W32 Jeefo problem(I think)

I will post my log here just to save time in case you ask for it.
If you think is not necessary please delete this reply.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:31:29, on 16/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Arquivos de programas\Bonjour\mDNSResponder.exe
D:\WINDOWS\System32\GEARSec.exe
D:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe
d:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe
d:\ARQUIV~1\ARQUIV~1\mcafee\mcproxy\mcproxy.exe
D:\Arquivos de programas\McAfee\MPF\MPFSrv.exe
D:\WINDOWS\Explorer.EXE
d:\ARQUIV~1\mcafee.com\agent\mcagent.exe
D:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Arquivos de programas\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
D:\Arquivos de programas\MySurvey Messenger\MySurveyMessenger.exe
D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
D:\Arquivos de programas\iPod\bin\iPodService.exe
D:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Arquivos de programas\Mozilla Firefox\firefox.exe
D:\Arquivos de programas\Internet Explorer\iexplore.exe
D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\WINDOWS\system32\dllhost.exe
D:\Arquivos de programas\SiteAdvisor\6261\SAService.exe
D:\Arquivos de programas\SiteAdvisor\6261\SiteAdv.exe
D:\Documents and Settings\Daniel\Desktop\jeefogui.com
D:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe
D:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - D:\Arquivos de programas\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Arquivos de programas\Winamp Toolbar\winamptb.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - D:\Arquivos de programas\AOL Security Toolbar\tbu8\AOL_security_toolbar.dll (file missing)
O2 - BHO: (no name) - {3773cde4-7f76-4d95-9d03-c7db868d2bf2} - D:\WINDOWS\system32\finisc.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Arquivos de programas\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Arquivos de programas\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\arquivos de programas\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\arquivos de programas\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - D:\Arquivos de programas\AOL Security Toolbar\tbu8\AOL_security_toolbar.dll (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Arquivos de programas\Winamp Toolbar\winamptb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - D:\Arquivos de programas\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RemoteControl] "D:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] D:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Lexmark_X79-55] D:\WINDOWS\system32\lsasss.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] D:\Arquivos de programas\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Arquivos de programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] D:\Arquivos de programas\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "D:\Arquivos de programas\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] D:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Arquivos de programas\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DW4] "D:\Arquivos de programas\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MySurvey Messenger.lnk = D:\Arquivos de programas\MySurvey Messenger\MySurveyMessenger.exe
O8 - Extra context menu item: &Winamp Toolbar Search - D:\Documents and Settings\All Users\Dados de aplicativos\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://D:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?6caf359066444a0e9eddf35dbe2c3701
O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://D:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?6caf359066444a0e9eddf35dbe2c3701
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Arquivos de programas\AVG\AVG8\avgpp.dll (file missing)
O20 - AppInit_DLLs:
O20 - Winlogon Notify: finisc - finisc.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - D:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - D:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - D:\Arquivos de programas\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - d:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - d:\ARQUIV~1\ARQUIV~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - D:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - D:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - D:\Arquivos de programas\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - D:\Arquivos de programas\WinPcap\rpcapd.exe (file missing)
O23 - Service: SiteAdvisor Service - Unknown owner - D:\Arquivos de programas\SiteAdvisor\6261\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 11331 bytes

#1
Dannz

Posted 15 June 2008 - 09:26 PM

Advertisements

#2
Dannz

Posted 15 June 2008 - 09:33 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us