Hello, im getting really paranoid about a site i visited
WARNING DO NOT CLICK UNLESS YOUR REALLY PROTECTED
It goes along the lines of
*.on.nimp.org
Eg. www(dot)test(dot)on(dot)nimp(dot)org
I was wondering if this has infected my computer?
Welcome Lone.
avast! did its job and prevented the site form loading so nothing is on your system other than in the browser cache that should be cleaned out after you close the browser and with CCleaner or ATF Cleaner:
http://www.ccleaner.com/download <== be sure to un-chect the Yahoo toolbar if you don’t want it installed
http://majorgeeks.com/ATF_Cleaner_d4949.html
oh ok
Cause i was just playing online and and my ping was spiking and thought virus was eating my computers soul
but i want to kno
does that site have virus that wrecks my computer??
oh and in logs it says VBS:Malware-gen
info??
First, please edit your first post to disable the active link to something like … www(dot)test(dot)on(dot)nimp(dot)org
Also …
Please download HijackThis from the link below. Do not download HJT to the desktop but instead download it into it’s own folder on the hard drive.
Run the program but do not make any fixes and then post the log results using the “copy & paste” method. It will probably take more than one post to be able to get the complete log posted.
OR, you can post it as an attachment to your post by clicking on “Additional Options…” below left of the posting box. Someone will review your log and then offer help.
http://filehippo.com/download_hijackthis/
First, please edit your first post to disable the active link to something like ... www(dot)test(dot)on(dot)nimp(dot)orgMan, that's one ugly site! My eyes, my eyes, arghhh. Even without the virus, that might be bad enough to set off the webshield, for self-protection. ;)
OpenDNS blocked it before avast! got a chance to. 8)
ok
i have added Hijack this log as a attachment
bump
An analysis of your HJT log shows the following :
We didn’t detect any active process of a firewall on your system. Reasons maybe:
(1.) You are using the windows firewall or a hardware firewall.
(2.) You are using a firewall of an unknown vendor.
(3.) You are using a firewall, but for unknown reasons it is disabled
(4.) You don’t use any firewall at all.
We recommend you to use a firewall.
Platform: Windows XP SP2 (WinNT 5.01.2600)
A newer version of service pack is available. Service packs increase the safety of your system. Visit Microsoft’s windowsupdate site to download the newest version of the service pack.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Unnecessary (deactivated) entry that can be fixed. Related to Windows Live Messenger.
http://www.systemlookup.com/CLSID/3998-HTC_DLL_htc_8_1_0178_00_dll_htc_8_1_0168_00_dll_htc_8_1_01_00_dll.html
Otherwise, a good HJT log.
You have Sandboxie on your pc. If you browsed using SB you would have very little to worry about ::). There isn,t a site on the net i would worry about, if I was sandboxed
I don’t understand how Sandboxie does this. Running a browser underSandboxie, let’s say I visit a malicious site and click [OK] for my free, but malicious scan.
This scanner, as we all know will do any number of things from replacing (for example) userinit.exe, modify registry entries, maybe install a file as a critical system driver set to start even when windows starts in safe mode. If this malicious application loads, and does all of these things, does sandboxie keep it ALL contained without exception?
Have a read of the FAQ http://www.sandboxie.com/index.php?FrequentlyAskedQuestions especially the part ’ How does Sandboxie protect me, technically? ’
Not all programs will run sandboxed. Quote " Sandboxie also prevents programs executing inside the sandbox from loading drivers directly. It also prevents programs from asking a central system component, known as the Service Control Manager, to load drivers on their behalf. In this way, drivers, and more importantly, rootkits, cannot be installed by a sandboxed program. "
Also there is a possibility that malware can read sensitive info on your pc. In the paid version programs can be forced to open sandboxed, and internet access allowed to only certain programs. So that malware inside the box cannot transmit data.
Remember nothing is 100% bullet proof. There is a discussion ongoing that Comodo firewall is actually able to pull a file out of a sandbox, infecting the pc. Although this has not been proven.
Some people on wilders have tested some nasty stuff sandboxed, as far as i am aware nothing escaped. ( yet ;D )
actually, i have but dont kno how the hell to use it
Would You Build Your House on Sand? http://ezinearticles.com/?Would-You-Build-Your-House-on-Sand?&id=1912885
SP3 has been available for almost a year that has several Critical Security Updates but you need to disable or un-install Sandboxie to install the updates.
In IE go to Tools then Windows Updates and install all updates.
Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least select Notify me but do not download or install them.
YoKenny what are you talking about.
The whole concept of SB, is whatever shit is in the box, gets flushed away,when you empty the box. You would have to be an imbecile, to go to windows update site ( sandboxed ) and install updates. ( although, i believe, some do, to test updates on there system )
House on sand ;D ;D ;D
For mere browsing,opening email attatchments, SB, is perfect.
I download dodgy files, i run them sandboxed. My AV is watching all the time. I can scan my sandbox, with online scanners, or mbam, sas.
Yes of course, you should set windows updates to auto or notify, but the person you are talking about, doesn’t even know how to use SB, and has obviously, for his own reasons, chosen not to update to sp3.
EDIT: iam currently at this moment browsing sandboxed, and downloading windows updates ( what a coincidence )
So now i’ve read most of the FAQ and have been playing around with Sandboxie a bit. I am very pleased with this application. I have a pretty good feel for what it can do.
I have a customer who has a few employees constantly getting into trouble with malware. We discussed the use of Sun Virtualbox, or Microsoft Virtual PC, but there’s the licensing issue with multiple copies of Windows XP.
Something like this might just be the way to keep them out of trouble.