HOAX ! : Osama Bin Ladin Found Hanged

Hoax !

Dave

Worse than a hoax. Virus/Trojan.

This one has been around a few weeks.

Tom
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:%...
| Hoax !
|
| Dave
|
|

As of yet I have NOT seen a virus/Trojan in this site. Have you ?

Actually this Osama post and others concerning Arnold Schwarzenegger's demise have been
around since mid July. The newest doesn't have a ZIP file in the URL. Under certain
circumstances however I have seen a "settings.exe" attempt to be posted to a UseNet News
Group but it is sporadically seen and hard to reproduce. McAfee v8.0 Enterprise, Engine
v320 and DAT v4389 detects nothing and nether does AVERT/McAfee WebImmune. I await further
feedback from AVERT.

Last nite there was a flood of posts to UseNet eminating from several ISPs (including)...
Aliant Internet
Road Runner
Comcast Online

(forged ?) with subjects...
Illegal Porn
Teen Girl Anal Movies
Teen Girls Getting Analed (Movies)

All going to the same web site (obfuscated w/spaces) 'http: //www. theparadise. x-y.net/'

Tom, do you have additional information ?

Dave




"Tom Pepper Willett" <> wrote in message
news:%...
| Worse than a hoax. Virus/Trojan.
|
| This one has been around a few weeks.
|
| Tom
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| news:%...
| | Hoax !
| |
| | Dave
| |
| |
|
|

Like a big dummy, I clicked on the link. After seeing the website was bogus,
I closed IE down. I know better than this!

Now, upon booting my system, I get the following message:

Settings (1) .exe
CRC Error! File content has been modified. If you run a system debugger,
clear all breakpoints before running this program!.

I have run a complete virus scan with my updated AVG Professional 7.0
I ran cwshredder, which found nothing.
I ran Spybot Search and Destroy, which found nothing.
I ran Ad Awar 6.0, which found nothing.

Is this message associated with going to that website? I am running XP Pro
SP2.

Don Burnette





David H. Lipman wrote:
> As of yet I have NOT seen a virus/Trojan in this site. Have you ?
>
> Actually this Osama post and others concerning Arnold
> Schwarzenegger's demise have been around since mid July. The newest
> doesn't have a ZIP file in the URL. Under certain circumstances
> however I have seen a "settings.exe" attempt to be posted to a UseNet
> News Group but it is sporadically seen and hard to reproduce. McAfee
> v8.0 Enterprise, Engine v320 and DAT v4389 detects nothing and nether
> does AVERT/McAfee WebImmune. I await further feedback from AVERT.
>
> Last nite there was a flood of posts to UseNet eminating from several
> ISPs (including)... Aliant Internet
> Road Runner
> Comcast Online
>
> (forged ?) with subjects...
> Illegal Porn
> Teen Girl Anal Movies
> Teen Girls Getting Analed (Movies)
>
> All going to the same web site (obfuscated w/spaces) 'http: //www.
> theparadise. x-y.net/'
>
> Tom, do you have additional information ?
>
> Dave
>
>
>
>
> "Tom Pepper Willett" <> wrote in message
> news:%...
>> Worse than a hoax. Virus/Trojan.
>>
>> This one has been around a few weeks.
>>
>> Tom
>> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
>> news:%...
>>> Hoax !
>>>
>>> Dave

It appears so Don.

Still no feedback from McAfee AVERT.

I may have been too quick to call this just a hoax. :-(

It still is some form of Social Engineering to do something -- what is the question.

Dave





"Don Burnette" <> wrote in message
news:%...
| Like a big dummy, I clicked on the link. After seeing the website was bogus,
| I closed IE down. I know better than this!
|
| Now, upon booting my system, I get the following message:
|
| Settings (1) .exe
| CRC Error! File content has been modified. If you run a system debugger,
| clear all breakpoints before running this program!.
|
| I have run a complete virus scan with my updated AVG Professional 7.0
| I ran cwshredder, which found nothing.
| I ran Spybot Search and Destroy, which found nothing.
| I ran Ad Awar 6.0, which found nothing.
|
| Is this message associated with going to that website? I am running XP Pro
| SP2.
|
| Don Burnette
|
|
|
|
|
| David H. Lipman wrote:
| > As of yet I have NOT seen a virus/Trojan in this site. Have you ?
| >
| > Actually this Osama post and others concerning Arnold
| > Schwarzenegger's demise have been around since mid July. The newest
| > doesn't have a ZIP file in the URL. Under certain circumstances
| > however I have seen a "settings.exe" attempt to be posted to a UseNet
| > News Group but it is sporadically seen and hard to reproduce. McAfee
| > v8.0 Enterprise, Engine v320 and DAT v4389 detects nothing and nether
| > does AVERT/McAfee WebImmune. I await further feedback from AVERT.
| >
| > Last nite there was a flood of posts to UseNet eminating from several
| > ISPs (including)... Aliant Internet
| > Road Runner
| > Comcast Online
| >
| > (forged ?) with subjects...
| > Illegal Porn
| > Teen Girl Anal Movies
| > Teen Girls Getting Analed (Movies)
| >
| > All going to the same web site (obfuscated w/spaces) 'http: //www.
| > theparadise. x-y.net/'
| >
| > Tom, do you have additional information ?
| >
| > Dave
| >
| >
| >
| >
| > "Tom Pepper Willett" <> wrote in message
| > news:%...
| >> Worse than a hoax. Virus/Trojan.
| >>
| >> This one has been around a few weeks.
| >>
| >> Tom
| >> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| >> news:%...
| >>> Hoax !
| >>>
| >>> Dave
|
|

