Should I Be Worried

[PumpkinPete112]

Ok so yesterday morning my sister download music from Limewire on my computer.(I told her not too but she didnt listen)> So after that my computer ran kinda slow, and i thought it was just one of those things. That say I renewed my RS membership (putting in my exact adress and full name) and connected to my internet (using a WEP code). So my automatic virus scan ran last night, and low and behold there was a trojan on my computer (something to do with jonasbrother231incomplete[Caution: Executable File]) Should i be worried about ID theft or forced computer takeover?

[kam42705]

As long as the trojan was never run, then no... If it was- well, you may... In the future, tell your sister (and anyone else who DL's anything), to watch the file type in the limewire (or torrent software) window- it should say mp3, or another trusted extension- if it's blank or exe... just don't get it....

[PumpkinPete112]

Well i got rid of the trojan, the filename siad "incomplete" in it so maybe it wasnt fully downloaded. I dont think she ran it. What it was doing was slowing my comp and randomly crashing windows. I doubt it was there for identity theft, i mean who would steal the identity of a 12 year old (she got it off a Jonas Brothers song) So for now im not too worried, if something were to happen i doubt it would effect me since im not 18 yet.

[kam42705]

If it was incomplete that meant it never finished downloading- then it shouldn't be a problem...

 

 

 

The crashes seem to indicate something else though- did anything else pop up?

[Da Pirates]

Here's a couple tips..

 

 

 

1. Change your password that you log on your comp to somthing only you know.

 

2. Pay members in RS using a giftcard with a preset amount, that way if somthing happens, the person who has your personal info can only charge up as much is on the giftcard.

[PumpkinPete112]

Here's a couple tips..

 

 

 

1. Change your password that you log on your comp to somthing only you know.

 

2. Pay members in RS using a giftcard with a preset amount, that way if somthing happens, the person who has your personal info can only charge up as much is on the giftcard.

 

 

 

Lol i used an ultimate gamer card, so he cant charge jack (no credit on it)

 

 

 

If it was incomplete that meant it never finished downloading- then it shouldn't be a problem...

 

 

 

The crashes seem to indicate something else though- did anything else pop up?

 

 

 

No but i had like 12 tracking cookies. By crash i mean it froze and then the screen went to a picture of just my backround. This has happened since before the incident.

 

 

 

And i asked my sister and she said she did not get asked to run anything, and that she canceled 2 dloads mid time, so im thinking it got disconnected and AVG picked up the half of it.

[kam42705]

That's good then- at least no chance of identity theft..... (well, a minimised one)

 

 

 

And the fact that AVG picked it up is even better...

 

 

 

And would you mind posting a HijackThis log?

[PumpkinPete112]

That's good then- at least no chance of identity theft..... (well, a minimised one)

 

 

 

And the fact that AVG picked it up is even better...

 

 

 

And would you mind posting a HijackThis log?

 

 

 

EDIT: Heres the log

 

[hide=]Running processes:

 

C:\WINDOWS\System32\smss[Caution: Executable File]

 

C:\WINDOWS\system32\winlogon[Caution: Executable File]

 

C:\WINDOWS\system32\services[Caution: Executable File]

 

C:\WINDOWS\system32\lsass[Caution: Executable File]

 

C:\WINDOWS\system32\Ati2evxx[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\System32\svchost[Caution: Executable File]

 

C:\WINDOWS\system32\svchost[Caution: Executable File]

 

C:\WINDOWS\system32\Ati2evxx[Caution: Executable File]

 

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

 

C:\Program Files\Viewpoint\Common\ViewpointService[Caution: Executable File]

 

C:\WINDOWS\Explorer[Caution: Executable File]

 

C:\WINDOWS\ALCXMNTR[Caution: Executable File]

 

C:\Program Files\Java\jre1.6.0_06\bin\jusched[Caution: Executable File]

 

C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

C:\Program Files\AIM6\aim6[Caution: Executable File]

 

C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

C:\Program Files\ZyXEL\ZyXEL G-220 v2 Wireless Adapter Utility\ZyXEL G-220 v2[Caution: Executable File]

 

C:\Program Files\Common Files\AOL\Loader\aolload[Caution: Executable File]

