(old)Puppy Linux Discussion Forum

Whoa!
I was searching Ubuntu Forums tonight when this popped up on my screen!
What the heck is going on????????
see attachments.


Here is the computer and OS I am using:
Toshiba Satellite 2805-S401
OS Puppy 4.3.1 (installed yesterday using CD from Linux Format I'll send the thread of the install procedure in a minute).

I know this is a Windows Virus. And, no, I did not download the attachment.

Sky Aisling

Here is the install we did yesterday. It was a tricky install.

http://www.murga-linux.com/puppy/viewtopic.php?t=62583

these apps are so-called ROGUE ANTISPYWARE, since are false antispyware (really virus) showing a FALSE warning about infection and proposing download of a program that is a spyware or virus

your puppy is is not INVADED

don't warry, it is a windows spyware, not for linux, in future, use noscript and adblock other to mvpshosts

It's like a video showing a false virus report, so people would want to download and run the real virus.

It's kind of funny when it happens in linux, showing an XP style.

So, the Puppy 4.3.1 that we installed on the Toshiba 2805 over the last couple of days is not infected? The system isn't toast? It's ok to open up the machine and use it? I'll make sure pop ups are blocked.

Most importantly, please assure me that I haven't infected this Forum or the other two forums I visited last night which are Mozilla and Ubuntu?

Did you notice on the screenshots of the popup that the time stamp in the lower right hand corner of the system tray said 'disabled'. That worm must come in through the system firmware?

Hello,
LOL, its funny to see "Windows" security pop up on a Linux box..
That should have been your first clue...
You are safe, as is the forum...

Ive even seen them pop up in an "Internet Explorer" window..
LOL...
Tip....Generally, bad spelling/grammar is a big hint...
At least real M$ programmers can spell...

Pop up blocker....

I'm looking at Sea Monkey *preferences* and *tools* now on this 4.2.1 system. Where is the switch to stop all pop ups?

Firefox has a detailed control box for managing pop ups. Sea Monkey doesn't seem to? There is place under *tools* to allow pop ups on specific sites but not to stop them all together.

I'm running 4.2.1. retro. The SeaMonkey that came with it (1.1.15) has the popup blocker to the right of Home on the top toolbar. It looks like a white rectangle with a blue header. If popups are allowed it has a red circle with a red line through it. If popups are blocked it has a check. You can also click tools and put the cursor on Popup manager, then click About Popup Blocking on the menu.

I'm surprised no one has offered to take the virus laden machines off your hands. Since they didn't I won't either. The thing about being a Puppy user, computers are pretty easy to come by. You can dig an old one out of the closet, buy one at a yard sale, shucks people will even give you computers that will run Puppy just fine.

Sky Aisling wrote:Did you notice on the screenshots of the popup that the time stamp in the lower right hand corner of the system tray said 'disabled'. That worm must come in through the system firmware?

Those were hysterical! I particularly liked the "Windows" appearance to the whole screen... "My Documents"... "My Network Places"... Hahaha...

There is a whole range of stuff like this, ranging from "scare ware" (messages designed to convince people to buy unneeded software) to viruses pretending to antivirus software.

Finally found the Adblock button on Sea Monkey running with Puppy 4.3.1.
It's down in the right hand corner right above the system time.
On my screenshots it says, 'disabled'. It now says 'Adblock'.

@obxjerry - where do you sail in Kentucky?

love the dragons and katchup....

@obxjerry - where do you sail in Kentucky?

I don't sail much anymore. My wife and I got interested in sailing when we saw sailboats in harbors when we went on a Caribbean cruise. The cruising life seemed like a good dream to chase. Neither of us had ever been on a sailboat. The author of the book I borrowed at the library said he couldn't teach me to sail by reading what he wrote. I had to get on a boat; begged, borrowed, built or bought. We chose bought and on a cold April day went sailing for the first time on a 741 acre lake 50 miles north of Louisville.

