Jump to content

1227.com malicous??

IDKWatMNShouldBe
 Share

Recommended Posts

IDKWatMNShouldBe

IDKWatMNShouldBe

Posted
Posted

Hi and :)

I've got pranked once through this website :) . hxxp://1227.com/ Don't go on this website or else he will watch you when you sleep! If you wanna close it hold enter or use task Manager. Some people say that this site is a virus or exploit or it's not a virus it's entertaining... I don't think this is a virus but some people say it is. Could some expert please make it clear? I also wanna prank my friends but if this really is a virus I don't wanna infect there pc's.

Here's the scan results.

http://www.urlvoid.com/scan/1227.com

You should actually read the user comments on mywot :) .

Some anti-viruses block this site like BitDefender and Avira and on BD it says the virus name is called "Joke.NoClose.JS.A" and Avira kinda has a simliar reason it blocked I think.

So MBAM forum, is this really a malicous site and how?!?!

(BTW, when I first when on this site I was :):))

Link to post
Share on other sites
IDKWatMNShouldBe

IDKWatMNShouldBe

Posted
  • Author
Posted
Please null the links when you post them by using bbcode. You can either put it in a CODE box or use italics to do so, or if you wish, use hxxp instead of http.

If you believe it is a false positive please refer to this post: IP Blocking False Positives and post the info here: False Positives

Thanks

I dont know the first thing u were talking about and the second part, I'm not sure if it is infected and most likely not...go on the site... close it with task manager. I just think this site is for prakning people... I want to see what a expert has to say about this site... and this site isnt even blocked from MBAM so yea

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted
I've got pranked once through this website . hxxp://1227.com/ Don't go on this website or else he will watch you when you sleep! If you wanna close it hold enter or use task Manager. Some people say that this site is a virus or exploit or it's not a virus it's entertaining... I don't think this is a virus but some people say it is. Could some expert please make it clear?

Most of these sites are unsupervised and therefore do carry certain infections at most times -

Note what I did to your http link - It is not "live" now -

Please edit your post and do as described above, or an evil Admin will do it -

Also please use the ADD REPLY Tab at the bottom of the page -

Thank You -

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted
............??????????????????????

1 / Do you know how to edit your posts now - ??Click on Edit then Quick Edit

2 / Do you know how to use the Code Box like Wide Glide has done above -

Highlight an item and click on the last square on the right (it says Wrap in code tags) -

This will produce those pinky color boxes that you see - This means that no one can click on the link by accident and get infected -

3 / Once you do that go back and delete the http and make it hxxp Just to be safe -

If you are going to post 'open links' on the open forum you MUST do this -

We have kids who look on this site and will click on any link even if it is bad -

Link to post
Share on other sites
ShyWriter

ShyWriter

Posted
Posted
You are dealing with a precocious child here and have more patience than i would. :)

Wayne

You are giving him(her?) way too much credit with the label of precocious.. :angry:

PRECOCIOUS: Characterized by or characteristic of exceptionally early development or maturity (especially in mental aptitude).

And he's not making "A's" in English either. :angry: BUT; you are correct sir (Ed McMahon to Johnny Carson voice); the patience shown here by the powers that be is downright Saintly.. Even Mother Theresa would have cold-cocked the individual by now. :angry::) I guess that is why you and I have no power to indite, arrest or form firing squads, ehh? :)

Off topic - hey bud; where you been? It's lonely here at times.. cold.. uninviting.. no fun. :)

Back to our regularly scheduled scolding,

~Steve

Link to post
Share on other sites
IDKWatMNShouldBe

IDKWatMNShouldBe

Posted
  • Author
Posted
1 / Do you know how to edit your posts now - ??Click on Edit then Quick Edit

2 / Do you know how to use the Code Box like Wide Glide has done above -

Highlight an item and click on the last square on the right (it says Wrap in code tags) -

This will produce those pinky color boxes that you see - This means that no one can click on the link by accident and get infected -

3 / Once you do that go back and delete the http and make it hxxp Just to be safe -

If you are going to post 'open links' on the open forum you MUST do this -

We have kids who look on this site and will click on any link even if it is bad -

I do know how to edit my posts... its just that nobody will answer my question and I have noo clue what half of you are talking about!

Link to post
Share on other sites
Wide_Glide

Wide_Glide

Posted
Posted

One more try at this. In your first post the site you asked about and left a LIVE LINK and should have been posted as follows

hxxp://1227.com/

Second, you should have followed exile360's instructions to fix it

Please null the links when you post them by using bbcode. You can either put it in a CODE box or use italics to do so, or if you wish, use hxxp instead of http.

If you believe it is a false positive please refer to this post: IP Blocking False Positives and post the info here: False Positives

Thanks

Which lead to my post which should have answered your question about the site in question

@ exile360

NO FP, If I had not been in sandboxie, there would have been a opps :)

VT Report-7/42 (16.67%)

The rest of the posts should explain their-self but please notice this section of the Forum is for

General Malwarebytes' Anti-Malware Forum

Please post any problems or comments related to Malwarebytes' Anti-Malware in this forum.