It appears so Don.

Still no feedback from McAfee AVERT.

I may have been too quick to call this just a hoax. :-(

It still is some form of Social Engineering to do something -- what is the question.

Dave





"Don Burnette" <> wrote in message
news:%...
| Like a big dummy, I clicked on the link. After seeing the website was bogus,
| I closed IE down. I know better than this!
|
| Now, upon booting my system, I get the following message:
|
| Settings (1) .exe
| CRC Error! File content has been modified. If you run a system debugger,
| clear all breakpoints before running this program!.
|
| I have run a complete virus scan with my updated AVG Professional 7.0
| I ran cwshredder, which found nothing.
| I ran Spybot Search and Destroy, which found nothing.
| I ran Ad Awar 6.0, which found nothing.
|
| Is this message associated with going to that website? I am running XP Pro
| SP2.
|
| Don Burnette
|
|
|
|
|
| David H. Lipman wrote:
| > As of yet I have NOT seen a virus/Trojan in this site. Have you ?
| >
| > Actually this Osama post and others concerning Arnold
| > Schwarzenegger's demise have been around since mid July. The newest
| > doesn't have a ZIP file in the URL. Under certain circumstances
| > however I have seen a "settings.exe" attempt to be posted to a UseNet
| > News Group but it is sporadically seen and hard to reproduce. McAfee
| > v8.0 Enterprise, Engine v320 and DAT v4389 detects nothing and nether
| > does AVERT/McAfee WebImmune. I await further feedback from AVERT.
| >
| > Last nite there was a flood of posts to UseNet eminating from several
| > ISPs (including)... Aliant Internet
| > Road Runner
| > Comcast Online
| >
| > (forged ?) with subjects...
| > Illegal Porn
| > Teen Girl Anal Movies
| > Teen Girls Getting Analed (Movies)
| >
| > All going to the same web site (obfuscated w/spaces) 'http: //www.
| > theparadise. x-y.net/'
| >
| > Tom, do you have additional information ?
| >
| > Dave
| >
| >
| >
| >
| > "Tom Pepper Willett" <> wrote in message
| > news:%...
| >> Worse than a hoax. Virus/Trojan.
| >>
| >> This one has been around a few weeks.
| >>
| >> Tom
| >> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| >> news:%...
| >>> Hoax !
| >>>
| >>> Dave
|
|

Use the most recent Restore point to roll your system back to before
you went to "that site".

MowGreen [MVP]
===============
*-343-* FDNY
Never Forgotten
===============

Don Burnette wrote:

