TechSpot

Please Read me this log.

By Jase123
Sep 28, 2007
  1. Hi all

    Just like someone to read me this log and see if i am infected and if anythin should be deleted.

    Thanks.

    Regards Jase

    Please someone have a look at this.
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    When posing a question, it is helpful to known::

    1. your system specs
    2. what 'symptoms' are you having.
    3. if you're getting an error message, what are you doing at the time?
     
  3. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Ive got my system specs already in my profile.

    And i just want it checked to see if anythng is harmful on my computer to bo on the safe side.

    Im currently in training for reading hjt logs.

    Regards Jase
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).

    OneStepSearch<This is of dubious repute.

    Close control panel.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O1 - Hosts: 66.98.148.65 auto.search.msn.com

    O1 - Hosts: 66.98.148.65 auto.search.msn.es

    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O23 - Service: OneStep Search Service - Unknown owner - C:\Program Files\OneStepSearch\onestep.exe (file missing)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\Program Files\OneStepSearch<Delete the entire folder.

    Reboot your system.

    Other than the above, your HJT log is clean.

    Regards Howard :)

    This thread is for the use of Jase123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Thank you. I haven't gotten in the habit of reviewing profiles because so many are blank. I see there is no operating system listed. You might want to type that in. Since Vista has come out, there has been an entire 'other' list of problems to deal with.

    If you are learning to interpret the hijackthis logs, you need to know some basic information is required. For instance, there may be something running that is specific to your system, model, OS or other that might be considered not desirable otherwise.

    I will leave the actual log review to Howard or others, but I did look at your running processes:

    1. Teleca: makes software and services to the mobile devices industry. I would question whether this needs to start up when you boot.

    2. GoogleUpdaterService.exe: I urge you to stop this! It is giving permission to Google to continually contact the internet 'looking for updates'! Stop it through msconfig. Do Regedit and stop there. How much updating does a Toolbar need?!

    3. tiwlnsvc.exe is a file without information from the maker. The program is not visible. The file is not a Windows core file. Therefore the technical security rating is 55% dangerous. It is questionable as to whether it is a necessary startup.

    4. mantispm.exe is the executable for the MailFrontier Desktop application. MailFrontier Desktop is an advanced spam filter for Outlook and Outlook Express. IF you use either of these programs, then it may need to run. If you do not, it does not need to run.

    5. epmworker.exe is obviously a part of the Sony Ericsson PC Suite along with Teleca. Whether you need it to start up and run in the background is questionable.It is known to be a large CPU consumer.

    6, SSVHelper Class BHO is a java plug-in.- a component of A Squared Anti-malware. While it is a decent program for checking your system for spyware and other threats, it apparently adds a Browser Helper Object (BHO) to IExplorer. This BHO can slow down browsing. To disable it, in your browser go to Tool/Manage Add-ons. Select SSVHelper Class and disable it. Close IE and reopen. You can re-enable it anytime you want.

    I see entries in you log for Kapersky, Pandaonlinescan and BitDefender- are you running all these programs> Rule is 1 anti-virus, 1 firewall and 2 or more spyware/adware programs.

    I don't see any malware in your log, but I am not in charge of reviewing it. Consider what I did point out though. Startup should only contain those processes necessary such as AV, firewall, possible network processes and 1 for touchpad on laptop. Usually, all others can be started when needed. Everything running the background will effect your computer performance.
     
  6. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Thanks aslot Howard mate. :D

    And Thank you Bobbye and Kaspersky and that are all online scanners i only use the one and thats Zone alarm internet security suite.

    Regards Jase :wave:

    Ive also noticed c:/windows/system32/objsafe.tlb

    This has got Adware.Roings in it. This connects to it's controlling server to retrive and display pop-up advertisements. Very anoying lol.

    Oh sorry i forgot to edit..

    Regards Jase :wave:
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That`s not good. Your system is infected with the Medload adware trojan.

    You need to follow all the instructions and post the three requested log files.

    Regards Howard :)

    This thread is for the use of Jase123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Yes i foundt it and deleted it ...

    Do you still want me post fresh Avg antispyware. and combofix.

    Regards Jase
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Unless you`re sure you`ve got rid of the infection, posting the requested log files is advisable.

    Regards Howard :)

    This thread is for the use of Jase123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Ok. Heres my combofix log.

    Regards Jase
     
  11. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

    2. Download the attached avengerscript.txt and save it to your desktop

    Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

    3. Now, start The Avenger program by double clicking on its icon on your desktop.

    Under "Script file to execute" choose "Load script from file".
    Now click on the folder icon which will open a new window titled "open Script File"
    navigate to the file you have just downloaded, click on it and press open
    Now click on the Green Light to begin execution of the script
    Answer "Yes" twice when prompted.

    4. The Avenger will automatically do the following:

    It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
    On reboot, it will briefly open a black command window on your desktop, this is normal.
    After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
    The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

    5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh Combofix and AVG Antispyware log.

    Also, run AVG Antirootkit and let me know the results.

    Regards Howard :)

    This thread is for the use of Jase123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     

    Attached Files:

  12. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Thanks Howard mate.

    Here are my fresh logs.

    Regards Jase

    Avg anti-rootkit nothing was found, and sorry i don't have avg anti-spyware i have zone alarm internet security suite.
     
  13. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    AVG Antispyware is as it`s name suggests an antispyware programme. I strongly adivse you to install and run it as per the instructions. Then, post the log file. Once we`ve finished with it, you can always uninstall it.

    Also, please let me know if you`re still having any problems.

    Regards Howard :)

    This thread is for the use of Jase123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  14. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Did the avg scan and all it foundt was tracking cookies.

    Im having no problems just wanted to be on the safe side. but i do get 2 beeps on start up this only started about two days ago... I think this could indicate something to do with memory. ALso im not on my desktop computer this is my Laptop.

    Regards Jase
     
  15. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That`s good news.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

    As for your beeping problem, take a look at this thread HERE and determine what your particular beep code is referring to.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of Jase123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  16. Jase123

    Jase123 Banned Topic Starter Posts: 1,012

    Yes i turn the system restore of when i do a scan lol.

    Thanks for all your help Howard. :D:D

    Well for the beeps its too short ones, and i did have a BSOD but i restarted and it aint showed again yet.

    Regards Jase :wave: :wave:
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...