Forum: Poser - OFFICIAL

yeah... leaves needles all over the fscking carpet. /P

My firewall has also just blocked the Xmas Scan

Symantec Personal Firewall reports:
Details: Attempted Intrusion "TCP_Xmas_Scan" against your machine was detected and blocked.
Intruder: market.renderosity.com(66.18.106.198)(http(80)).
Risk Level: Low.
Protocol: TCP.

Not good. Probably not a good time to go shopping at R'osity.

Regards,
Jovial.

That does it! They are off of my Xmas card list.

I thought they do use MySQL. Maybe one of their machines has been infected, or is being used as a slave machine by some hacker at a remote location.

A hacker could have a great time downloading models from various people's accounts- once they could log in under your own account name. In this respect I think Renderosity has the most LOW TECH security system of any website like it. But RDNA uses Bondware also, and once logged-in, you can freely download a couple of years worth of model purchases! If I was a MERCHANT, all of this would really make me CRINGE at the thought that hackers could be robbing their sales and future income. But the earlier Pop-Up of someone trying to sell computer games might be a clue as to who might be doing this. I have my Norton log of where these attacks are (or appear to be) coming from- (but I'm not posting them here...)

Alright... have to say a few things. First, the evil people who all have nothing else to do but trying to get hold of your computer via the net are not hackers, they are called crackers or scriptkiddies. Second. If you are 'browsing Renderosity', you are not only only 'browsing Renderosity'. Your computer is permanently connected to the net at that moment, with its own IP address which usually is given to you by your ISP for the time you're online. If you severe the connection and dial in anew, you will probably have a different IP address, because those are given away dynamically. And that's where those 'attacks' often come from: Imagine someone else has the IP 1235 and is playing an online game, which identifies him by his IP address. Now that playing person turns off the computer. The IP 1235 is available again. If you now dial in and your ISP gives that 1235 to you. The game server is still 'looking' if the player at 1235 is present by sending data packets to him. And now - surprise - your firewall pops up with something like 'Attempted Intrusion "TCP_violent_gameserver" against your machine was detected and blocked' - even if you were 'just' checking your emails or browsing Renderosity. See what this is about? Of course, there is the faint possibility that someone is doing a portscan on your computer - with a billion possible IPs to scan, this is still more unlikely than being struck by lightning. But that would not result in one, but in possibly several thousand messages from your firewall... And if your ports are correctly configured, you don't need to be afraid (but then you also would not need a firewall, right...?). But then there's still another possibility: the server of Renderosity has caught a virus or worm. That, however, would be, let's say, rather not so good....

If it only happens when you log into the marketplace, I'd be more worried they're trying to steal your credit card info rather than your downloads. Sounds more like you guys all got hit with a spyware virus that is triggered by keywords that may appear in the taskbar of your browser... like 'market'. Try going somewhere else that also has the word 'market' in the URL, and see if it happens again. That should narrow it down to being possible spyware, or something fishy with this marketplace in particular.

Tools : 3dsmax 2015, Daz Studio 4.6, PoserPro 2012, Blender v2.74

System: Pentium QuadCore i7, under Win 8, GeForce GTX 780 / 2GB GPU.

Beware the mutant Xmas trees....!

"You don't have to be mad to use Poser... but it helps"

ziggie -- Yes, that's the way it happens. It's horrible. Worst of all is when it spews tinsel, and then ties someone up in it.

I have yet to experience any of this. For those of you using windows you should turn on your windows firewall if you have XP Pro. I browse this site at all different times as I work the odd shift and have never been attacked on the web or this site. The firewall will stop all incoming messages from windows. It doesn't sound like a hacker. A real hacker wouldn't be bothered with this site. It wouldn't be worth their trouble. Hackers, the real ones, do not lower themselves to script kiddie level. Sounds to me like you picked up something from your browsers not this site and it infected your machine, hence, the popups. I haven't had any popups appear from this site when browsing and I dont use any fancy software. Just windows firewall. ;)

Message edited on: 01/26/2005 17:25

MAC OSX .... accept no substitutes.... ;-)

