«

Don't know much about these but one seemed to pop up out of nowhere on my pc
this morning while surfing cnn.com

http://object.passthison.com/console/home.html

It showed in an IExplore browser window, no tool bars, all red screen with a
small window in the middle which said "Hold down your enter key for 10
seconds to see a neat trick". I didn't do it. Couldn't close the window
normally, had to use task manager to do it.

Ring any bells with anyone? TIA

bjones, <> wrote:

> Don't know much about these but one seemed to pop up out of
> nowhere on my pc this morning while surfing cnn.com
>
> http://object.passthison.com/console/home.html
>
> It showed in an IExplore browser window, no tool bars, all red
> screen with a small window in the middle which said "Hold down
> your enter key for 10 seconds to see a neat trick". I didn't do
> it. Couldn't close the window normally, had to use task manager
> to do it.
>
> Ring any bells with anyone? TIA

http://www.google.com/groups?as_epq=...om&safe=images
&ie=ISO-8859-1&as_scoring=d&lr=&num=100&hl=en


Your shorter link is: http://makeashorterlink.com/?P29622EB6

It's a home page hijacker, which tricks you into holding down
the ENTER key, thus pressing "Yes" when asked to change
your home page. Of course, you probably won't see this, as
it happens so fast.

This is the "neat trick" - not a trick, at all, and quite safe:
http://object.passthison.com/console/Starfield3D.htm


This is (part of) the raw code for the home hijack page:

Header Information
-------------------------
HTTP/1.1 200 OK
Age: 16841
Accept-Ranges: bytes
Date: Sun, 07 Dec 2003 20:01:50 GMT
Content-Length: 3781
Content-Type: text/html
Server: Apache/1.3.26 (Unix)
Last-Modified: Sat, 06 Dec 2003 21:47:21 GMT
ETag: "a2406-ec5-3fd24e69"
Via: 1.1 webcacheB03 (NetCache NetApp/5.2.1R3)

Page Data
-------------------------
<HTML XMLNS:IE>
<head>
<title>Windows</title>
<STYLE>
@media all {
IE\:HOMEPAGE {behavior:url(#default#homepage)}
}
</STYLE>
<IE:HOMEPAGE ID="homepage" />
<script language=Javascript>
function pop(){
var expdate = new Date((new Date()).getTime() + 172800000);
if (-1 == -1) {
document.cookie="home=general; expires=" + expdate.toGMTString() + "; path=/;";

if(ie){ homepage.setHomePage("http://xxxxxxx-xxxxxxxx-xxxxxxx.xxx/xxxxx.xxx?xxxxxxxx");
}
}
//self.close();
}
var ie = false;
var ns = false;
if(parseInt(navigator.appVersion) >= 4){
if(navigator.appName.indexOf("crosoft") != -1) ie = true;
if(navigator.appName.indexOf("etscape") != -1) ns = true;
}
</script>
</head>
<body bgcolor=red leftborder=0 topborder=0 borderleft=0 bordertop=0>
<script language=javascript>
<!--
var agt=navigator.userAgent.toLowerCase();
var is_ie = (agt.indexOf("msie") != -1);
var is_aol = (agt.indexOf("aol") != -1);
if (!is_aol) {
self.moveTo(0,0);
self.resizeTo(screen.availWidth,screen.availHeight );
}
//-->
</script>

<Script snipped>

window.open('Starfield3D.htm');
self.close();
</script>
</body>
</html>


On Sun, 7 Dec 2003 19:35:56 -0500, in
<vGPAb.11066$>
bjones scrawled:

>Don't know much about these but one seemed to pop up out of
>nowhere on my pc this morning while surfing cnn.com
>
>http://object.passthison.com/console/home.html
>
>It showed in an IExplore browser window, no tool bars, all red
>screen with a small window in the middle which said "Hold down
>your enter key for 10 seconds to see a neat trick". I didn't do it.
>Couldn't close the window normally, had to use task manager to
>do it.
>
>Ring any bells with anyone? TIA
>
>
>

--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html

Boomer wrote:
> bjones, <> wrote:
>
>> Don't know much about these but one seemed to pop up out of
>> nowhere on my pc this morning while surfing cnn.com
>>
>> http://object.passthison.com/console/home.html
>>
>> It showed in an IExplore browser window, no tool bars, all red
>> screen with a small window in the middle which said "Hold down
>> your enter key for 10 seconds to see a neat trick". I didn't do
>> it. Couldn't close the window normally, had to use task manager
>> to do it.
>>
>> Ring any bells with anyone? TIA
>
> http://www.google.com/groups?as_epq=...om&safe=images
> &ie=ISO-8859-1&as_scoring=d&lr=&num=100&hl=en
>
>
> Your shorter link is: http://makeashorterlink.com/?P29622EB6

I like TinyURL better because you don't pitstop at their stie.

<snerk>

Boy, this problem seems nasty. Not destructive, just a pain in the
hignie.

--
Tim Weaver
PGP Public Key - http://home.comcast.net/~tweaver2000/public_key.html
"I know you think you understand what you thought I said,
but I am not sure that what you heard is not what I meant."

Tim Weaver, <tim_m_weaver(REMOVE_THIS).@hotmail.com> wrote:

> Boomer wrote:
>> bjones, <> wrote:
>>
>>> Don't know much about these but one seemed to pop up out of
>>> nowhere on my pc this morning while surfing cnn.com
>>>
>>> http://object.passthison.com/console/home.html
>>>
>>> It showed in an IExplore browser window, no tool bars, all red
>>> screen with a small window in the middle which said "Hold down
>>> your enter key for 10 seconds to see a neat trick". I didn't
>>> do it. Couldn't close the window normally, had to use task
>>> manager to do it.
>>>
>>> Ring any bells with anyone? TIA
>>
>> http://www.google.com/groups?as_epq=...son.com&safe=i
>> mages &ie=ISO-8859-1&as_scoring=d&lr=&num=100&hl=en
>>
>>
>> Your shorter link is: http://makeashorterlink.com/?P29622EB6
>
> I like TinyURL better because you don't pitstop at their stie.

