By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
445,743 Members | 1,072 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 445,743 IT Pros & Developers. It's quick & easy.

How to navigate away from quicksand domains which hold your browser captive until you install their software?

P: n/a
Tom
How do we get out of the browser infinite loop quicksand when we navigate
to web pages designed to lock us in and force us to hit the "pay me" button
(whatever they want to force you to do)?

These are just a sample of nasty quicksand web pages I've run into which
lock your browser into a loop and won't let you get out until you hit the
"install" or "run" or "OK" button... (whatever it is they want you to do).

http://www.spywareiso.com
http://antivirus-scanner.com
http://findyourlink.net
http://www.findyourlink.net
http://spywareiso2008.com
http://www.spywareiso2008.com
http://www.immenseclips.com
http://antivirus2009-scanner.com
http://thecatalogfree.net
etc.

When you navigate to these quicksand links, you can not get out of their
infinite loop with your browser no matter what you do. I'm forced to
control alt delete and kill the browser from the task manager ... but I ask
....

Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than control alt
deleting the browser process?
Jul 13 '08 #1
Share this Question
Share on Google+
103 Replies


P: n/a
On Sun, 13 Jul 2008 08:04:02 -0500, Tom <tw******@hotmail.comwrote:
How do we get out of the browser infinite loop quicksand when we navigate
to web pages designed to lock us in and force us to hit the "pay me"
button
(whatever they want to force you to do)?

These are just a sample of nasty quicksand web pages I've run into which
lock your browser into a loop and won't let you get out until you hit the
"install" or "run" or "OK" button... (whatever it is they want you to
do).
When you navigate to these quicksand links, you can not get out of their
infinite loop with your browser no matter what you do. I'm forced to
control alt delete and kill the browser from the task manager ... but I
ask
...

Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than control
alt
deleting the browser process?
Why not just close the tab/page? BTW, some of these links are dangerous to
persons who would navigate to them out of curiosity. Not a good idea Tom.

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #2

P: n/a
On Sun, 13 Jul 2008 06:04:02 -0700, Tom wrote:
How do we get out of the browser infinite loop quicksand when we navigate
to web pages designed to lock us in and force us to hit the "pay me" button
(whatever they want to force you to do)?
download/install/run firefox 3.0.
install NoScript Add On

That blocks javascript which can hide in video/flash/gif/...
from executing, some of which can be malware.
install privoxy from http://www.privoxy.org/
then add user.action rules from
http://www.neilvandyke.org/privoxy-rules/

The add privoxy to firefox
In firefox,
Edit->Preference->Advanced
Click Network tab
Connection
Settings button

click Manual proxy configuration:
HTTP Proxy: 127.0.0.1 Port: 8118
SSL Proxy: 127.0.0.1 Port: 8118
Be sure to clear the "No Proxy for" box
Click OK
Click Close

Privoxy blocks add servers, which may have been cracked
and are serving up malware.

Check out first two of those sites you posted.
http://www.google.com/safebrowsing/d...spywareiso.com
http://www.google.com/safebrowsing/d...us-scanner.com
Jul 13 '08 #3

P: n/a
Tom
On Sun, 13 Jul 2008 08:14:37 -0500, Bear Bottoms wrote:
>Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than control
alt
deleting the browser process?

Why not just close the tab/page?
That's my whole point. You CAN NOT close the tab. It just won't close!
In fact, you can't even navigate AWAY from the tab!

What Firefox flaw are they taking advantage of that hijacks your browser
and won't even let you close the tab or the browser or even switch to
another tab. You're stuck in the quicksand and can't get out.
Jul 13 '08 #4

P: n/a
On Sun, 13 Jul 2008 09:06:32 -0500, Tom <tw******@hotmail.comwrote:
On Sun, 13 Jul 2008 08:14:37 -0500, Bear Bottoms wrote:
>>Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than control
alt
deleting the browser process?

Why not just close the tab/page?

That's my whole point. You CAN NOT close the tab. It just won't close!
In fact, you can't even navigate AWAY from the tab!

What Firefox flaw are they taking advantage of that hijacks your browser
and won't even let you close the tab or the browser or even switch to
another tab. You're stuck in the quicksand and can't get out.
Can't help you there, I use Opera.

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #5

P: n/a
On Sun, 13 Jul 2008 08:50:54 -0500, Bit Twister
<Bi********@mouse-potato.comwrote:
On Sun, 13 Jul 2008 06:04:02 -0700, Tom wrote:
>How do we get out of the browser infinite loop quicksand when we
navigate
to web pages designed to lock us in and force us to hit the "pay me"
button
(whatever they want to force you to do)?

download/install/run firefox 3.0.
install NoScript Add On

That blocks javascript which can hide in video/flash/gif/...
from executing, some of which can be malware.
install privoxy from http://www.privoxy.org/
then add user.action rules from
http://www.neilvandyke.org/privoxy-rules/

The add privoxy to firefox
In firefox,
Edit->Preference->Advanced
Click Network tab
Connection
Settings button

click Manual proxy configuration:
HTTP Proxy: 127.0.0.1 Port: 8118
SSL Proxy: 127.0.0.1 Port: 8118
Be sure to clear the "No Proxy for" box
Click OK
Click Close

Privoxy blocks add servers, which may have been cracked
and are serving up malware.