Thank you very much :)

Also, when replying, please use the ADDREPLYa8JTu.jpg button located at the bottom of the page, as this makes the forum easier to read.

i dont get why u have to put it in hxxp and not a live link.

EDIT:

Even if they copy and paste it, it still will not work.

Link to post
Share on other sites
IDKWatMNShouldBe

IDKWatMNShouldBe

Posted
  • Author
Posted
One more try at this. In your first post the site you asked about and left a LIVE LINK and should have been posted as follows

hxxp://1227.com/

Second, you should have followed exile360's instructions to fix it

Which lead to my post which should have answered your question about the site in question

The rest of the posts should explain their-self but please notice this section of the Forum is for

Thank you very much :)

okay okay .... too many things at once.... i dont know how to scan sites with VT and why hxxp?!?! i dont get why u have to put it in hxxp and not a live link.

Link to post
Share on other sites
  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted
okay okay .... too many things at once.... i dont know how to scan sites with VT and why hxxp?!?! i dont get why u have to put it in hxxp and not a live link.

We don't need people getting infected by clicking a link that leads to malware.

Link to post
Share on other sites
IDKWatMNShouldBe

IDKWatMNShouldBe

Posted
  • Author
Posted
We don't need people getting infected by clicking a link that leads to malware.

sooo they could just do it them self. they could just remove the "xx" and replace it with "tt" and they still would be infected... and this site doesnt even seem to be infected. and why cant u edit a topic title?

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted

A report of 16.67% means there has been infections found there -

They may not all be DEADLY infections , but they are infections -

The site may not yet have also been tested by all these companies on VT -

Any site that contains any infections (a VT report of more than about 3%) should never be posted as a LIVE link on the forum -

If people want to type or copy and paste a URL , then you did not cause the infection - That is called Safety First -

This is why you use Code Wrap or remove the http from a link you leave here -

Link to post
Share on other sites
IDKWatMNShouldBe

IDKWatMNShouldBe

Posted
  • Author
Posted
A report of 16.67% means there has been infections found there -

They may not all be DEADLY infections , but they are infections -

The site may not yet have also been tested by all these companies on VT -

Any site that contains any infections (a VT report of more than about 3%) should never be posted as a LIVE link on the forum -

If people want to type or copy and paste a URL , then you did not cause the infection - That is called Safety First -

This is why you use Code Wrap or remove the http from a link you leave here -

I know that a report of 16.67% means there has been infections found there. and this site has been out for a longgggg time and the infections that it shows is

Antivirus----------Version----------Last Update----------Result

-AntiVir----------8.2.4.12----------2010.07.16----------JOKE/BrowserMessage

-AVG------------9.0.0.836---------2010.07.16----------JS/Downloader.Small

-BitDefender--------7.2------------2010.07.17----------Joke.NoClose.JS.A

-F-Secure------9.0.15370.0-------2010.07.16----------Joke.NoClose.JS.A

-GData---------------21------------2010.07.17----------Joke.NoClose.JS.A

-nProtect-----2010-07-16.01------2010.07.16----------Joke.NoClose.JS.A

-Rising---------22.56.04.04--------2010.07.16----------Joke.Script.JS.NoClose.b

Those dont sound that dangerous :) those are basically saying its a joke that hard to close i think...again, not soo dangerous.

... and my title says "i have warned u" so thats the safety....

Link to post
Share on other sites
noknojon

noknojon

Posted
Posted
Antivirus----------Version----------Last Update----------Result

-AntiVir----------8.2.4.12----------2010.07.16----------JOKE/BrowserMessage

-AVG------------9.0.0.836---------2010.07.16----------JS/Downloader.Small

-BitDefender--------7.2------------2010.07.17----------Joke.NoClose.JS.A

-F-Secure------9.0.15370.0-------2010.07.16----------Joke.NoClose.JS.A

-GData---------------21------------2010.07.17----------Joke.NoClose.JS.A

-nProtect-----2010-07-16.01------2010.07.16----------Joke.NoClose.JS.A

-Rising---------22.56.04.04--------2010.07.16----------Joke.Script.JS.NoClose.b

I do not want to be infected by one site you post - So do not post them here - Post them in the areas that diagnose infections -

We do not diagnose infections in this area of the forum or help with other infected sites -

Read the headings of each area of the forum until you find one that looks like it diagnoses threats - :)

This area of the forum is for problems with Malwarebytes and solutions to those problems -

READ THE HEADING OF THIS AREA - PUT YOUR GLASSES ON IF YOU NEED THEM - :):)

General Malwarebytes' Anti-Malware Forum

Please post any problems or comments related to Malwarebytes' Anti-Malware in this forum.

Can you read this ?????

Link to post
Share on other sites
  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted

The site is malicious, users need to stay away from it on all accounts, anyone not doing so can take their own risks.

This topic has run it's course, we'll be locking it now.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.