| Author |
Topic: postcards 1001 |
Howard Tate
From:
Leesville, Louisiana, USA, R.I.P.
|
Posted 21 Aug 2006 3:39 am |
|
Does anyone know anything about this site? I've been getting this message from them:"You've received a post card from a family member. I clicked on it and it showed something being downloaded and then nothing. I went immediately to my hard drive and found a new executable, which I deleted. Am I being paranoid or is this a bad thing?
------------------
Howard |
|
|
|
Bill McCloskey
From:
Nanuet, NY
|
Posted 21 Aug 2006 7:35 am
|
|
| It is not a legitimate site. If you look up the whois address, it is not owned by anyone. I'd run a utility that checks for trojans and viruses. You are probably still infected. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 21 Aug 2006 8:20 am
|
|
Whois Record
ICANN Registrar: BELGIUMDOMAINS, LLC
Created: 06-Jul-2006
Expires: 06-Jul-2007
Registrar Status: REGISTRAR-LOCK
Whois Server: whois.belgiumdomains.com
Name Server: NS5.TEST--ZONE.COM
Whois History: 7 records have been archived
Registrant:
Cambridge Capital, Ltd (POSTCARDS1001-COM-DOM)
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
+1.5097526515
Whois Privacy and Spam Prevention by Whois Source
Domain Name: POSTCARDS1001.COM
Status: PROTECTED
Administrative Contact:
Cambridge Capital, Ltd Whois Privacy and Spam Prevention by Whois Source
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Reverse IP: 239,066 other sites hosted on this server
This domain is part of a huge parked domain rediredtion scheme managed by oingo.com. The landing page for the domain is a frameset with this as the main frame source: apps5.oingo.com/apps/domainpark/domainpark.cgi?s=postcards1001.com
The scripting detects the IP location of the visitor and provides a landing page in that language. The snapshot I saw on DomainTools.com shows Russian text. A warning during a whois lookup also states: "Belgium Domains appears to only register domains for cybersquatters."
Avoid visiting this website without a highly secured browser.
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage.
Learn about current computer virus and security threats here.
Read Wiz's Blog for security news and update notices
|
|
|
|
Howard Tate
From:
Leesville, Louisiana, USA, R.I.P.
|
Posted 21 Aug 2006 8:33 am
|
|
Guess I was right. I ran a virus scan and Spybot and Ad Aware as soon as I got it. Thanks for the info.
------------------
Howard |
|
|
|
b0b
From:
Cloverdale, CA, USA
|
Posted 21 Aug 2006 10:27 am
|
|
| I never open those things. They usually point to an EXE file, which is really bad news in Windows. An EXE file has the rights to do anything at all to your computer. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
|
|
|
