-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yeah, this is more of the Rogue AV Plague being perpetrated by Russkrainian criminals -- I see many other similar domains involved at those IP addresses (via nameserver dependencies), and all-too-familiar hosting providers (including one notorious Russkrainian hoster in Canada)...
- - ferg On Sun, Nov 8, 2009 at 1:52 PM, RandallM <[email protected]> wrote: > Well...very funny. Had a "live session" with a support person from > "Windows Enterprise Suite" who offered and insisted I download their > software (which went up from build 6 to build 7 in just a few > minutes)! > > I have screen shots of the whole damn thing, load to conversation. > > CC'd you Alex cause I know you love this stuff. > > > Previous Post: > > '''''''''''''''''''''''''''''' > > Was on my Anniversary and didn't get to watch the Fedor vs Rogers > fight broadcast Saturday night (she wouldn't let me sneak off). Did a > quick search and pulled in first place this link: > > http://www.google.com/url?sa=t&source=web&ct=res&cd=1&ved=0CAcQFjAA&url=h > ttp%3A%2F%2Fuocunescochair.net%2F%3Ft%3Dfedor-vs-rogers-replay&ei=3Cj3Sqi > 5I4Te8QahsO3zCQ&usg=AFQjCNFvCJwnkln__-d9MlRcEH4CjzXBPg&sig2=WmIMz0hcFZ68f > qkzhp3rQA > > First thing to pop up was a page small pop-up from "The page at > http://guardsystem-scanner.net says" with a "Warning! Your PC is at > risk". > > Now, the plot thickens. I just deleted my McAfee Antivirus and > installed "Panda's Cloud > Antivirus"(http://www.cloudantivirus.com/en/). I know McAfee wouldn't > have caught this but it would have through access scanner if anything > would have been installed. But my understanding of Panda's Cloud was > to "catch" such bad scripts when it was sent to me "through" the > cloud. > > They typical "Windows Security Alert came "scanning my computer". It > then prompted me to down load "setup_build6_301.exe from > guradsystem-scanner.net. > > There you go if your interested...I'm going back to watch the fights! > > ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' > ' > > -- > been great, thanks > a.k.a System > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFK90Dfq1pz9mNUZTMRAsaKAJ0Se8cEMGwVe3zwa+hTxOEdwCk64ACg49ol 9ZyVZ30vLGVKLY79/eZAaoQ= =/7Rh -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
