Can someone check my log?
- Thread starter adu123
- Start date
- Status
Bobbye
Posts: 16,313 +36
Did I miss it? I don't see any anti-virus program or a firewall listed.
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TXPlatform.exe
C:\PROGRA~1\TENCENT\SSPlus\Stup.exe
Tencent is China's largest and most used Internet service portal.>>this alone gives you the potential for malware as the Asian backbone is the most active dispensers of malware:
1. QQ.exe is Tencent QQ adware. Dangerous qq.exe - Dangerous
Read more: http://www3.ca.com/securityadvisor/pest/...
Kill the process QQ.exe and remove QQ.exe from Windows startup
2. Command: C:\PROGRA~1\TENCENT\Adplus\stup.exe
Description: Identified by Kaspersky Antivirus as a variant of the Trojan-PSW.Win32.QQRob.le malware.
File Location: C:\Program Files\TENCENT\Adplus\stup.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TXPlatform.exe
C:\PROGRA~1\TENCENT\SSPlus\Stup.exe
Tencent is China's largest and most used Internet service portal.>>this alone gives you the potential for malware as the Asian backbone is the most active dispensers of malware:
1. QQ.exe is Tencent QQ adware. Dangerous qq.exe - Dangerous
Read more: http://www3.ca.com/securityadvisor/pest/...
Kill the process QQ.exe and remove QQ.exe from Windows startup
2. Command: C:\PROGRA~1\TENCENT\Adplus\stup.exe
Description: Identified by Kaspersky Antivirus as a variant of the Trojan-PSW.Win32.QQRob.le malware.
File Location: C:\Program Files\TENCENT\Adplus\stup.exe
adu123
Posts: 278 +0
I only have Window Firewall(is it enough?), and I don't have any anti-virus because I think anti-spyware is more necessary since spywares are more common in the today's Internet world. I personally think that QQ is safe to use since I've used it for quite a long time don't have any obvious problems. So other than that, is there anything else abnormal? Thank you for your advice.
Blind Dragon
Posts: 3,774 +4
Yea your computer is fine other than the malicious backdoor trojan with keylogger capabilities
http://www.threatexpert.com/report.aspx?uid=e9a5961e-40d8-4819-85f3-5228de53666b
http://www.threatexpert.com/report.aspx?uid=e9a5961e-40d8-4819-85f3-5228de53666b
Bobbye
Posts: 16,313 +36
No, Windows Firewall is not enough. No, anti-spyware is not enough. You need a current, configured, updated anti-virus program running all the time. You need a firewall. You need at least two spyware/adware programs.
You are flirting with disaster, especially with the Ripe backbone on your system You are as sitting duck for malware. It's useless to clean you up if you're not going to run the proper security programs, which should be updated and scanned with regularly.,.
"I personally think that QQ is safe to use since I've used it for quite a long time don't have any obvious problems." hard to understand since here you are, asking to have your log reviewed! Your computer is not clean!
You are flirting with disaster, especially with the Ripe backbone on your system You are as sitting duck for malware. It's useless to clean you up if you're not going to run the proper security programs, which should be updated and scanned with regularly.,.
"I personally think that QQ is safe to use since I've used it for quite a long time don't have any obvious problems." hard to understand since here you are, asking to have your log reviewed! Your computer is not clean!
adu123
Posts: 278 +0
Bobbye, the link you gave me doesn't mention anything bad about QQ, can you be more specific about it?
Ok, I admited I am wrong about not needing any anti-virus program, and I will download one as soon as possible. Which anti-virus/firewall should I download? By the way, what's the difference between the Window FireWall and the FireWall I download from other sources? Thank you
Blind Dragon
Posts: 3,774 +4
Use a Firewall - It is very important that you use a Firewall on your computer. If you use the Windows Firewall you might think that's enough but it only controls inbound traffic. Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most commonly used:
Comodo
Zonealarm
Read the link that i put in my last post
scroll down to possible security risk
Comodo
Zonealarm
Read the link that i put in my last post
scroll down to possible security risk
LookinAround
Posts: 6,429 +186
adu123:
With all due respect, you've been regularly reporting infections and problems with your computers since Aug, 2007. You should seriously consider all the recommendations to not just clean your current problem but what protection you need to keep future infections out PLUS what you might be doing to be getting re-infected constantly. (e.g. sites you're visiting, software from unknown/untrusted sources you're installing, etc.)
