Solve : W32.Jeefo?

1.	Solve : W32.Jeefo?
Answer» Hi. I have finished running the ESET Scanner. When I started it I selected "Scan Archives" only. I DEselected "Remove Threats". I ran the scan on my C drive only. I have not tested the external drives that were connected when Norton issued its warning. The final screen gave this information : Scanned files : 196757 Infected files : 0 Cleaned files : 0 Total scan time : 02:20:41 Scan Status : Finished The program gave me the opportunity to "Uninstall application on close" - I agreed and consequently can't access a full log file. Do I need to run the scan again to get any extra information that this text file might have contained ? Thank you again - very much - for your help.You can download it again and scan all your drives but this time leave "Remove Threats" checked.Hi I have started the ESET Online Scan again - this time with my external drives attached. The program NEVER asked me to choose from a list of drives to examine. Will it automatically look at ALL of the drives ? Is it O.K. for me to still have Avira active?Quote Will it automatically look at ALL of the drives ? Is it O.K. for me to still have Avira active? You can select the drive you want to scan by going to Advance Settings, Under scan targets, select Change and select the drive you want to scan. Your Avira should be disabled during the scan. Don't forget to re-enable it afterwards.ESET Online Scan Log File Results : [emailprotected] as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=41c60b2222d87546a6fbc2722440c753 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2010-09-20 10:13:01 # local_time=2010-09-20 11:13:01 (+0000, GMT Daylight Time) # country="United Kingdom" # lang=1033 # osver=5.1.2600 NT Service PACK 3 # compatibility_mode=512 16777215 100 0 466316 466316 0 0 # compatibility_mode=1797 16775141 100 94 221262 57615206 82556 0 # compatibility_mode=8192 67108863 100 0 85959 85959 0 0 # scanned=1299649 # found=0 # cleaned=0 # scan_time=16890If there are no other issues, we can do some CLEANUP. * Click START then RUN - Vista users press the Windows Key and the R keys for the Run box. * Now type Combofix /uninstall in the runbox * Make sure there's a space between Combofix and /Uninstall * Then hit Enter * The above procedure will: * Delete the following: * ComboFix and its associated files and folders. * Reset the clock settings. * Hide file extensions, if required. * Hide System/Hidden files, if required. * Set a new, clean Restore Point. ***************************** Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC** will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the cleaning process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ******************************** Looking over your log it seems you don't have any evidence of a third party firewall. Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors. Remember only install ONE firewall 1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one) 2) Online Armor 3) Agnitum Outpost 4) PC Tools Firewall Plus If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO REPLACEMENT for a dedicated software solution. Remember to use only one firewall at the same time. ****************************** Use the Secunia Software Inspector to check for out of date software. •Click Start Now •Check the box next to Enable thorough system inspection. •Click Start** •Allow the scan to finish and scroll down to see if any updates are needed. •Update anything listed. . ---------- Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in SPYBOT - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing!Hi Thank you for your on-going help. I have removed ComboFix and run TFC. Do you think my computer is clear of the Virus/Trojan now? Was it a RootKit and had it blocked Avira's ability to update itself? Should I be using a software Firewall ? I was under the impression that the modem/router that my ISP provided offered sufficient shielding. Perhaps this incident shows that that is not so.There was no evidence of that infection that you referred to in your opening thread. I would say that your computer is clean. I don't wish to discuss any more about these scans because hackers and malware writers also visit these site and we don't want to give them any help with their evil exploits. As for the firewalls; I'm not sure how effective your router firewall is but a third-party would probably be better. It will annoying at first until the firewall learns your routine but after a bit you'll not even know it's there. Thank you very VERY much for all of your help.You're welcome. Resolved. I will lock this topic. If you need more help, please start a new thread or pm me to unlock this thread.

Answer»

Hi.

I have finished running the ESET Scanner.

When I started it I selected "Scan Archives" only. I DEselected "Remove Threats".

I ran the scan on my C drive only.

I have not tested the external drives that were connected when Norton
issued its warning.

The final screen gave this information :

Scanned files : 196757
Infected files : 0
Cleaned files : 0
Total scan time : 02:20:41
Scan Status : Finished

The program gave me the opportunity to "Uninstall application on close"
- I agreed and consequently can't access a full log file.

Do I need to run the scan again to get any extra information that
this text file might have contained ?

Thank you again - very much - for your help.You can download it again and scan all your drives but this time leave "Remove Threats" checked.Hi

I have started the ESET Online Scan again - this time
with my external drives attached. The program NEVER asked
me to choose from a list of drives to examine.

Will it automatically look at ALL of the drives ?

Is it O.K. for me to still have Avira active?Quote

Will it automatically look at ALL of the drives ?

Is it O.K. for me to still have Avira active?

You can select the drive you want to scan by going to Advance Settings, Under scan targets, select Change and select the drive you want to scan.
Your Avira should be disabled during the scan. Don't forget to re-enable it afterwards.ESET Online Scan Log File Results :

[emailprotected] as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=41c60b2222d87546a6fbc2722440c753
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-09-20 10:13:01
# local_time=2010-09-20 11:13:01 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service PACK 3
# compatibility_mode=512 16777215 100 0 466316 466316 0 0
# compatibility_mode=1797 16775141 100 94 221262 57615206 82556 0
# compatibility_mode=8192 67108863 100 0 85959 85959 0 0
# scanned=1299649
# found=0
# cleaned=0
# scan_time=16890If there are no other issues, we can do some CLEANUP.

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

*******************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

**********************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO REPLACEMENT for a dedicated software solution. Remember to use only one firewall at the same time.
**********************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in SPYBOT - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!Hi

Thank you for your on-going help.

I have removed ComboFix and run TFC.

Do you think my computer is clear of the Virus/Trojan now?

Was it a RootKit and had it blocked Avira's ability to update itself?

Should I be using a software Firewall ? I was under the impression that
the modem/router that my ISP provided offered sufficient shielding.

Perhaps this incident shows that that is not so.There was no evidence of that infection that you referred to in your opening thread. I would say that your computer is clean. I don't wish to discuss any more about these scans because hackers and malware writers also visit these site and we don't want to give them any help with their evil exploits. As for the firewalls; I'm not sure how effective your router firewall is but a third-party would probably be better. It will annoying at first until the firewall learns your routine but after a bit you'll not even know it's there. Thank you very VERY much for all of your help.You're welcome. Resolved. I will lock this topic. If you need more help, please start a new thread or pm me to unlock this thread.

Solve : W32.Jeefo?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment