virus on the puppy forum ?
virus on the puppy forum ?
I was on the puppy forum using windows xp with avg and I got the BIG warning about this site
http://bandstartedsecurity.com/index.php?affid=92001
avg blocked it but I wanted to see what it is.
I fired up my puppy linux computer using an external cd drive through a usb port then disconnected the cd drive.
Got on the net and typed in web address above.
It's a program that says my computer is infected and offers to scan it.
Wow, I played with that virus program then shut puppy down.
Check it out ! It scanned my C hard drive and found over 100 virus on it ( the computer has no hard drives in it ! )
I used this setup with the cd rom, not the flash stick.
http://www.youtube.com/watch?v=CyGtLgHwzV0
P.S. don't let puppy save anything to disk or flash memory doing this
*
http://bandstartedsecurity.com/index.php?affid=92001
avg blocked it but I wanted to see what it is.
I fired up my puppy linux computer using an external cd drive through a usb port then disconnected the cd drive.
Got on the net and typed in web address above.
It's a program that says my computer is infected and offers to scan it.
Wow, I played with that virus program then shut puppy down.
Check it out ! It scanned my C hard drive and found over 100 virus on it ( the computer has no hard drives in it ! )
I used this setup with the cd rom, not the flash stick.
http://www.youtube.com/watch?v=CyGtLgHwzV0
P.S. don't let puppy save anything to disk or flash memory doing this
*
Last edited by ebiker on Wed 27 Jan 2010, 23:06, edited 5 times in total.
"bandstartedsecurity.com" resolves to 85.12.46.15Flash wrote:This "warning" has shown up on several Windows computers that were connected to the Puppy Linux forum. It happened to me while I was visiting my brother. Nobody seems to know where it's coming from.
nslookup for that domain reveals
Code: Select all
% Information related to '85.12.46.0 - 85.12.46.127'
inetnum: 85.12.46.0 - 85.12.46.127
netname: NL-web10
descr: Web10 ict services
country: NL
admin-c: PL2400-RIPE
tech-c: TW1148-RIPE
status: ASSIGNED PA
mnt-by: EUROACCESS-MNT
source: RIPE # Filtered
person: PC Leurink
address: EuroAccess Enterprises Ltd.
address: Alsacelaan 5
address: 5627 CA Eindhoven, The Netherlands
phone: +31 (0)20-7173209
fax-no: +31 (0)40-2488764
e-mail: ip-dbm@euroaccess.nl
mnt-by: EUROACCESS-MNT
nic-hdl: PL2400-RIPE
source: RIPE # Filtered
person: TA Westervoorde
address: EuroAccess Enterprises Ltd.
address: Alsacelaan 5
address: 5627 CA Eindhoven, The Netherlands
phone: +31 (0)20-7173209
fax-no: +31 (0)40-2488764
e-mail: ip-dbm@euroaccess.nl
mnt-by: EUROACCESS-MNT
nic-hdl: TW1148-RIPE
source: RIPE # Filtered
% Information related to '85.12.0.0/18AS34305'
route: 85.12.0.0/18
descr: Euroaccess IPv4
origin: AS34305
mnt-by: EUROACCESS-MNT
source: RIPE # Filtered
______
Dennis
If you are seeing rogue antivirus popups on Puppy Forums, your [Windoze] computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.
Last edited by nubc on Thu 28 Jan 2010, 18:25, edited 1 time in total.
pop ups
I did not see what it would do on the windows computer.nubc wrote:If you are seeing rogue antivirus popups on Puppy Forums, your computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.
It did not pop up. AVG displayed a warning and blocked it and gave me the address.
To see what it was I typed it in later on a different computer running puppy so I could see what it is and what it does.
AVG only showed a warning. It did not say what it was or what it did.
I used puppy linux power to find that out.
I consider Windows malware ! ! !
You might not need to go that far. I took at look at the site using Firefox on Windows. As expected, I saw a blank screen. I use the NoScript extension that blocks all scripting activity unless the site being viewed is in a user created whitetlist.nubc wrote:If you are seeing rogue antivirus popups on Puppy Forums, your [Windoze] computer may have a pre-existing virus infection. You should take serious measures to clean your computer, by which I mean, using an antivirus stronger, more effective than AVG, and a malware remover stronger than Malwarebytes Anti-Malware.
I use Symantec Corporate A/V, and have Malwarebytes anti-malware around, but it never finds anything. I'd be surprised it if it did, since most exploits target IE and bounce off other browsers.
______
Dennis
Unlikely. The question is where else people who see this might have visited. There are an assortment of ways to do things like hijack your browser and feed you stuff from unexpected places. Most of them exploit holes in IE and Windows, and bounce off if you run something else. I use Firefox with NoScript under Windows, and don't get bit by that sort of nonsense.Flash wrote:Thanks, DMCunney.
It's still not clear to me how it gets sent to someone's computer. Does it come from the Puppy Linux server or what?
I'd be startled if the Puppy server was hacked and injecting malware.
______
Dennis
from my sandboxie in XP/firefox
http://www.mywot.com/en/scorecard/bands ... curity.com
The actual website appears to have been taken down....
just [ ] a dangerous exploit site
Aitch
http://www.mywot.com/en/scorecard/bands ... curity.com
The actual website appears to have been taken down....
Absolutely Guaranteed - NOTHING to do with our beloved Puppy forum
just [ ] a dangerous exploit site
Aitch
It does appear to be gone. It was very educational for me.
It was fun to play with too.
I have almost no interest in windows anymore. I am a Puppy head now ! ! !
I have not had this much fun learning about computers since my CoCo 6809 OS9 days !
The feeling of having control over my computers has returned !
Thanks, Steve
It was fun to play with too.
I have almost no interest in windows anymore. I am a Puppy head now ! ! !
I have not had this much fun learning about computers since my CoCo 6809 OS9 days !
The feeling of having control over my computers has returned !
Thanks, Steve
- linuxsansdisquedur
- Posts: 248
- Joined: Tue 13 Jan 2009, 21:17
- Location: South of France