| View previous topic :: View next topic |
| Author |
Message |
datababe
Warrior
Joined: 13 Dec 2004
Last Visit: 10 Oct 2012
Posts: 217
Location: Inside your head
|
 Posted: Mon May 11, 2009 11:10 am Post subject: websecuritybureau.com...? |
 |
|
Anyone else run across this one?
hXXp://websecuritybureau.com
Throws up a webpage that looks like a Windows Security Center warning. CA AV popped up with a deletion of w32/seekwel.A, filename axxk.atf, not a moment later, and no coincidence I'd say.
Incidentally, I just hit the above with Opera on my Macbook, and got a JavaScript message that goes like this:
| Quote: |
<websecuritybureau.com>
Warning!!! Your computer contains various signs of viruses and malware programs presence. Your system requires immediate anti viruses check! System Security will perform a quick and free scanning of your PC for viruses and malicious programs."
|
I didn't get the Windows Security Center facade, possibly because the script didn't execute fully/properly. I did check off "stop executing scripts on this page". Um, d'oh!
p.s. source code for the page is good for a chuckle. Off to do a whois search. 
_________________
- Datababe
Until you spread your wings, you'll have no idea how far you can walk.
http://redoakranch.x10hosting.com
http://datababe007.blogspot.com |
|
| Back to top |
|
 |
MysteryFCM
Malware Expert
Joined: 28 Aug 2004
Last Visit: 01 Mar 2013
Posts: 841
Location: Tyne & Wear, UK
|
|
| Back to top |
|
|
MysteryFCM
Malware Expert
Joined: 28 Aug 2004
Last Visit: 01 Mar 2013
Posts: 841
Location: Tyne & Wear, UK
|
| Posted: Mon May 11, 2009 1:24 pm Post subject: |
|
|
[dupe]
_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net |
|
| Back to top |
|
|
datababe
Warrior
Joined: 13 Dec 2004
Last Visit: 10 Oct 2012
Posts: 217
Location: Inside your head
|
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 17 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Mon May 11, 2009 7:15 pm Post subject: |
|
|
Interesting....
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.  |
|
| Back to top |
|
|
datababe
Warrior
Joined: 13 Dec 2004
Last Visit: 10 Oct 2012
Posts: 217
Location: Inside your head
|
|
| Back to top |
|
|
mikey
Malware Expert
Joined: 12 Feb 2004
Last Visit: 03 Sep 2012
Posts: 1061
Location: CenTex
|
|
| Back to top |
|
|
MysteryFCM
Malware Expert
Joined: 28 Aug 2004
Last Visit: 01 Mar 2013
Posts: 841
Location: Tyne & Wear, UK
|
| Posted: Tue May 12, 2009 9:08 am Post subject: |
|
|
I believe so, yep
Several of those listed at RobTex aren't resolving for me 
hosts-file.net/misc/hpObserver_-_209.44.126.22.html
_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net |
|
| Back to top |
|
|
mikey
Malware Expert
Joined: 12 Feb 2004
Last Visit: 03 Sep 2012
Posts: 1061
Location: CenTex
|
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 17 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Tue May 12, 2009 12:09 pm Post subject: |
|
|
Marcia Jones' address is fake.
Mapquest:
| Quote: |
| We did not find an exact match for your search, but we found a similar location: |
Not that I'm surprised however. 
Seems I recall some talk about Regtime being ESTDomains' replacement.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. |
|
| Back to top |
|
|
|