I visit RDNA, Poser Pros and DAZ on a regular, almost daily basis, and it doesn't happen over there. Never seen anything like this on the other sites- so right now I would have to narrow it down to someone targeting the RMP. And the FACT IS, there are models worth THOUSANDS of Bucks to be downloaded and resold, etc. I think those who are trying to laugh this off have me wondering where they are coming from. I think its a SERIOUS threat to people who might be getting their personal info ripped off and to venders who could be losing $$$ in sales. It's nothing to be laughed at... I've been on the internet for over 15 years, manage over 20 websites and a large server- and while I'm not a true techie (I have others doing that for me)- I'm not stupid either. I have the latest firewall and Norton packages and updates- which probably does protect me from script-kiddies, but NOT from a hacker with SERIOUS TOOLS, or maybe an INSIDE ACCESS- where Administrator Powers can do almost ANYTHING once you are logged into someone else's domain...

Hi all,

It is a nice theory that those of us who have SEEN the messages warning of blocked intrusions into our PCs have actually already been compromised BUT this neglects the following facts:

Hackers don't attack sites, Zombie (compromised) PCs and servers do.
I am running Symantec Antivirus + Firewall, AdAware and MS Antispyware (all updated, usually every day). The problem really does not appear to be at my end!
My IP address is dynamically assigned so the chances of getting a spoof TCP attack to me, supposedly from marketplace is pretty tiny.

Can't someone wake up a techie at R'osity?

Jovial.

I agree that this is something that should be looked into by RR staff -- but (at this point) I don't think that it represents a particularly serious threat. My firewall fends off 100's of various types of scans every week. And it has done so for years. So, a mere scan doesn't get me started. Besides, that's why I've got both hardware and software firewalls in the first place.

Well- if you read my original post- it is NOT just one "mere scan"- this is a regular pattern that has been going on for nearly three weeks- all ONLY HERE at RMP. Among the MANY attempts reported by Norton was "MS-SQL_NullPacket_DoS" A threat which happened while in the RMP- Norton says- "This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening." So there is no "mere scan" or low level threat here- someone is trying a SERIES of attempts using a variety of methods- and they are INCREASING in frequency... Just because YOUR MACHINE software hasn't warned you, doesn't mean that it is NOT happening on your machine! Maybe you just haven't DISCOVERED it yet- or the hacker(s) hasn't reached your machine yet...

Crap I thought this was another post about some new Poser like software that would render better than Vue or have a cartoon plugin. :(

Yes, avalon/bondware is the Renderosity Marketplace server. Without doing any diggin yet, it seems (or I'd like to hope) that someone is just spoofing our information. It does seem strange. I have looked over the Marketplace server and I don't see anything out of the ordinary. However, I have reported this to the real "techies" for them to make sure it's not a problem. They are currently dealing with backbone connection issues right now, so it may be a little while before they can look into this. I'll let you know something as soon as we find out more. Thanks to everyone that has notified us about it. Jenifer Keeling Rendeorsity Admin

Attached Link: http://www.whitehats.com/info/ids144

This is what I read about the error from Norton's site: *"Tcp_Xmas_Scan Severity: Low This attack poses a minor threat. Corrective action may not be possible or is not required. Attack Category: Suspicious Activity Anomalous network conditions or traffic patterns. A suspicious activity signature, for example, might detect two systems with identical IP addresses, a condition that indicates an attempted IP spoofing attack. Description This signature detects a TCP packet that contains a sequence number of zero, and with the FIN, URG, and PUSH bits set. Sending invalid combinations can result in DoS, Enumerations, and Reconnaissance. Additional Information There are reported incidents where legitimate traffic may cause an intrusion detection system to raise "false positive" alerts for this event."* More info at link

Attached Link: http://securityresponse.symantec.com/avcenter/attack_sigs/sigs/MS-SQL_NullPacket_DoS.html

From Symantec's Website... MS-SQL_NullPacket_DoS Attack Category: Denial of Service Severity: High This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. Description This signature detects an attempt to exploit the NULL byte vulnerability in MS SQL Server. If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data, it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTION_ACCESS VIOLATION." Links SecurityFocus Website, BID: 817 Common Vulnerabilities and Exposures (CVE) Website, CVE-1999-0999 Microsoft Security Bulletin MS99-059

hmmm.. well...hmmmm...