Hush!
>
> <snerk>
>
> Boy, this problem seems nasty. Not destructive, just a pain in
> the hignie.

Why do you think I stay on usenet! Some weird stuff out there on the
www! Scary!

BTW did you get my e-mail?

On 8 Dec 2003 01:16:17 GMT, in
<>
Tim Weaver <tim_m_weaver(REMOVE_THIS).@hotmail.com> scrawled:

>Boomer wrote:
>> bjones, <> wrote:
>>
>>> Don't know much about these but one seemed to pop up out of
>>> nowhere on my pc this morning while surfing cnn.com
>>>
>>> http://object.passthison.com/console/home.html
>>>
>>> It showed in an IExplore browser window, no tool bars, all red
>>> screen with a small window in the middle which said "Hold down
>>> your enter key for 10 seconds to see a neat trick". I didn't do
>>> it. Couldn't close the window normally, had to use task manager
>>> to do it.
>>>
>>> Ring any bells with anyone? TIA
>>
>> http://www.google.com/groups?as_epq=...om&safe=images
>> &ie=ISO-8859-1&as_scoring=d&lr=&num=100&hl=en
>>
>>
>> Your shorter link is: http://makeashorterlink.com/?P29622EB6
>
>I like TinyURL better because you don't pitstop at their stie.

That is why TinyURL is open to abuse, and precisely the reason
why I won't use it. I won't click on a TinyURL link without checking
the raw code first, unless I can *absolutely* trust the person
providing the link.

><snerk>
>
>Boy, this problem seems nasty. Not destructive, just a pain in the
>hignie.

--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html

bjones wrote:
> Don't know much about these but one seemed to pop up out of nowhere on my pc
> this morning while surfing cnn.com
>
> http://object.passthison.com/console/home.html
>
> It showed in an IExplore browser window, no tool bars, all red screen with a
> small window in the middle which said "Hold down your enter key for 10
> seconds to see a neat trick". I didn't do it. Couldn't close the window
> normally, had to use task manager to do it.
>
> Ring any bells with anyone? TIA

Okay, I went there, tried holding down the enter key for ten seconds but
could tell it was paging through a series of messages. At the end
nothing happened. So I went there again and pressed the enter button
just once and the message changed to "You must hold the Enter button for
10 seconds or this won't work" and it then went through various other
nonsense messages. Nothing whatsoever happened. Well, my beer seemed a
little warmer when I was done but I'm not convinced there is a direct
link. My homepage is still www.google.com by the way. But I'm betting
°Mike° is right.

On Sun, 07 Dec 2003 21:13:33 -0500, in
<lcednSkGL82tQ06iRVn->
Rôgêr scrawled:

>bjones wrote:
>> Don't know much about these but one seemed to pop up out of nowhere on my pc
>> this morning while surfing cnn.com
>>
>> http://object.passthison.com/console/home.html
>>
>> It showed in an IExplore browser window, no tool bars, all red screen with a
>> small window in the middle which said "Hold down your enter key for 10
>> seconds to see a neat trick". I didn't do it. Couldn't close the window
>> normally, had to use task manager to do it.
>>
>> Ring any bells with anyone? TIA
>
>Okay, I went there, tried holding down the enter key for ten seconds but
>could tell it was paging through a series of messages. At the end
>nothing happened. So I went there again and pressed the enter button
>just once and the message changed to "You must hold the Enter button for
>10 seconds or this won't work" and it then went through various other
>nonsense messages. Nothing whatsoever happened. Well, my beer seemed a
>little warmer when I was done but I'm not convinced there is a direct
>link. My homepage is still www.google.com by the way. But I'm betting
>°Mike° is right.

If you've got SpyBot S&D, or Spyware Blaster installed, and/or
have your home page protected from change, that's why nothing
happened.

I tested the script with my home page not protected. I have
Startup Monitor installed, which caught it in it's tracks trying to
change the home page.

--
STGP, OGPE24HSHD

By chance do you use icq 2003b? happend to me every time I opend my icq
went back to icq 2003a it stoped
"bjones" <> wrote in message
news:vGPAb.11066$.. .
> Don't know much about these but one seemed to pop up out of nowhere on my
pc
> this morning while surfing cnn.com
>
> http://object.passthison.com/console/home.html
>
> It showed in an IExplore browser window, no tool bars, all red screen with
a
> small window in the middle which said "Hold down your enter key for 10
> seconds to see a neat trick". I didn't do it. Couldn't close the window
> normally, had to use task manager to do it.
>
> Ring any bells with anyone? TIA
>
>
>
>

Boomer wrote:
> Tim Weaver, wrote:
>
>> Boomer wrote:
<chop>

>>> Your shorter link is: http://makeashorterlink.com/?P29622EB6
>>
>> I like TinyURL better because you don't pitstop at their stie.
>
> Hush!

Haaa...

>> <snerk>
>>
>> Boy, this problem seems nasty. Not destructive, just a pain in the
>> hignie.
>
> Why do you think I stay on usenet!

You're a fradiecat?

> Some weird stuff out there on the
> www! Scary!

Yep, I was right.

> BTW did you get my e-mail?

I did, thanks. I've been meaning to reply, but was too lazy. Yes, it's
true; I suck.

--
Tim Weaver
PGP Public Key - http://home.comcast.net/~tweaver2000/public_key.html
"I know you think you understand what you thought I said,
but I am not sure that what you heard is not what I meant."