Win32.Jeefo.A
On your page http://www.bitdefender.com/VIRUS-680-en--Win32.Jeefo.A.html you describe a potentially lethal virus and as the first symptom of its presence you say:
- Presence of the file "svchost.exe" in the Windows directory
However this is an original Microsoft file, installed when W2K is installed.
Perhaps the virus affects its behaviour, but I consider a serious mistake to alet users about the presence of this file as a symptom of being already infected.
More than one user could opt to delete this file and affect negatively the normal performance of W2K.
Please verify.
Vladimir Quintero
Comments
-
Hi Vladimir!
it's true that svchost.exe it's a very important Windows service, and it's true that under older versions of windows this file already exists in %windir%. That file is the pure virus droper, and under newer windows's it exists in %sysdir% (%windir%\\system32), but if those users would be aware that that file is infected, it would know from an AV. And the Antivirus will delete the file too, because it looks like W2K can live without it.
For an advanced user, I think he would first check to see if there is in registry at run section the key "PowerManager" or "Power Manager" which points to the virus.
Andrei0