With all due respect, you've been regularly reporting infections and problems with your computers since Aug, 2007. You should seriously consider all the recommendations to not just clean your current problem but what protection you need to keep future infections out PLUS what you might be doing to be getting re-infected constantly. (e.g. sites you're visiting, software from unknown/untrusted sources you're installing, etc.)
kritius
Posts: 2,077 +0
Totally agree with LookinAround, he has been told on many occasions to get an antivirus program and he has regularly ignored it.
When we are experiencing as may logs as we are currently to post a log simply to have one of us look over takes time away from people with genuine problems.
Please do not post another log until you have a genuine problem, and if that happens have a decent antivirus product on your system.
When we are experiencing as may logs as we are currently to post a log simply to have one of us look over takes time away from people with genuine problems.
Please do not post another log until you have a genuine problem, and if that happens have a decent antivirus product on your system.
Bobbye
Posts: 16,313 +36
I agree with both of you LookinAround and kritius. Although I don't do the log reviews for the malware cleaning program, I frequently look at them and usually it's not difficult to spot the offenders.
For someone to remain careless on the internet, ignore what is suggested- strongly- and then throw out those logs for someone to help clean them up is an offense, in my opinion. Just looking at the threads in the Security board makes one wonder how secure some of these systems are!
For someone to remain careless on the internet, ignore what is suggested- strongly- and then throw out those logs for someone to help clean them up is an offense, in my opinion. Just looking at the threads in the Security board makes one wonder how secure some of these systems are!
adu123
Posts: 278 +0
LookinAround, thanks for the complement, from now on, I will be more aware of what site I visited, files I download,etc. To lower the risk of being infected again
Once again, I apologize for what I said about not needing anti-virus program before, I've download and install Avast anti-virus and Zonealarm Firewall, and now I have two Firewall running on my computer, I know two Firewalls running at the same time can conflict with each other, right? So Should I un-install the Window Firewall? but I don't think it allows you to do that. Thank you
Bobbye
Posts: 16,313 +36
You made a good decision. Be sure to keep the antivirus updated and scan with it regularly. The ZoneAlarm is the better firewall as it listens to both incoming and outgoing ports. The Windows Firewall only listens to incoming.
Control Panel> Security Center> Windows Firewall> check OFF> Apply> OK.
This would be the best for your system. Please remember the dangers of continuing to use the Tencent portal. You are a great risk with that on your system,
Control Panel> Security Center> Windows Firewall> check OFF> Apply> OK.
This would be the best for your system. Please remember the dangers of continuing to use the Tencent portal. You are a great risk with that on your system,
LookinAround
Posts: 6,429 +186
I don’t think that QQ in and of itself is the problem. Rather, QQ has become so widely popular that it has become the target of some seriously bad malware. Here are just a couple examples:
If anything, it means a QQ user must be overly cautious as well pro-active in looking out for infections. This means making sure you are diligent in running an effective set of anti-malware products and being careful to keep all of them up-to-date. (Note: that’s still no guarantee of avoiding infections)
It also means you understand (and avoid) the danger in accepting/installing “free” software you find somewhere on the internet. “Free” stuff you find online from unknown sources and untrusted sites make things “free” to lure you into downloading the software they offer (and end up with infections you don’t realize come with it!). Just a few of many examples
All of this also means you should invest in a good backup/recovery program to assure you can always recover from the worst case scenario by having backups available. (My own personal favorite for a PC user is Acronis True Image Home
Blind Dragon
Posts: 3,774 +4
Just for the hell of it... try these 2 scans... I would venture one of them picks it up as a trojan
Malwarebytes' Anti-Malware
Download\install 'SuperAntiSpyware Home Edition Free Version' from HERE
Scan with SuperAntiSpyware
Malwarebytes' Anti-Malware
- Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to
- Update Malwarebytes' Anti-Malware
- and Launch Malwarebytes' Anti-Malware
- then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
- When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Download\install 'SuperAntiSpyware Home Edition Free Version' from HERE
- Launch SuperAntiSpyware and click on 'Check for updates'.
- Once the updates have been installed,exit SuperAntiSpyware.
Scan with SuperAntiSpyware
- Start SuperAntiSpyware.
- On the main screen click on 'Scan your computer'.
- Check: 'Perform Complete Scan then Click 'Next' to start the scan.
- Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
- Make sure everything found has a checkmark next to it,then press 'Next'.
- Click on 'Finish' when you've done.
It's possible that the program will ask you to reboot in order to delete some files.
Obtain the SuperAntiSpyware log as follows:
Click on 'Preferences'.