"And the FACT IS, there are models worth THOUSANDS of Bucks to be downloaded and resold, etc. I think those who are trying to laugh this off have me wondering where they are coming from." Perhaps from this place called "reality" where these "thousands of bucks worth of models" can be had freely from P2P networks by any half blind chimpanzee with an internet connection all accomplished without some elaborate ghost in the shell backdoor campaign requiring one to assume the virtual identity of each os us merchants and login to renderosity directlyas that person and then .......sheesh!!!! do i even need to finish this paragraph??.

We are so screwed.

Do the impossible, see the invisible

ROW ROW FIGHT THE POWER

Touch the untouchable, break the unbreakable

ROW ROW FIGHT THE POWER

hey now wolf...be nice..not everyone is brilliant :P

Don't forget the woody points of cracking a high traffic site...and let's face it, if a kiddie could infect the Rosity backbone servers with a DoS worm, think of how many zombies might be created, just waiting to attack...

[Bad Scottish Accent] Aye, we're doomed. Doomed, I tell ye. [/Bad Scottish Accent]

Coppula eam se non posit acceptera jocularum.

My Store

My Gallery

I don't view this as a major threat. It's not the type of thing that I'll lose any sleep over. And, believe me......when it comes to internet security issues: I'm paranoid. This one doesn't rise to the level of a serious concern. Sorry if that disappoints anybody........

If its not happening to YOU- then you are NOT concerned... But since some of the above seem to make it clear that they get their software and models from P2P- which basically means theft and piracy- I'm not surprised at their LACK of concern about security issues. I guess I must be one of the few people who still BUY their software and models. I hadn't realized that the acceptance of THEFT is so wide-spread and basically "cheered"... (Only STUPID people still BUY their software and models, according to some of the above posts...)

*But since some of the above seem to make it clear that they get their software and models from P2P- which basically means theft and piracy- I'm not surprised at their LACK of concern about security issues.

I guess I must be one of the few people who still BUY their software and models. I hadn't realized that the acceptance of THEFT is so wide-spread and basically "cheered"...

(Only STUPID people still BUY their software and models, according to some of the above posts...)*

Oops. I think that you are misinterpeting wolf359's post. He's one of the last people that I would accuse of using P2P for purposes of theft.

He was merely stating that since it's so easy to steal models by the services of P2P, then why would any hacker expend the great effort that's required to swipe the models directly? Not to mention the risks involved to the thief. P2P is so much easier.

BTW - I don't have any P2P software. I know some people that use Kaazaa -- and there are legit uses for that software -- but I don't have it. Or any others like it.

As for wolf359, he's an old hand in the Poser community -- well known. No P2P going on there, I wouldn't think.

If its not happening to YOU- then you are NOT concerned...

No.....I just don't see this one as a serious threat.

And that's my honest opinion.

If I did perceive this to be a matter of deep concern, then I'd say so -- whether it was happening to me or not.

Game over man! Game over! What are we gonna do now?! No one above seemed to make it clear that they got anything from a peer to peer network, they said it would be much easier than trying some complicated hack as you were 'theorizing'. So lay off the snide insinuations. I'm sorry your getting bent out of shape that some folks are not taking your cries of alarm to seriously but as JennyK covered in the info about the Xmas deal "There are reported incidents where legitimate traffic may cause an intrusion detection system to raise "false positive" alerts for this event." As a computer technician who does this sort of thing for a living, I consider Nortons to be slightly above actually being infected with a virus. It's buggy, gives false positives far to often, and many times indicates the wrong type of attack is occurring.

If people really were breaking in to Renderosity to steal stuff, why on earth would they be pinging people and otherwise attracting attention? Why is it only apparently affecting one person? What do the alerts actually mean? There are more questions than anything else here, as far as I can see. bonni

"When a man gives his opinion, he's a man. When a woman gives her opinion, she's a bitch." - Bette Davis

Just because people are bouncing up and down excitedly on the trampoline with you doesn't mean that they are all skulking sneak thieves! Maybe they have other protections. Maybe they use other operating systems. Maybe they've seen enough of Norton's quirks not to panic. Maybe they even have severe real world issues more worth worrying over than whatever is going on inside YOUR machine. Given all the sites that you visit, you ought to be more worried about that. And, BTW, it is crackers, not hackers. Carolly

