Jump to content

Help! Please! Something wrong with my Computer maybe a Virus

Mr Andrewson

By Mr Andrewson
in Questions

 Share

Recommended Posts

Mr Andrewson Newbie

Mr Andrewson

Posted
Posted

Ok i have recently been experiencing problems with my computer...

I have a dsl connection and i used to recieve normally about 6000 bytes per day but now i seem to have been downloading things without doing anything.

Ive noticed when im not active on the internet i recieve no bytes but when i go onto a website (any) i will recieve like 300,000 bytes and i ran spyware doctor and it came up with 2nd-thought.com trojan and i'm wondering if this maybe the problem i have spy sweeper and that did'nt pick it up so it would be nice to have some instructions on how to remove 2nd-thought.com manually because i simply don't want to pay... and ive googled my heart ut for cookies.txt 'cause spyware doc gave me the location of 2nd-thought.com and some other tracking cookies and it said the location was cookies.txt-line #22 (and some other numbers) please help 'cause i'm only like 12 years old and english (dumb)...

And i have avg anit-virus free edition and norton system works and they didn't pick anything up so if anyone who's smart and knows what they are talking about help me?

Thanx, Mr Andrewson

Link to comment
Share on other sites
  • Replies 77
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

stingwray Newbie

stingwray

Posted
Posted
I have a dsl connection and i used to recieve normally about 6000 bytes per day but now i seem to have been downloading things without doing anything.

Doesn't mean much without a contexted, also I don't think you mean bytes.

Run AVG virus scan with the latest definitions.

Run CCleaner.

Run Spybot S&D with the latest definitions.

Install a free firewall and set it to notify you everytime a program wants to access the internet.

Can't say much more than that without information.

Link to comment
Share on other sites
Mr Andrewson Newbie

Mr Andrewson

Posted
  • Author
Posted

Well 2nd-thought.com is a trojan and yes of course ive tried to remove it...

And i am seriously worried about how many bytes i am recieving for just going on a 32k website.. like i am recieving 300kb for a 32kb website could anyone help me manually remove this trojan or tell me if they know of what this may be?

Link to comment
Share on other sites
degoba Newbie

degoba

Posted
Posted
ive ran avg with latest definitions and spybot s&d but whats this ccleaner and could u give me a link to a free firewall ( a good one)

when in doubt reformat. Also hardware firewalls are relatively inexpensive, and can save alot of time and headache. If you have an old computer lying around you could turn that into a firewall as well.

http://www.smoothwall.org/

Link to comment
Share on other sites
VaKo Newbie

VaKo

Posted
Posted

Just block them from having network access?

http://www.kaspersky.com/scanforvirus.html

http://www.pandasoftware.com/product..._principal.htm

http://housecall.trendmicro.com/

http://www.ravantivirus.com/scan/

http://www.bitdefender.com/scan/licence.php

List of online virus checkers if you want a 2nd verdict.

If you are worried try doing this:

1: back up your personal data to a DVD or CD, things like docs, save games etc

2: download AVG and Zone alarm to a CD

3: reinstall windows

4: before you do anything at all, even connect it to the net, install AVG and zone alarm.

5: connect to the net again and do a full MS update

6: scan the backups of your personal data for viruses etc, while its on the CD

7: once that has completed, just reinstall your applications

that way you can be sure that your computer is protected right from the get go, and that there are no nastys left over from the prior install.

I basically hold a policy of "if i don't know what it is, i don't let it do what it wants to do until i'm sure its ok"

Link to comment
Share on other sites
Mr Andrewson Newbie

Mr Andrewson

Posted
  • Author
Posted

Basic Symptoms of a Virus:

Slow Laggy Computer (Tick)

And i have a load of rubbish being downloaded to my computer without me doing anything...

And Generic s a type of Trojan and Win32 is a windows microsoft app thing but usually to do with viruses.

So hers how i see it...

The Generic Win32 is accessing my internet and downloading things...

I WANT TO STOP IT!!! IT@S DRIVING ME MAD!!!