Click on the 'Statistics/Logs' tab.
Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
It will then open in your default text editor,such as Notepad.
Attach the notepad file here on your next reply
LookinAround
Posts: 6,429 +186
Blind Dragon:
1. Picks what up as a trojan? From what i've seen QQ itself is not a problem. Note the two articles i just posted talk about malware which targets QQ but neither claims QQ itself is a problem.
2. I also happened to be in another thread with adu123 where the question about QQ was also raised. I can only refer you to the posts (starting #10) in that thread
__________________
1. Picks what up as a trojan? From what i've seen QQ itself is not a problem. Note the two articles i just posted talk about malware which targets QQ but neither claims QQ itself is a problem.
2. I also happened to be in another thread with adu123 where the question about QQ was also raised. I can only refer you to the posts (starting #10) in that thread
__________________
Blind Dragon
Posts: 3,774 +4
I guess I am wrong here, its only normally bad when installed to the system folder. Which makes sense that most malware name themselves after legit programs.
to be sure, I would upload it to virus total
Upload a File to Virustotal
Please visit Virustotal found HERE
to be sure, I would upload it to virus total
Upload a File to Virustotal
Please visit Virustotal found HERE
- Click the Browse... button
- Navigate to the file C:\Program Files\Tencent\QQ\QQ.exe
- Click the Open button
- Click the Send button
- Copy and paste the results back here please.
Bobbye
Posts: 16,313 +36
Just by virtue of this fact "Tencent is China's largest and most used Internet service portal.>>this alone gives you the potential for malware as the Asian backbone is the most active dispensers of malware" means that running this puts you at a greater risk.
I can tell you for an absolute fact from studying firewall logs and identifying the IPs that the greatest number of attempts to access come from this backbone! That is not indisputable. And there is no recourse to reporting abuse because in almost all cases, the mail is returned as 'mailbox full, can't receive mail until emptied.'
I can tell you for an absolute fact from studying firewall logs and identifying the IPs that the greatest number of attempts to access come from this backbone! That is not indisputable. And there is no recourse to reporting abuse because in almost all cases, the mail is returned as 'mailbox full, can't receive mail until emptied.'
kritius
Posts: 2,077 +0
GET SOME ANTIVIRUS
download ONE of the following antivirus programs and install it.
Once installed, Update it, run full system scan with it and allow it to fix up what it wants.
Reboot if it fixed anything.
You should get a firewall as well, either, these firewalls are all free,
download ONE of the following antivirus programs and install it.
Once installed, Update it, run full system scan with it and allow it to fix up what it wants.
Reboot if it fixed anything.
You should get a firewall as well, either, these firewalls are all free,
adu123
Posts: 278 +0
unfortunately, I can't upload it to Virustotal because the file is too LARGE, as for the SuperAntiSpyware scan, I will do that later.
I've scanned my computer with Avast anti-virus and it found two infection: Win32:Neptunia-DH[Trj], Win32:Trojan-gen {VC}, both classified as Trojan horse. The infected files are: qq2007kb.exe, you probably guess:dead: The reason I choose to keep QQ is because that's the only way I can contact my old friends with(in China!). Can any experts help me to get rid of these malwares without having me to uninstall QQ completely? Thank you
Bobbye
Posts: 16,313 +36
Repeating: Uninstall!
1. QQ.exe is Tencent QQ adware. Dangerous qq.exe - Dangerous
Read more: http://www3.ca.com/securityadvisor/pest/...
Kill the process QQ.exe and remove QQ.exe from Windows startup
2. Command: C:\PROGRA~1\TENCENT\Adplus\stup.exe
Description: Identified by Kaspersky Antivirus as a variant of the Trojan-PSW.Win32.QQRob.le malware.
File Location: C:\Program Files\TENCENT\Adplus\stup.exe
1. QQ.exe is Tencent QQ adware. Dangerous qq.exe - Dangerous
Read more: http://www3.ca.com/securityadvisor/pest/...
Kill the process QQ.exe and remove QQ.exe from Windows startup
2. Command: C:\PROGRA~1\TENCENT\Adplus\stup.exe
Description: Identified by Kaspersky Antivirus as a variant of the Trojan-PSW.Win32.QQRob.le malware.
File Location: C:\Program Files\TENCENT\Adplus\stup.exe
- Status
Similar threads
Latest posts
-
Razer launches $160 Viper V3 Pro gaming mouse with 8,000 Hz polling rate- Shawn Knight replied