> Like a big dummy, I clicked on the link. After seeing the website was bogus,
> I closed IE down. I know better than this!
>
> Now, upon booting my system, I get the following message:
>
> Settings (1) .exe
> CRC Error! File content has been modified. If you run a system debugger,
> clear all breakpoints before running this program!.
>
> I have run a complete virus scan with my updated AVG Professional 7.0
> I ran cwshredder, which found nothing.
> I ran Spybot Search and Destroy, which found nothing.
> I ran Ad Awar 6.0, which found nothing.
>
> Is this message associated with going to that website? I am running XP Pro
> SP2.
>
> Don Burnette
>
>
>
>
>
> David H. Lipman wrote:
>
>>As of yet I have NOT seen a virus/Trojan in this site. Have you ?
>>
>>Actually this Osama post and others concerning Arnold
>>Schwarzenegger's demise have been around since mid July. The newest
>>doesn't have a ZIP file in the URL. Under certain circumstances
>>however I have seen a "settings.exe" attempt to be posted to a UseNet
>>News Group but it is sporadically seen and hard to reproduce. McAfee
>>v8.0 Enterprise, Engine v320 and DAT v4389 detects nothing and nether
>>does AVERT/McAfee WebImmune. I await further feedback from AVERT.
>>
>>Last nite there was a flood of posts to UseNet eminating from several
>>ISPs (including)... Aliant Internet
>>Road Runner
>>Comcast Online
>>
>>(forged ?) with subjects...
>>Illegal Porn
>>Teen Girl Anal Movies
>>Teen Girls Getting Analed (Movies)
>>
>>All going to the same web site (obfuscated w/spaces) 'http: //www.
>>theparadise. x-y.net/'
>>
>>Tom, do you have additional information ?
>>
>>Dave
>>
>>
>>
>>
>>"Tom Pepper Willett" <> wrote in message
>>news:%.. .
>>
>>>Worse than a hoax. Virus/Trojan.
>>>
>>>This one has been around a few weeks.
>>>
>>>Tom
>>>"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
>>>news:%. ..
>>>
>>>>Hoax !
>>>>
>>>>Dave
>
>
>

"MowGreen [MVP]" <> wrote in message
news:...
> Use the most recent Restore point to roll your system back to before
> you went to "that site".
>

What is the point of installing SP2 if it doesn't catch this sort of thing?

They are mutually exclusive concepts, there is no correlation and SP2 does not come into
context.

Sorry...

Dave




"Broooz" <> wrote in message
news:cfK_c.1257$...
| "MowGreen [MVP]" <> wrote in message
| news:...
| > Use the most recent Restore point to roll your system back to before
| > you went to "that site".
| >
|
| What is the point of installing SP2 if it doesn't catch this sort of thing?
|
|

That worked, thanks MowGreen.

Luckily, I had a restore point from about 4 hours ago when I ran an update
for Diskeeper.
I had to reinstall Diskeeper and the update after the system restore, but
now that problem is gone.

Will be interesting to hear what it was.


Don Burnette




MowGreen [MVP] wrote:
> Use the most recent Restore point to roll your system back to before
> you went to "that site".
>
> MowGreen [MVP]
> ===============
> *-343-* FDNY
> Never Forgotten
> ===============
>
> Don Burnette wrote:
>
>> Like a big dummy, I clicked on the link. After seeing the website
>> was bogus, I closed IE down. I know better than this!
>>
>> Now, upon booting my system, I get the following message:
>>
>> Settings (1) .exe
>> CRC Error! File content has been modified. If you run a system
>> debugger, clear all breakpoints before running this program!.
>>
>> I have run a complete virus scan with my updated AVG Professional 7.0
>> I ran cwshredder, which found nothing.
>> I ran Spybot Search and Destroy, which found nothing.
>> I ran Ad Awar 6.0, which found nothing.
>>
>> Is this message associated with going to that website? I am running
>> XP Pro SP2.
>>
>> Don Burnette
>>
>>
>>
>>
>>
>> David H. Lipman wrote:
>>
>>> As of yet I have NOT seen a virus/Trojan in this site. Have you ?
>>>
>>> Actually this Osama post and others concerning Arnold
>>> Schwarzenegger's demise have been around since mid July. The newest
>>> doesn't have a ZIP file in the URL. Under certain circumstances
>>> however I have seen a "settings.exe" attempt to be posted to a
>>> UseNet News Group but it is sporadically seen and hard to
>>> reproduce. McAfee v8.0 Enterprise, Engine v320 and DAT v4389
>>> detects nothing and nether does AVERT/McAfee WebImmune. I await
>>> further feedback from AVERT. Last nite there was a flood of posts to
>>> UseNet eminating from
>>> several ISPs (including)... Aliant Internet
>>> Road Runner
>>> Comcast Online
>>>
>>> (forged ?) with subjects...
>>> Illegal Porn
>>> Teen Girl Anal Movies
>>> Teen Girls Getting Analed (Movies)
>>>
>>> All going to the same web site (obfuscated w/spaces) 'http: //www.
>>> theparadise. x-y.net/'
>>>
>>> Tom, do you have additional information ?
>>>
>>> Dave
>>>
>>>
>>>
>>>
>>> "Tom Pepper Willett" <> wrote in message
>>> news:%...
>>>
>>>> Worse than a hoax. Virus/Trojan.
>>>>
>>>> This one has been around a few weeks.
>>>>
>>>> Tom
>>>> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
>>>> news:%...
>>>>
>>>>> Hoax !
>>>>>
>>>>> Dave