Hey,
I was stupid enough to go to http://f/.
I don’t know what virus i have but its slowing down my hard drive/internet.
I’m not 100% sure it was from going to that site but it all started after i clicked it.
Ive scanned with many AV scanners and spyware scanners, they picked up several things but non of which were the virus i was looking for.
Id appreciate anything.
I need something to work with on fixing it.
Ive tried to format but that didn’t work.
So if you have any information about what i may have id appreciate it very much.
Thanks
Can you be more specific? Which programs, which was detected…
Wow… what a big problem here? Any error message, what’s going on?
Thanks for replying.
This is why I’m stumped.
No error message. Theres nothing to work with.
People on the forum the site was posted on said avast picked up there virus and fixed it which is why i got it.
Ive used, Spy Sweeper, Spy Remover, Spy Bot, NOD32, Avast!, and I’m about to start scanning with MC Cafe and maybe Trend Micron. Only the spy Sachs found stuff, like cookies and such. However one of the finds was weird. From memory it was Windows Security Disabler or something like that.
Ill try find out what its real name was.
I have no idea what to do.
The only thing that comes to mind. When i was reinstalling windows an error came up when it was copying over the new Data.cab. It said it couldn’t be copied over but that could have just been the disk.
Besides that i theres nothing suspicious running in program manager.
Thanks
Could prevent avast startup entries (services, icon, etc.). Take care.
It’s not compatible with avast! Is there any on-line scanner of Nod32?
Did you try (or can try) the boot time scanning with avast?
Can you install, update and run www.ewido.net or you can’t even boot the computer?
Did you run scandisk (or chkdsk /R in Windows XP)?
I would suggest that you first ensure that none of the anti-spyware tools you are using aren’t rogue programs, there are a number of ‘spyware remover’ entries in http://www.spywarewarrior.com/rogue_anti-spyware.htm so if you have abbreviated the name to spy remover ?
Where did you visit, break the url so it isn’t active like http : // www . suspectsite.com ?
What was the purpose of the site ?
Having two resident scanners installed at the same time isn’t advised. With Nod32 and avast on the same system they could cause conflict, if they don’t actually lock-up, they could be duplicating the scan of files that are accessed this would almost certainly have a performance impact on your system.
Thanks again,
I had NOD32 installed before i used avast! because i knew about them not being able to work together.
Boot time scanning didn’t find anything.
I’m on the computer as we speak so it does work, just very poorly.
Did you run scandisk (or chkdsk /R in Windows XP)?I'm not sure how to do that sorry.
I didn’t abbreviate Spy Remover thats the name of the program.
I’m pretty sure all the anti spy software i have is good because they were recommended on some forums i go to.
Well the URL of the virus was http : //f/ .
For some people it doesn’t work but it worked for me.
After i clicked that link it sent me onto another website. FuckedCompany.com or something like that .
I was on a forum and it said it was a link to a video (because it was in the humor section of the forum)
and i was foolish enough to click it without reading the URL.
I uninstalled NOD32 just before i installed Avast! so i think thats ok.
Also just now i tried going to the site http://f/ and it sent me to the f-secure site.
This is really weird.
Last night i left my computer on for a boot scan but it didn’t find anything.
Thankyou for your help
EDITED
Hey thanks so much for your help
ITS FIXED!!
If anyone ever has this problem which they probably wont use Spy Emergency 2005 thats what fixed mine
;D ;D ;D ;D ;D ;D
Google is your friend 8)
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/chkdsk.mspx?mfr=true
Well if that url is the one that it is trying to contact something is obviously wrong in the virus coding, etc. as it isn’t a valid url. What may be happening is that it might somehow be being redirected, either by some sort of shortcut or your default browser doing some sort of redirect.
I have tried that link with firefox and get redirected to http : // www . fuc* ed company.com/ (edited for decency) however a DrWeb test on that url doesn’t bring up any virus warnings. Also a check with siteadvisor.com for this url doesn’t raise any issues.
Obviously it didn’t take you to f-secure the first time you tried it, if it took you where I ended up there doesn’t appear to be anything other than the objectionable domain name there.
So the mystery is still there as to what might be slowing your system.
Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2
For an on-line analysis - HiJackThis Log file - On-line Analysis OR HiJackThis Log file - On-line Analysis 2
Ignore any 023 reference to avast processes, this is a hiccup in the HJT 1.99.1 (especially missing file entry for avast), if you need any help with any of the analysis let us know.
Hi DavidR,
What did you get scanning with the DrWeb pre-hyperlink scanner?
polonus
All OK, javascript.
Mind you that is just the first page and not the link that Mr_Sandman clicked in the forums of that site.
I was on a forum and it said it was a link to a video (because it was in the humor section of the forum) and i was foolish enough to click it without reading the URL.
DrWeb or SiteAdviser would may have picked something up had Mr_Sandman had them and checked.
I’m not 100% sure what happend.
But alot of people who went to the site got viruses as well.
I was thinking that maybe F-Secure cleaned the site or something but i have no idea.
Thanks for all your help i really appreciate it.
They might well have gotten a virus from following a link in the sites forums, however, that is not entirely the fault of the site if someone places a malicious link in a forum. It would be difficult to scan the content at every link in their forums. The suspect link may well have been reported and removed.
A valuable lesson has been learned about clicking on unknown links from unknown sources, check using the likes of siteadvisor and or DrWeb. You wouldn’t click a link to an unknown source in an unsolicited email, the same should be true of a web site.