Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast!...


  • Please log in to reply
2 replies to this topic

#1 MatreX

MatreX

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 08 October 2005 - 11:11 PM

Small Problem... Well look below...

10/8/2005 6:57:28 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\AOL\AOL Spyware Protection\Update\aspupdate_us.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.EXE" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\AOL\System Information\sinf.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\aolback.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\Comps\acs\AcsSetup.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\Comps\asp\aspsetup.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\Comps\coach\aolcinst.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\Comps\deskbar\deskbr.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\Comps\flash\FlashAX.exe" file.  
10/8/2005 6:57:29 PM	SYSTEM	1516	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Common Files\aolback\Comps\fw\nisale.exe" file.  
10/8/2005 7:02:02 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\Age of Empires II\DPLAY61A.EXE" file.  
10/8/2005 7:03:10 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\Program Files\Windows Media Connect\mswmc.exe" file.  
10/8/2005 7:03:11 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\Age of Empires II\empires2.EXE" file.  
10/8/2005 7:03:15 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R38736\2.3.7.2k\DllMapi6.exe" file.  
10/8/2005 7:03:16 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R38736\2.3.7.2k\DllMapi7.exe" file.  
10/8/2005 7:03:17 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\ESN\Q312370_WXP_SP1_x86_ESN.exe" file.  
10/8/2005 7:03:19 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\FIN\Q312370_WXP_SP1_x86_FIN.exe" file.  
10/8/2005 7:03:21 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\FRA\Q312370_WXP_SP1_x86_FRA.exe" file.  
10/8/2005 7:03:55 PM	MatreX	2404	Sign of "Win32:Jeefo" has been found in "c:\windows\svchost.exe" file.  
10/8/2005 7:04:07 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\HEB\Q312370_WXP_SP1_x86_HEB.exe" file.  
10/8/2005 7:04:10 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\HUN\Q312370_WXP_SP1_x86_HUN.exe" file.  
10/8/2005 7:04:13 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\ITA\Q312370_WXP_SP1_x86_ITA.exe" file.  
10/8/2005 7:04:15 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\JPN\Q312370_WXP_SP1_x86_JPN.exe" file.  
10/8/2005 7:04:16 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\KOR\Q312370_WXP_SP1_x86_KOR.exe" file.  
10/8/2005 7:04:18 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\NLD\Q312370_WXP_SP1_x86_NLD.exe" file.  
10/8/2005 7:04:18 PM	MatreX	2404	Sign of "Win32:Jeefo" has been found in "c:\windows\svchost.exe" file.  
10/8/2005 7:04:20 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\NOR\Q312370_WXP_SP1_x86_NOR.exe" file.  
10/8/2005 7:04:21 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\PLK\Q312370_WXP_SP1_x86_PLK.exe" file.  
10/8/2005 7:04:23 PM	MatreX	2404	Sign of "Win32:Jeefo" has been found in "c:\program files\windows media connect\mswmccds.exe" file.  
10/8/2005 7:04:23 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\PTB\Q312370_WXP_SP1_x86_PTB.exe" file.  
10/8/2005 7:04:25 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\PTG\Q312370_WXP_SP1_x86_PTG.exe" file.  
10/8/2005 7:08:05 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\RUS\Q312370_WXP_SP1_x86_RUS.exe" file.  
10/8/2005 7:08:07 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\SVE\Q312370_WXP_SP1_x86_SVE.exe" file.  
10/8/2005 7:08:08 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R42697\QFE\TRK\Q312370_WXP_SP1_x86_TRK.exe" file.  
10/8/2005 7:08:48 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R44838\mmkey.exe" file.  
10/8/2005 7:08:56 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R44838\setup.exe" file.  
10/8/2005 7:08:59 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\CDSTART.EXE" file.  
10/8/2005 7:09:02 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\SETUP.EXE" file.  
10/8/2005 7:09:06 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\MANUAL\ACROBAT\AR505ENU.EXE" file.  
10/8/2005 7:09:49 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\SUPPORT\NAVTOOLS\REPAIR\FIXBADTR.EXE" file.  
10/8/2005 7:09:49 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\SUPPORT\NAVTOOLS\REPAIR\FIXBUDDY.EXE" file.  
10/8/2005 7:09:49 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\SUPPORT\NAVTOOLS\REPAIR\FIXCRED.EXE" file.  
10/8/2005 7:09:49 PM	SYSTEM	1532	Sign of "Win32:Jeefo" has been found in "C:\DELL\drivers\R50526\SUPPORT\NAVTOOLS\REPAIR\FIXFRETH.EXE" file.  
10/8/2005 11:56:15 PM	SYSTEM	1432	Sign of "Win32:Jeefo" has been found in "C:\WINDOWS\SVCHOST.EXE" file.  


all of these poped up right after i started avast for the first time.... the problem is that as you can see these files are from drivers and a game "Age Of Empires" and one in svchost.exe file.... all these are infected with one malware, Win32:Jeefo...

shoukld i delete these or is this some bug with avast?

Edited by MatreX, 08 October 2005 - 11:12 PM.

Current Sig:
Posted Image

BC AdBot (Login to Remove)

 


m

#2 yano

yano

    I can see what you post!


  • Members
  • 6,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:40 PM

Posted 09 October 2005 - 05:19 AM

If your running Windows 200 and up:
If you hit Ctrl + Alt + Del do you see a "Power Manager" process?

Also check your registry for this: HKLM\System\CurrentControlSet\Services\PowerManager\ImagePath

To check registry click Start > Run > Type in "regedt32"
Then naviaget to the folder where "ImagePath" might be. If both of these are a no, then i wouldn't worry about it.

I wouldn't have avast delete these files, especially the svchost.exe because its required to boot windows. You'll need to disinfect it.

#3 MatreX

MatreX
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:02:40 PM

Posted 14 October 2005 - 06:40 PM

I am on Windows XP Home
Current Sig:
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users