 

C:\Program Files\AIM6\aolsoftware[Caution: Executable File]

 

C:\PROGRA~1\AVG\AVG8\avgwdsvc[Caution: Executable File]

 

C:\PROGRA~1\AVG\AVG8\avgrsx[Caution: Executable File]

 

C:\PROGRA~1\AVG\AVG8\avgemc[Caution: Executable File]

 

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll

 

R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll

 

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

 

O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

 

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll

 

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

 

O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll

 

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

 

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR[Caution: Executable File]

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched[Caution: Executable File]"

 

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray[Caution: Executable File]

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: Executable File]" /background

 

O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6[Caution: Executable File]" /d locale=en-US ee://aol/imApp

 

O4 - HKCU\..\Run: [ctfmon[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File]

 

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam[Caution: Executable File]" -silent

 

O4 - Startup: MEMonitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor[Caution: Executable File]

 

O4 - Global Startup: ZyXEL G-220 v2 Wireless Adapter Utility.lnk = ?

 

O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

 

O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag[Caution: Executable File]

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

 

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

 

O20 - AppInit_DLLs: avgrsstx.dll

 

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx[Caution: Executable File]

 

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc[Caution: Executable File]

 

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc[Caution: Executable File]

 

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService[Caution: Executable File]

 

 

 

--

 

End of file - 5003 bytes[/hide]

[das1330]

First of all, get rid of all that AOL software on your computer and get rid of Limewire. AOL software is horrible for being useless and slowing down your computer, and it's notoriously difficult to get rid of. Delete it and your computer will run a bit faster. If you need an AIM client, use something like trillian or pidgin. Limewire is again a very bad program to download anything with - the entire network has tons and tons of viruses all over the place. If you need to download things, get a good bittorrent download manager and find a reputable tracker. There is not nearly as many viruses around that way. As to the trojan, if you didn't put any credit card numbers or other potentially dangerous information onto the computer when it was infected, then it is unlikely you have to worry. There is the odd virus here and there that can actually harvest numbers and things from files on your hard drive, but they are comparatively pretty rare - most are essentially keyloggers.

[PumpkinPete112]

First of all, get rid of all that AOL software on your computer and get rid of Limewire. AOL software is horrible for being useless and slowing down your computer, and it's notoriously difficult to get rid of. Delete it and your computer will run a bit faster. If you need an AIM client, use something like trillian or pidgin. Limewire is again a very bad program to download anything with - the entire network has tons and tons of viruses all over the place. If you need to download things, get a good bittorrent download manager and find a reputable tracker. There is not nearly as many viruses around that way. As to the trojan, if you didn't put any credit card numbers or other potentially dangerous information onto the computer when it was infected, then it is unlikely you have to worry. There is the odd virus here and there that can actually harvest numbers and things from files on your hard drive, but they are comparatively pretty rare - most are essentially keyloggers.

 

 

 

Yeah the only things i typed in were my home adress, my cellphone, and my WEP key for my router. I also planned to get rid of lime for a long time (i havent used it in about a month)

[n1h0k3r]

in my opinion there is nothing to worry about. no offence, but your computer sounds like it's a bit slow, and getting a song thru limewire takes a while anyway (don't ask how i know) and so probably it is just the incomplete song, still being downloaded. when your computer crashed, it stopped the download. this may even cause the uncomplete file to do odd things. even when you directly download a song, you will notice that there are two files created, one an mp3, the other a temporary file that is merged with the mp3 (it dissapeares anyway) when the file is complete. but in case it is something bad, just delete it, is one song worth risking a good computer?

[urbestfreind]

Limewire is again a very bad program to download anything with - the entire network has tons and tons of viruses all over the place. If you need to download things, get a good bittorrent download manager and find a reputable tracker. There is not nearly as many viruses around that way.

 

 

 

I disagree. I've used limewire for about 3 years and haven't gotten a virus, but the first thing I tried to get from a bittorrent tracker thing (I think it was TPB, maybe not) had a few viruses on it, including a trojan that attempted to open a backdoor on my computer.

