Home > I Think > I Think I Have W32/jeefo

I Think I Have W32/jeefo

Would System restore work? or am I stuck with it forever? Slammy Back to top #5 Jintan Jintan Malware Response Team 531 posts OFFLINE Local time:11:01 PM Posted 14 May 2007 - 09:38 PM Nothing much more in that, as far Sign In Use Facebook Use Twitter Use Windows Live Register now!

I found some posts about W32 Jeefo around in this forum, but I saw that you had to post a log, and I think that is based on the person's computer, C:\Documents and Settings\All Users\Application Data\ibnm.exe moved successfully. Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Follow the instructions that pop up for posting the results. https://www.bleepingcomputer.com/forums/t/91573/i-think-i-have-w32jeefo/

The after-scan is attached. ========== OTL ========== C:\Documents and Settings\All Users\Application Data\fx3fhl5pp1033f564gedrb4n157m7048ko4c1r8w764 moved successfully. Bleeping Computer is being sued by EnigmaSoft. some of my important files are infected with win32 JEEFO virus...I really need this files and Im looking for a way to remove this virus...help please ! Rail __________________ Platinum Samples www.platinumsamples.com Engineered Drums for BFD Rail Jon Rogut View Public Profile Send a private message to Rail Jon Rogut Visit Rail Jon Rogut's homepage!

Remember, amateurs built the ark. Oviously I cant erase these files, and the Anti-virus programs cant remove the virus from the files. Please join our friendly community by clicking the button below - it only takes a few seconds and is totally free. You'll be able to ask any tech support questions, or chat with the community and help others.

If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box. In the next couple of hours I experienced difficulties accessing some programs in my computer, such as trying to access a game(The screen would freeze, making me start my computer). Sorry for the delay! https://www.symantec.com/security_response/detected_writeup.jsp?name=W32.Jeefo Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go - Register now for FREE Geeks To Go is a helpful hub, where Find all posts by Rail Jon Rogut #8 01-09-2005, 07:50 PM Joz Member Join Date: Oct 2001 Location: Los Angeles CA. Find all posts by Joz #7 01-09-2005, 07:41 PM Rail Jon Rogut Member Join Date: Jan 1970 Location: Los Angeles, CA, USA Posts: 14,490 Re: how to get

Thanks! After many hours of frustration because AVS would not find any virus(Safe mode) and I could not install any other free anti-virus because in order to install a new one I Your name or email address: Do you already have an account? Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List

C:\Documents and Settings\Admin\Local Settings\Application Data\nnlr.exe moved successfully. Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-3 42184] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-1 22712] S0 hibr;hibr;c:\windows\system32\drivers\kwegl.sys --> c:\windows\system32\drivers\kwegl.sys [?] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\googleupdate.exe /svc --> c:\program files\google\update\GoogleUpdate.exe [?] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-1 366640] Is there a way ti "fix" windows files? FOR NORTON USERS If you are a Norton product user, we recommend you try the following resources to remove this risk.

BLEEPINGCOMPUTER NEEDS YOUR HELP! OTL.Txt and Extras.Txt. Here is the "fix" log. Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}.============== Running Processes ===============.C:\WINDOWS\system32\svchost.exe -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Program Files\AVAST Software\Avast\avastUI.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Mozilla Firefox\plugin-container.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://yahoo.com/uInternet

http://tinyurl.com/4yujmff Da Beast! Find all posts by Joz #9 01-09-2005, 08:13 PM Joz Member Join Date: Oct 2001 Location: Los Angeles CA. Posts: 744 Re: how to get rid of this virus W32.jeefo Yeah, nothing worked Im gonna have to do the system clean up thingie again but this time I'm gonna have

Ad eundum quo no duck ante iit Back to top #3 Slammy Slammy Topic Starter Members 14 posts OFFLINE Local time:11:01 PM Posted 14 May 2007 - 06:50 PM Hello

Inc."]{85D1F590-48F4-11D9-9669-0800200C9A66}\"MenuText" = "Uninstall BitDefender Online Scanner v8""Exec" = "%windir%\bdoscandel.exe" [null data]{92780B25-18CC-41C8-B9BE-3C9C571A8263}\"ButtonText" = "Research"{FB5F1910-F110-11D2-BB9E-00C04F795683}\"ButtonText" = "Messenger""MenuText" = "Windows Messenger""Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]Miscellaneous IE Hijack Points------------------------------HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\<> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "*b" (unwritable string) With the higher CPU issue, as it has been an issue on other systems do you happen to have Windows Auto update enabled at this time? FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\mops82o7.default\ FF - prefs.js: browser.startup.homepage - yahoo.com FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: http://www.microsoft.com/security/protect/ -------------------------------------------------------------------------------------- "Anthony" <> wrote in message: news:864901c3e906$a41dae30$... | I think I've got it how do I get rid of it HELP!

Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log Antivirus;avast! Operating system updates to fix vulnerabilities File sharing protection Disable Autorun (CD/USB) Best practices for instant messaging Best practices for browsing the Web Best practices for email FOR ENTERPRISE USERS If Free Trials All product trials in one place.

http://tinyurl.com/3sapr2b i5 3570K 4.6GHz http://snipurl.com/26r3cot Win7-8 Pro 64bit Write a Reply >> Topic Tools RSS Updates Atom RSS 2.0 RSS 1.0 RSS 0.9 Related Articles Inc."]HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Research"Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]Extensions (Tools menu items, main toolbar menu buttons)HKLM\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\"MenuText" = "Sun Java Console""CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01" \InProcServer32\(Default) = Attached Files OTL.Txt 94.74KB 9 downloads Extras.Txt 37.69KB 4 downloads Edited by luizgot, 20 August 2011 - 06:25 AM. Free Tools Try out tools for use at home.

Hello and welcome to PC Review. Infected by W32/Jeefo or PE_JEEFO.A Virus Started by luizgot , Aug 10 2011 04:28 PM Page 1 of 2 1 2 Next This topic is locked 16 replies to this topic More About Us... Just click the sign up button to choose a username and then you can ask your own questions on the forum.

A Blah blah.With a blah blah! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll In the same day my free anti-virus(Active Virus Shield) became unavailable and stopped protecting my computer.