resources stripped, the W32.Jeefo infection increases the file size of the host by 36,352 bytes.
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows Me/XP).
Update the virus definitions.
Restart the computer in Safe mode or VGA mode.
Run a full system scan and delete all the files detected as W32.Jeefo.
Delete the value that was added to the registry (Windows 95/98/Me).
2006-06-21 02:05:01 · answer #1 · answered by satnlaces 2 · 0⤊ 0⤋
2
2016-08-24 01:37:05 · answer #2 · answered by Renee 3 · 0⤊ 0⤋
When you get right down to it, No, Especially free ones. Free ones are full of security holes. Pay for your AV, You will be better off in the long run. No antivirus program will give you a virus. That's a absurd myth that's been floating around the internet for years. Like a lot of other things. Like free AV's are as good as paid. absurd myth. But in the mean time why not try a online scan. I'm not to thrilled with trend micro but you can give it a shot. Or you can get a AV that really works like Kaspersky. Then you will not have to worry about bugs and viruses. I haven't in 2 years.
2016-05-20 08:26:38 · answer #3 · answered by Anonymous · 0⤊ 0⤋
Follow these suggestions from Symantec, it should take care of it.
http://securityresponse.symantec.com/avcenter/venc/data/w32.jeefo.html
2006-06-21 02:11:18 · answer #4 · answered by jimragan 3 · 0⤊ 0⤋
Norton antivirus.
2006-06-21 01:57:26 · answer #5 · answered by Anry 7 · 0⤊ 0⤋
get AVG.or just update your antivirus...Try system restore.
2006-06-21 02:01:57 · answer #6 · answered by Martin S 1 · 0⤊ 0⤋