Link to comment
Share on other sites
Mr Andrewson Newbie

Mr Andrewson

Posted
  • Author
Posted

ssu.exe

CamTool.exe

firefox.exe

SUPERAntiSpyware.exe

swdoctor.exe

msnmsgr.exe

ctfmon.exe

msmsgs.exe

zlclient.exe

SpySweeperUI.exe

mouse32a.exe

avgcc.exe

vsnpstd3.exe

jusched.exe

sprtcmd.exe

dragdiag.exe

kbdAp32A.exe

moffice.exe

qttask.exe

realplay.exe

CamCheck.exe

GhostStartTrayApp.exe

ccApp.exe

explorer.exe

alg.exe

WindowsSearch.exe

NPROTECT.EXE

Navapsvc.exe

taskmgr.exe

MDM.EXE

GhostStartService.exe

gaurd.exe

SAgent2.exe

eEBSvc.exe

ccEvtMgr.exe

avgemc.exe

avgupsvc.exe

avgamsvr.exe

spoolsv.exe

vsmon.exe

svchost.exe

svchost.exe

svchost.exe

svchost.exe

svchost.exe

lsass.exe

services.exe

winlogon.exe

csrss.exe

smss.exe

SpySweeper.exe

WindowsSearchIndexer.exe

svchost.exe

NOPDB.EXE

System

System Idle Process

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted

Which is why (yes, it said it potentialy after you read my last post, so it's partly my fault) I said to use spybot to create a exported list.

To create an exported list change spybot to advanced mod, in the tools section selecte process list then click export.

Link to comment
Share on other sites
Mr Andrewson Newbie

Mr Andrewson

Posted
  • Author
Posted

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)

2005-05-31 SpybotSD.exe (1.4.0.3)

2005-05-31 TeaTimer.exe (1.4.0.2)

2006-08-18 unins000.exe (51.41.0.0)

2005-05-31 Update.exe (1.4.0.0)

2005-05-31 advcheck.dll (1.0.2.0)

2005-05-31 aports.dll (2.1.0.0)

2005-05-31 borlndmm.dll (7.0.4.453)

2005-05-31 delphimm.dll (7.0.4.453)

2005-05-31 SDHelper.dll (1.4.0.0)

2005-05-31 Tools.dll (2.0.0.2)

2005-05-31 UnzDll.dll (1.73.1.1)

2005-05-31 ZipDll.dll (1.73.2.0)

2006-08-18 IncludesCookies.sbi

2006-08-18 IncludesDialer.sbi

2006-08-18 IncludesHijackers.sbi

2006-08-18 IncludesKeyloggers.sbi

2004-11-29 IncludesLSP.sbi

2006-08-18 IncludesMalware.sbi

2006-08-18 IncludesPUPS.sbi

2006-08-18 IncludesRevision.sbi

2006-08-18 IncludesSecurity.sbi

2006-08-18 IncludesSpybots.sbi

2005-02-17 IncludesTracks.uti

2006-08-18 IncludesTrojans.sbi

PID: 0 ( 0) [system]