That was a 21' boat and we sailed; the Ohio River, local lakes and hauled it to Hatteras Island, NC and sailed the Pamlico Sound. We bought a 16' boat that was easier to rig and used it about the same. I bought a 11' boat I could rig myself and could go sailing for an hour or two at a close, small lake. In 2000 we sold all the boats and moved to Hatteras Island. We lived on a canal, bought a 17' boat and sailed a lot in Pamlico Sound. 3 years later we moved to Pine Island in Florida, lived on a canal and sailed that boat and later a 28' boat. We sailed Matlacha Pass, Pine Island Sound and San Carlos Bay. 4 years later we moved back to Louisville. We've been here 3 years and although we still have the 17' boat, we haven't been sailing.

There are boats docked on the Ohio River, Kentucky Lake and Barkley Lake that are capable of sailing around the world. They can get there by water.

I'll bet that's more than you wanted to know.

I remember just before I converted to Puppy and I was still doing everything in Win XP, a guy at work loaned me a copy of Australian PC User Magazine and they said that the best anti-virus was AVG Free and the best anti-spyware was SpyBot Search & Destroy (also a free download).

So off I go, Googling for AVG Free, which I downloaded with no probs. Then I Googled for SpyBot and this thing came up called SpyBot, so I download and install it. Lo and behold it was a virus PRETENDING to be the real SpyBot. It said I had a hard disk full of viruses, which the Spybot "trial version" couldn't get rid of, but if I paid $29.99 for the "enhanced" version it would clean off the viruses. Fortunately I had a chat to a Tame Geek I know and he warned me this was a scam.

There is a specific website called "safer networking" (if I remember it right) and THAT is where you download the REAL SpyBot - for free. There are about 60 Bogus websites running a Spybot scam, so if you don't know any better there is a good chance you will get ripped-off.

I remember the Bogus "SpyBot" had a really great GUI that looked like the Radar Tracking Screen off the Starship Enterprise. The real SpyBot has a rather plain-looking GUI.

looseSCREWorTWO wrote:There is a specific website called "safer networking" (if I remember it right)

http://www.getsafeonline.org/

artifus wrote:http://www.getsafeonline.org/

...No.

Here's the homepage looseSCREWorTWO is referring to: http://www.safer-networking.org/index2.html (Spybot Search & Destroy)

Hello,
.Malware-bytes -anti-malware...
http://www.malwarebytes.org/mbam.php
free...

Spybot search and destroy...
http://www.safer-networking.org/index2.html
free...

Zone Alarm Firewall
http://www.zonealarm.com/security/en-us ... wnload.htm

Not using Windoze and not having to care...
Priceless...

Malware-bytes -anti-malware... great

alas >>Spybot search and destroy
is not recommended.

Best free firewall >> Comodo
has its own antivirus as well...if you want to install it.

I use Avira Free myself.


The newer Zone Alarms >> last 5 years >> don't bother.

I still run XP with >> ZoneAlarm Free...5.5.062.011

over 5 years old. But you have to know how to set it up.

Chris.

Whoa!
I was searching Ubuntu Forums tonight when this popped up on my screen!
What the heck is going on????????

This requires drastic measures:

Ten years ago, a crack command line unit was sent to prison by a military court for a crime they didn't commit. These men promptly escaped from a maximum security stockade to the Linux underground. Today, still wanted by the government, they survive as soldiers of penguin. If you have a problem, if no one else can help, and if you can find them, maybe you can hire... The Puppy A-Team.

Put out the call . . .
http://www.emergencyyodel.com/

" Put out the call . . . "

Pushes all my buttons.

Chris.

The only reason why it looks like it works is because it javascript based, Basically if you visited a site that gives you a popup and you click to close it and it opens another instance of it up, just go into the privacy section of the browsers preferences and disable javascript. Really most of the actual mallare/adware backend won't and If you want to feel really safe, you can clear the history, and even go one step further and delete /root/.mozilla/firefox/1434sdd.default (some number)/Cache Seamonkey is the same also.
The nice thing about mozilla Browser is that all use the same location for storing all junk files, also there should be a /extensions folder, If you haven't added any extensions then it should be empty or not even there, if it is there look inside and delete it. The default /usr/lib/firefox/extensions is main one for puppy 5, or /lib/firefox/extensions If I put it together. but those don't get altered, they are default, user installed extensions are always in /root/.mozilla/firefox/ etc.
ttuuxxx