Oooorah! ....sorry....wasn't that my line? ....(shit!) Scarab <-(will never work in this town again, yadda yadda)

well, at least it brings to our attention to have better at home and server security that is the issue here. Sigh Unfortantly there will always be some taffer trying to invade servers, which I know all to well because Myself I have two large servers. I do doubt that hackers are stealing passwords from renderosity though, I mean their security is pretty tight from what understand, but nothing is perfect. PHP problem: As a merchant finding my products on warez cds and other cd's being sold I am quite pissed off, of course it effects sales and thing is what can i do? contact jenyk I gather and hope for a reslove? This is my idea, purely therological though. I believe that the "crackers" as haunksdottir so corrected. Is ethier buying and reselling or putting it up on PHP servers for mass distrobution. >:(. Sera

Is like the vampires, they only enter if you open the door.
Renderosity can have ten thousands of hackers, crackers, trackers, packers, but they only can enter if your computer has something that opens the door.
The problem is your computer and not Renderosity, probably you have some spy or virus installed on it.
I have no Norton, no firewall, no active antivirus and I live in peace and very happy, of course I have no XP neither use IE!

Message edited on: 01/27/2005 02:16

Message edited on: 01/27/2005 02:17

Stupidity also evolves!

I think it's Norton at fault here. ZoneAlarm Pro shows nothing when going to the marketplace. and put it this way, ZA Pro is 20 times the firewall than norton will ever be. Plus the logs from my hardware firewall..... show nothing as well. false positive to norton again.

Not wishing to be contentious, but I can verify that Wolf359 DOES buy, and, without going into specifics, I would be very very surprised indeed if he/she was stealing stuff via p2p.

"That which doesn't kill you is probably re-loading"

Nothing showing up on ZA Pro logs here either!

MS Windows 7 Home Premium 64-bit SP1
Intel Core i7-2600 CPU @ 3.40GHz, 12.0GB RAM, AMD Radeon HD 7770

PoserPro 2012 (SR1) - Units: Metres , Corel PSP X4 and PSE 9

Attached Link: http://www.renderosity.com/messages.ez?ForumID=12357&Form.ShowMessage=2092238

Recently I came across a thread in the Community Center forum with a link to Mike Bonnel's wallpaper site which I HAD been to months ago but just re-visited to refresh my memory. I got the same exact alert as Veritas did the MSSQL Nul Packet DoS. Just mentioning this in case anyone can figure out where these are coming from - I'd guess one of the ads?

"I have no Norton, no firewall, no active antivirus and I live in peace and very happy, of course I have no XP neither use IE!" Good luck in the future. I don't have XP nor use IE nor anything remotely associated with Outlook, but I don't rely on being lucky - I have a firewall (which btw reports access attemps every freaking day - about 1/100 of them being reported as blocked high-security risks), av-software and anti-spyware software. I consider having the protection BEFOREHAND a wise precaution.

Thanks to all that have "defended" me even though it was not even necessary, I thought it was *common knowledge that P2P existed and poser items,Mp3's as well as entire major 3D packages can be Gotten from those sources. without this frankly ridiculous scheme of assuming a particular merchants identity just to steal his/her "conforming latex thigh boots" :-) But Alas Some people now seem upset that they have taken time from playing "flight simulator" in thier luxury Hawaiin condo, to post yet another EARTH SHATTERING revalation that will save us all. and we, the great unwashed masses, have yet again shown a complete lack of apreciation for the wisdom and grand vision of our would be saviour:-) Same old, Same old ( walks away, shaking head ruefully)

<---- puts on his tinfoil beanie hat.

I don't mean to spoil the fun, but what does this have to do with Poser? Why is this in the Poser Forum? I only ask because I've had messages moved that had a lot more to do with Poser than this message. And I agree with wolf359- there are a lot easier ways to obtain Poser products than by trying to hack into this site. Just install [no name], so a search for "Poser" or "Renderosity" or "DAZ" and you'll be able to download hundreds of items. (I left out the name of the actual p2p program so the 10 people who don't know about p2p file-sharing won't figure it out.) --John

VanishingPoint... Advanced 3D Modeling Solutions

I don't mean to spoil the fun, but what does this have to do with Poser? Why is this in the Poser Forum? I only ask because I've had messages moved that had a lot more to do with Poser than this message. << Because the off topic forum is gone. 8-)

Seven Days? We're not gonna last seven hours? Incase you haven't been keeping up with current events we just got our asses kicked out there! (i no longer have anything constructive to say, just felt like adding to the comedic hysteria the thread is losing) :)

I'm still worried about that Xmas Tree thing......ziggie's picture was a warning to us all......

