My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Win32.Jacksud.A

MEDIUM
VERY LOW
14516
(Email-Worm.Win32.Warezov.om, Win32/Cekar.C, Trojan.Downloader.Agent.NUY)

Symptoms

- Presence of hidden file named i0.sys in root of the disk C:
-
Growing size of executables by 14516 bytes
- Increased internet traffic








Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Suiu Andrei, virus researcher

Technical Description:

Once executed, the virus tries to download and execute a file from http://www.KILLVC.net/[removed].exe, which is a  file infector that infects other executables with the Win32.Jacksud.A virus. Also it drops a .dll file onto the root directory of disk C:\. This file, called i0.sys  is detected as Win32.Worm.Fujacks.AR, and it is loaded into memory and executed by the file infector itself.