PID: 492 ( 4) SystemRootSystem32smss.exe

PID: 572 ( 492) ??C:WINDOWSsystem32csrss.exe

PID: 596 ( 492) ??C:WINDOWSsystem32winlogon.exe

PID: 640 ( 596) C:WINDOWSsystem32services.exe

size: 108032

MD5: C6CE6EEC82F187615D1002BB3BB50ED4

PID: 652 ( 596) C:WINDOWSsystem32lsass.exe

size: 13312

MD5: 84885F9B82F4D55C6146EBF6065D75D2

PID: 792 ( 640) C:WINDOWSsystem32svchost.exe

size: 14336

MD5: 8F078AE4ED187AAABC0A305146DE6716

PID: 840 ( 640) C:WINDOWSsystem32svchost.exe

size: 14336

MD5: 8F078AE4ED187AAABC0A305146DE6716

PID: 876 ( 640) C:WINDOWSSystem32svchost.exe

size: 14336

MD5: 8F078AE4ED187AAABC0A305146DE6716

PID: 920 ( 640) C:WINDOWSSystem32svchost.exe

size: 14336

MD5: 8F078AE4ED187AAABC0A305146DE6716

PID: 1048 ( 640) C:WINDOWSSystem32svchost.exe

size: 14336

MD5: 8F078AE4ED187AAABC0A305146DE6716

PID: 1064 ( 640) C:WINDOWSsystem32ZoneLabsvsmon.exe

size: 75768

MD5: ACE93FFFFD1F6B2C3E9F9C996BDEC6DB

PID: 1272 ( 640) C:WINDOWSsystem32spoolsv.exe

size: 57856

MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F

PID: 1376 ( 640) C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe

size: 336896

MD5: 9BF46D959F713D64C8FF3DE2B2437863

PID: 1392 ( 640) C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe

size: 84480

MD5: 66093610FA61142F6BCFD83AFB7E8A29

PID: 1428 ( 640) C:PROGRA~1GrisoftAVGFRE~1avgemc.exe

size: 281088

MD5: 07C595396C6F4631E88F9792E1BECD7E

PID: 1452 ( 640) C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe

size: 308936

MD5: BA2FEB4DE7146B972FFBFD5D48F3FC90

PID: 1468 ( 640) C:Program FilesCommon FilesEPSONEBAPIeEBSVC.exe

size: 77824

MD5: CD64CE62BE47DF0E9A459FD9002221FE

PID: 1488 ( 640) C:Program FilesCommon FilesEPSONEBAPISAgent2.exe

size: 94208

MD5: 12CDB5DC7774298223099D6E41ED5CE7

PID: 1556 ( 640) C:Program Filesewido anti-spyware 4.0guard.exe

size: 172032

MD5: F8D982556A9E0795829632FF0812DC2D

PID: 1816 ( 640) C:Program FilesNorton SystemWorksNorton GhostGhostStartService.exe

size: 200704

MD5: BC9C77FAC763D84BFDF09B55D4B41AFA

PID: 1840 ( 640) C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE

size: 315392

MD5: 66F861E308F47B395A12072FA76AA29A

PID: 1904 ( 640) C:Program FilesNorton SystemWorksNorton AntiVirusnavapsvc.exe

size: 116336

MD5: C313B28853F53818B7AB4698FBB9E911

PID: 1928 ( 640) C:Program FilesNorton SystemWorksNorton UtilitiesNPROTECT.EXE

size: 135168

MD5: 4914A155F9B73317B14F94BBA4A79639

PID: 176 ( 640) C:PROGRA~1NORTON~1SPEEDD~1nopdb.exe

size: 172065

MD5: 305365A42F7D38D8D10B233ECE1C84C6

PID: 220 ( 640) C:WINDOWSSystem32svchost.exe

size: 14336

MD5: 8F078AE4ED187AAABC0A305146DE6716

PID: 268 ( 640) C:Program FilesWebrootSpy SweeperSpySweeper.exe

size: 3068928

MD5: 8837B1162A69EF9792D2EFE80A92A109

PID: 2084 ( 640) C:WINDOWSSystem32alg.exe

size: 44544

MD5: F1958FBF86D5C004CF19A5951A9514B7

PID: 2480 (2432) C:WINDOWSExplorer.EXE

size: 1032192

MD5: A0732187050030AE399B241436565E64

PID: 2732 (2480) C:Program FilesCommon FilesSymantec SharedccApp.exe

size: 50880

MD5: 0A0ACC6852A00997987FDF8A914755A5

PID: 2792 (2480) C:Program FilesNorton SystemWorksNorton GhostGhostStartTrayApp.exe

