We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Virus:Win32/Jadtre.E
Aliases: Win32/Wapomi.A (CA) Trojan.Starter.1410 (Dr.Web) Virus.Win32.Jadtre (Ikarus) Trojan-Downloader.Win32.Agent.dryb (Kaspersky) W32/Fujacks.be (McAfee) W32/Pikorms.G (Norman) W32/Bototer.B (Panda) Win32.Cmt.b (Rising AV) Mal/EncPk-ND (Sophos) W32/Wapomi!inf (Symantec) PE_DOWN.A (Trend Micro)
Summary
Recovering from recurring infections on a network
-
Ensure that an antivirus product is installed on ALL computers connected to the network that can access or host shares.
-
Ensure that all available network shares are scanned with an up-to-date antivirus product.
-
Restrict permissions as appropriate for network shares on your network. For more information on simple access control, please see: http://technet.microsoft.com/library/bb456977.aspx.
-
Remove any unnecessary network shares or mapped drives.
Additional remediation instructions for this threat
- Correctly disabling Autorun in Windows: http://support.microsoft.com/kb/953252
- Recreating a clean HOSTS file: http://support.microsoft.com/kb/972034
- For other support and help related articles, go to:
- Windows 7: http://support.microsoft.com/gp/windows7
- Windows Vista: http://support.microsoft.com/ph/11732
- Windows XP: http://support.microsoft.com/ph/1173
- Microsoft Security TechNet Center: http://technet.microsoft.com/security/default.aspx