 

 

 

Limewire is fine for most pictures and audio (which is mainly what I use it for. If you use it for getting programs, just go ahead and buy a few copies of windows and get familiar with reformatting). Videos are a bit of a lottery, but if you know what to look for, you can weed out the bad choices easily.

 

 

 

Wait....I thought mods weren't allowed to talk about torrents, as Tip.It doesn't condone their use?

 

 

 

As to the OP, you should be fine. Not going to say there won't be a problem, because the nature of trojans is to be unpredictable (especially if it carried a rootkit as part of its payload...Man I hate rootkits).

[Errdoth]

Limewire is again a very bad program to download anything with - the entire network has tons and tons of viruses all over the place. If you need to download things, get a good bittorrent download manager and find a reputable tracker. There is not nearly as many viruses around that way.

 

 

 

I disagree. I've used limewire for about 3 years and haven't gotten a virus, but the first thing I tried to get from a bittorrent tracker thing (I think it was TPB, maybe not) had a few viruses on it, including a trojan that attempted to open a backdoor on my computer.

 

 

Well if you're not stupid and don't go around downloading torrents with bad comments, or try to download a movie that's 22mb or something, you'll be fine. It's exactly like what you said, if you know what to look for, you can weed out bad choices easily (and bittorrent is a much, much, *much* more powerful protocol than gnutella)

[Sinkhan]

Gnutella is a protocol?

 

 

 

I'd personally ditch AVG. At one time or another, AVG was a very strong AV option, but has since fallen back in terms of performance. Go with AntiVir instead.

 

 

 

Check out AV-Comparatives for comprehensive 3rd party tests of AV programs. AntiVir is free and is the cream of the crop, surpassing giants like Norton grossly beating programs like AVG and avast!

 

 

 

I had AVG 7.0 from it's release and then upgraded to 7.5 when it came out, so for about 6 years (I went the years before that protection free, yikes!) When I made the switch to avast!, it found an additional 2 viruses. When I found out about AntiVir and tried it out, it found 12 viruses, all with creation dates during the period I was using AVG and avast!, suggesting that these were viruses that the other two programs missed.

 

 

 

And your sister seems to have contracted another virus, the now very-common, epidemic-level "Pre-teen fan of terrible pop music" disease.

 

 

 

Sadly, not even AntiVir can treat this infection :roll:

[heehee111]

I've never liked limewire as the details on the files that are shared are practically none. Bit-torrent is the way to go.

 

If you computer flicks to just your background try getting up task manager (if you can) go to new task, then type explorer[Caution: Executable File] and click ok.

[Iamdan]

Limewire is again a very bad program to download anything with - the entire network has tons and tons of viruses all over the place. If you need to download things, get a good bittorrent download manager and find a reputable tracker. There is not nearly as many viruses around that way.

 

 

 

I disagree. I've used limewire for about 3 years and haven't gotten a virus, but the first thing I tried to get from a bittorrent tracker thing (I think it was TPB, maybe not) had a few viruses on it, including a trojan that attempted to open a backdoor on my computer.

 

 

Well if you're not stupid and don't go around downloading torrents with bad comments, or try to download a movie that's 22mb or something, you'll be fine. It's exactly like what you said, if you know what to look for, you can weed out bad choices easily (and bittorrent is a much, much, *much* more powerful protocol than gnutella)

 

 

 

Exactly. I've used p2p for years and never had problems. you can always see the file size< and it"s easy to stay away from the inappropriately sized files>

 

 

 

(what the hell< my computer just screwed up halfway through my post> shift won"t capitalize letters< and the secondary keys for the buttons are the only ones that work which is why i can"t use commas or full stops :wall: :wall:

[sloter]

Going to agree with several other people jsut watch the file type and the size for the file your are dowloading. I would do torrenting over limewire though as i personally don't like limewire at all.

[@Dan3HitU]

For starters: Why are you even using LimeWire?

 

 

 

I'm not going to help you break the law but for god's sake, use a Torrent or something, jesus...

[Nadril]

And, *ahem*, if you're downloading music learn how to use Google Blogs. ;)

[Orpheus]

And, *ahem*, if you're downloading music learn how to use Google Blogs. ;)

 

 

 

I use jimmyr's google search, it adds some complex tags, and you get access to music through directories.