I haven't been to the site lately, but I've got a URL to show what OS/Systems, etc. a web site is running. At last check (few months ago), I seem to remember it was about 10 Linux servers, and one Microsoft box. I can dig the URL up if anyone's interested..
Now that you guys mention it, when I logged onto 'rosity last night, instead of the usual Vickie clothing advert in the upper right hand corner, I saw one for finding out about my credit score (which is 0, so there's no sense looking even if it was legit..;). That didn't look normal. Time to drag out ad-aware and do another scan
Re warez- I went there about 3 years ago, and it was something like what I've heard about the pr*n sites; thumbnails that direct you to sites with more thumnails that direct you to sites with more thumbnails, etc..ad infinitum. Then I got a virus, so I'd steer clear of 'em. Not worth the trouble.

I wish I'd said that.. The Staircase Wit

anahl nathrak uth vas betude doth yel dyenvey..;)

Speaking from a position of ignorance, are you looking at the wrong side of the equation? Which is more valuable to the crook? A random Marketplace item, or a customer's credit-card details? But how paranoid do you want to get?

The most probable cause are the off-site banners (like Smiley Central). Renderosity has no control over what those other sites are doing. I've read another thread about SmileyCentral and nasty script kiddies. A bit OT maybe, but I think it would be a good idea to remove all off-site banners (okay, RDNA, PoserPros and other RESPECTABLE sites about 3D would be fine!) and reserve that space for merchants. That would also increase trips to the MP. Right now, I don't trust the banners anymore, so I don't click them anymore (and I consider blocking them). That's a loss for the MP.

The pen is mightier than the sword. But if you literally want to have some impact, use a typewriter

My gallery My freestuff

It's always the easiest solution to say that people need to check their own puters instead of warning that they met with something bizarre here at R. (or another site).
My puter is free of Adware, I have no Trojans, viruses or whatever.
And I see no reason whatsoever to try and ridiculise someone who starts a thread like this and asks for a second opinion (because to him also this seems unlikely).
It is very cheap to try and make fun about it.

Message edited on: 01/27/2005 13:14

I have tried prudent planning long enough. From now I'll be mad. (Rumi)

Anyone concerned about this Norton warning should do a search on "TCP_Xmas_Scan" to see that it is a relatively common warning that does NOT usually require action. If you do a search, you'll see it's rather common. It is possible that our site having multiple IP addresses causes some to get that warning. I use Norton too, but haven't received that message. I think it's because I don't have my settings as sensitive (I don't care to know about minor things that don't need attention). I can say that the site was running slow due to backbone/bandwidth issues. That caused several SQL errors, but the slowness was not related to the Norton message you received (above). We do occassionally get DoS attacks and have to fight over zealous crawlers (search bots), but we try hard to keep the site (servers) running at their best. We do have adds running that do not direct back to us, so seeing ads about credit reviews isn't highjacked banners :) We did get complaints about the "Central Smileys" banner ad that was running (because when you go to their site it does want to load a bunch of junk on your computer) so we have removed it. Our Marketplace does not load spyware. If you have pop-ups when you're browsing the MP, then it's ad ware that is already on your computer. I hope that helps resolve any concerns about the RMP. Thanks, Jenifer

**Among the MANY attempts reported by Norton was
"MS-SQL_NullPacket_DoS"
A threat which happened while in the RMP- Norton says-

"This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening."**

Norton is too buggy and untrustworthy. I'd trust my windows firewall before I'd trust what Norton tells me.

I think you guys need to lookup the term "HACKER" again: a real hacker WOULD NOT be interested in this site. Not even for credit card info. They target sites like GOV or FBI, etc. This site would not be a challenge to any real hacker. You can actually DL Poser figures from P2P so they wouldnt bother with this site at all. They would NOT lower themselves to script kiddie level and even a script kiddie would not be able to hack into this site. and if that was the real case this site would have gone down for the count, bigtime if it was under a hack, dont get so paranoid. One hack attack and the admins here would catch it in a heartbeat. :)
Message edited on: 01/27/2005 13:24

Agreed that off-site banners are a risk -- I've known other places where the adverts have caused me browser problems, perhaps because they throw some Javascript at me which my browser doesn't like.