size: 94208

MD5: 45725CE2A9BD68CF1526728FCFFCC24E

PID: 2804 (2480) C:Program FilesNuCamCamCheckCamCheck.exe

size: 90112

MD5: F5F03FFC67A4E05E3DD5B07181D2A6E1

PID: 2832 (2480) C:Program FilesRealRealPlayerRealPlay.exe

size: 26112

MD5: 849D97FE4CC09CFC2772D10F641E1BAF

PID: 2840 (2480) C:Program FilesQuickTimeqttask.exe

size: 98304

MD5: C341CCFBE98BC7DF6E0B856BB9FC265A

PID: 2864 (2480) C:Program FilesLabtecMouse2.1moffice.exe

size: 802816

MD5: E0D694DD19D10AA14871A5AE489EF1BA

PID: 2876 (2480) C:Program FilesLabtecMedia KeyboardV5.0KbdAp32A.exe

size: 387584

MD5: A2704E47F9AC4CB6469D22A72B477A66

PID: 2884 (2480) C:Program FilesThomsonSpeedTouch USBDragdiag.exe

size: 866816

MD5: D40191AA225638AB20E59524CDD74030

PID: 2912 (2480) C:Program FilesTalkTalkbinsprtcmd.exe

size: 192512

MD5: E7A42AE15A34EE32004E44FED0F407B2

PID: 2936 (2480) C:Program FilesJavajre1.5.0_07binjusched.exe

size: 36975

MD5: 892EB04BC0B1A542A97197D3FA31268F

PID: 2952 (2480) C:WINDOWSvsnpstd3.exe

size: 339968

MD5: 7AB9C03D02ACCD484896A3C279F0EAC7

PID: 2992 (2480) C:PROGRA~1GrisoftAVGFRE~1avgcc.exe

size: 369664

MD5: 32E0D24EAD2A5C7EE7B6AD516EAFE8EE

PID: 3036 (2864) C:Program FilesLabtecMouse2.1MOUSE32A.EXE

size: 356352

MD5: 53EE2896B37BA5E39AF6C011FEBEE2C8

PID: 3052 (2480) C:Program FilesWebrootSpy SweeperSpySweeperUI.exe

size: 3871744

MD5: C1E87DA7B09E0CCA67E0120BF80BCF25

PID: 3064 (2480) C:Program FilesZone LabsZoneAlarmzlclient.exe

size: 968696

MD5: D1D3726A8508B6183C620B4F6CE82F70

PID: 3096 (2480) C:Program FilesMessengermsmsgs.exe

size: 1694208

MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259

PID: 3104 (2480) C:WINDOWSsystem32ctfmon.exe

size: 15360

MD5: 24232996A38C0B0CF151C2140AE29FC8

PID: 3148 (2480) C:Program FilesMSN Messengermsnmsgr.exe

size: 5324584

MD5: 12AC5691BDDB838187F2449ABB7009A9

PID: 3332 (2480) C:Program FilesSpyware Doctorswdoctor.exe

size: 2083040

MD5: 7BFCA70F2CEE69C174910A497C163776

PID: 3428 (2480) C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

size: 1257472

MD5: 420D1414EB2F212EFAD2462CAB715B6C

PID: 4012 (2480) C:Program FilescamtoolVideoMonitorCamTool.exe

size: 94208

MD5: 21B7AA86678A99CE52ED17871A9BAD90

PID: 2020 (2480) C:Program FilesMSN Toolbar SuiteDS02.05.0001.1119en-usbinWindowsSearch.exe

size: 238080

MD5: 01994DD914B238E4DD43709F41FD84D4

PID: 240 ( 792) C:Program FilesMSN Toolbar SuiteDS02.05.0001.1119en-usbinWindowsSearchIndexer.exe

size: 113664

MD5: 100ACC55BDE488C7E2D6DD8C154D615E

PID: 3736 (2480) C:Program FilesMozilla Firefoxfirefox.exe

size: 7183469

MD5: 2C291E37AB2796FC43944B8219D47C61

PID: 2604 ( 268) C:Program FilesWebrootSpy SweeperSSU.EXE

size: 164864

MD5: 39F37E28C643904A79AD5A45ECA7B2A9

PID: 2564 (2480) C:Program FilesSpybot - Search & DestroySpybotSD.exe

size: 4393096

MD5: 09CA174A605B480318731E691DC98539

PID: 4 ( 0) System

Link to comment
Share on other sites
VaKo Newbie

VaKo

Posted
Posted

If your mum doesn't understand, just point her here and we'll explain why this needs to be done. Its a simple operation, and if you have a 2nd PC, i'll talk you threw it on IRC if you want. Should take about 3 hours start to finish.

As sparda says, we're not 100% sure you have a virus yet, but imo SUPERAntiSpyware.exe doesn't bode well. By the sounds of it though, you do have a pile of crap on the system thats slowing it down, and there isn't an easy way to fix it. (anyone else remeber when Mr Balmer sent in a bunch of high end windows enginers to fix a mates spyware riddled box, and they had to give up in the end).

edit: Norton is crap btw, a good move would be removing it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...