# Malware: Jadtre

# Problem description

A Windows computer in your network is likely infected with the Jadtre malware. Jadtre is a very common type of virus that affects only Windows systems. It usually copies itself automatically onto your computer from a removable drive or USB stick, from network drives, or when you execute an EXE program file which is infected with this worm. The infection most often happens through a Windows feature called "autorun", in which a program is automatically executed when you plug in a USB memory stick or a removable drive. The virus infects your machine through this automatic execution mechanism.

After your computer has been infected, this family of malware can be used to perform many kinds of bad actions, such as using your computer to make denial-of-service attacks against other victims in the Internet, to steal your sensitive personal or financial data, or perform computing tasks such as mining cryptocurrency or cracking passwords. The malware is also trying to spread to other computers in your network and elsewhere in the Internet. It usually tries to copy itself to executable files on your computer, to any removable drives or USB sticks you attach to your computer, or to any shared network drives that are reachable from your machine and that are not protected with strong passwords.

Your infected PC is sending out messages to the Internet that indicate that it is likely infected with this malware. Our research partner Fitsec has detected these messages and have identified that the IP address that you are following is potentially infected, or the potentially infected host is in a network behind this IP address.

# Suggestions for repair

First of all you need to identify the computer in your network which is likely infected by this type of malware. Please read our instructions on locating vulnerable devices.

You should then use an antivirus tool to scan and disinfect your Windows computer. Microsoft Windows Defender application should be able to detect and remove this malware. Other common antivirus software from vendors such as F-Secure, Symantec, AVG, MacAfee or Sophos can also find and remove it. Microsoft has published these instructions how to find this malware and fix your computer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Virus:Win32/Jadtre.A (opens new window). You can also consider reinstalling your computer with a fresh Windows installation to make sure you get rid of the malware infection.