I do not browse with IE. I do not have Norton. My own puter is very well protected, so I am not worrying about something that might be installed on my puter through the MP. I am shure that R. does everything possible to protect their servers,and that they have the necessary specialists that can block 99,9% of the eventual attacks. Yet it is not true that one of the biggest Poser-related vendor site with many customers paying either with a credit card or Paypal would not be interesting for someone with dishonest intentions. I am not saying someone got through the safety, but I see no problem in someone warning that something bizarre happened and asking for a second opinion. We all have to be attentive.

I have tried prudent planning long enough. From now I'll be mad. (Rumi)

If people from here are getting popups from the MP that means they could also have a Trojan already embedded in their system or a worm from a previous site and didnt look in their system folders to clean it out. Popup banners lead to browser hijacking, which will, in turn, place trojans & worms on your machine. Norton wont always catch it. If you got caught and keep on experiencing popups on certain sites that don't have em then you will need to cleanout your computer. Virus software doesn't always prevent your browsers from being hijacked especially in IE. No virus software catches everything that's out there.

Strange thing - this morning I saw a banner here that advertised a Hess Visa or Mastercard. Ran Ad Aware just 'cause I do so about once a week. Now the banner is a definite Poser merchant. Was that Hess banner ad a hijacking of some sort? It definitely wasn't Poser related.

It's the freakin' military man! Yeah! Just like that Twilight Zone episode where they turned off the electricity and phones on this one block to see how they'd react to losing their technology. They started accusing each other of being aliens and killing each other... yeah that's what's happening... it's aliens.... OH MY GOD THEY'RE EVERYWHERE!!!!!!!!! AAAAAAAAAAAHHHHHHHHHH!!!!!!! yes doctor, i'm sorry i'll take my pills now

The other websites I visit- like DAZ, RDNA and PoserPros don't have these Norton alerts. I have been visiting RMP for years and have never seen this type of activity before. As I stated, this began about three weeks ago- when the first alert came up. I regularly run several programs to check for viruses, trojans, spy-ware, etc. I am also VERY cautious about clicking on links. I skip over a lot of Free Stuff now because I don't like the looks of some of these offers- which seem to be fronts for other activities. I don't visit game sites, other than, yes, Flight Simulator sites in the US and UK, and I don't get these Norton alerts there either. I have NEVER seen a pop-up ad at Renderosity until I saw the full page pop-up advertising computer games for sale in the RMP about two weeks ago. I can't buy into the idea at all that hackers, etc- would NOT be interested in RMP. A lot of hackers aren't just going after FBI websites- they are DRUGGIES going for where ever they can get some cash- or something (anything) to turn into cash. The fact that just a password can get you access to a couple of YEARS worth of model purchases- is well worth a hacker's efforts if they want to get a lot of models for free... and since Renderosity AND RDNA have the most LAX of security policies reguarding this. (DAZ and PoserPros are obviously more aware or "paranoid" -I wonder why???) Bottom line: I have bought a lot of models over the years at RMP- and if my software says its becoming a place to get hacked- I'm not shopping here anymore- I'm going to safer websites where I don't get bogus ad pop-ups and alert warnings. I would rather trust what my computer firewall software is saying rather than some half-baked Pollyana view that everything is "o.k.". I DON'T think so...

Wow. Have you considered that maybe "YOUR" firewall software is actually that which is chuffed?

"I can't buy into the idea at all that hackers, etc- would NOT be interested in RMP. A lot of hackers aren't just going after FBI websites- they are DRUGGIES going for where ever they can get some cash- or something (anything) to turn into cash." --------------------------------------------------------------------------------------- Ya and desparate "druggies" inevitably steal cash value items from,family friends and realworld retailers to suppot their habits. Think about what you are saying citizen, who, in all of creation, is going to pay cash for some ill gotten internet downloads of poser specific fetishwear etc.?????? Please ;-/

two words. False Positive. funny that ZoneAlarm reports nothing. Black Ice reports nothing. Windows Firewall reports nothing. move on ppl. nothing to see here. no mutant christmas trees....EK!

no mutant christmas trees....

Huh. At midnight, when a full moon is shining through your window......when you hear a strange rustling noise coming from somewhere down the hall....coming from your living room......closer......closer........

Just keep repeating to yourself, over and over again: "It's not real......it's not real.........it doesn't exist.........."