Check out first two of those sites you posted.
http://www.google.com/safebrowsing/d...spywareiso.com
http://www.google.com/safebrowsing/d...us-scanner.com
Or just use Opera!

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #6

P: n/a
On this special day, Tom wrote:
That's my whole point. You CAN NOT close the tab. It just won't close!
In fact, you can't even navigate AWAY from the tab!
Solution #1: Disable Java/JavaScript
Solution #2: Disable automatic forwarding. This will make the backup
button functional again.
Solution #3: Use a browser different from the Internet Explorer, ie one
of the Mozillas or Opera. They cannot be manipulated via ActiveX
commands.
Gabriele Neukam

Ga*************************@t-online.de

--
Reality is something, people cannot cope with.
If they could, they would not play.
Jul 13 '08 #7

P: n/a
Tom <tw******@hotmail.comwrites:
How do we get out of the browser infinite loop quicksand when we navigate
to web pages designed to lock us in and force us to hit the "pay me" button
(whatever they want to force you to do)?
Patient: Doctor, it hurts when I do this.
Doctor: Then don't do that.

sherm--

--
My blog: http://shermspace.blogspot.com
Cocoa programming in Perl: http://camelbones.sourceforge.net
Jul 13 '08 #8

P: n/a
From: "Tom" <tw******@hotmail.com>

| How do we get out of the browser infinite loop quicksand when we navigate
| to web pages designed to lock us in and force us to hit the "pay me" button
| (whatever they want to force you to do)?

| These are just a sample of nasty quicksand web pages I've run into which
| lock your browser into a loop and won't let you get out until you hit the
| "install" or "run" or "OK" button... (whatever it is they want you to do).

< snip >

| etc.

| When you navigate to these quicksand links, you can not get out of their
| infinite loop with your browser no matter what you do. I'm forced to
| control alt delete and kill the browser from the task manager ... but I ask
| ...

| Is there a more graceful way, after the fact, to navigate away from
| quicksand domains which have a hold on your browser, other than control alt
| deleting the browser process?

If you post possibly malicious web sites it is incumbant upon you to obfuscate the URL to
make sure said URL is NOT clickable such as...

hxxp://antivirus2009-scanner.com

This will protect others from possibly getting infected.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Jul 13 '08 #9

P: n/a
Tom
On Sun, 13 Jul 2008 16:49:05 +0200, Gabriele Neukam wrote:
Solution #1: Disable Java/JavaScript
OK. But nothing else will work if you do that.
Solution #2: Disable automatic forwarding.
How?
Solution #3: Use a browser different from the Internet Explorer
I'm using Firefox 3.0 on WinXP and this quicksand effect certainly affects
the Mozilla browsers!
Jul 13 '08 #10

P: n/a
Tom
On Sun, 13 Jul 2008 09:15:23 -0500, Bear Bottoms wrote:
Or just use Opera!
I'm confused. I thought Mozilla Firefox was "the safe" browser?
What's different about Opera with respect to these quicksand pages?
http://thecatalogfree.net
http://www.spywareiso.com
http://antivirus-scanner.com
http://findyourlink.net
http://www.findyourlink.net
http://spywareiso2008.com
http://www.immenseclips.com
http://antivirus2009-scanner.com

Can an Opera user try these pages with Opera to see if they're quicksanded
to let us know what's different about Opera than Firefox when it hits HTML
quicksand?
Jul 13 '08 #11

P: n/a
In article <zh****************@nlpi070.nbdc.sbc.com>, Tom
<tw******@hotmail.comwrites
>On Sun, 13 Jul 2008 09:15:23 -0500, Bear Bottoms wrote:
>Or just use Opera!

I'm confused. I thought Mozilla Firefox was "the safe" browser?
What's different about Opera with respect to these quicksand pages?
http://thecatalogfree.net
http://www.spywareiso.com
http://antivirus-scanner.com
http://findyourlink.net
http://www.findyourlink.net
http://spywareiso2008.com
http://www.immenseclips.com
http://antivirus2009-scanner.com

Can an Opera user try these pages with Opera to see if they're quicksanded
to let us know what's different about Opera than Firefox when it hits HTML
quicksand?
You're joking Shirley?
It would be noble and valiant if you were to install Opera and try for
yourself.
--
Roger Hunt
Jul 13 '08 #12

P: n/a
On 7/13/2008 9:33 AM, Tom wrote:
On Sun, 13 Jul 2008 16:49:05 +0200, Gabriele Neukam wrote:
>Solution #1: Disable Java/JavaScript
OK. But nothing else will work if you do that.
>Solution #2: Disable automatic forwarding.
How?
>Solution #3: Use a browser different from the Internet Explorer

I'm using Firefox 3.0 on WinXP and this quicksand effect certainly affects
the Mozilla browsers!
For #1:

Install the PrefBar extension for Firefox. See
<http://prefbar.mozdev.org/>. Then setup a checkbox to enable and
disable Javascript. With Firefox 2 and SeaMonkey 1.1.10, the preference
variable is javascript.enabled. It's likely that didn't change for
Firefox 3.

With the PrefBar toolbar, you can easily switch between enabling and
disabling Javascript. Disable it when you hit "quicksand".

Also, does not the Home button on your Personal toolbar work?

--

David E. Ross
<http://www.rossde.com/>.

Q: What's a President Bush cocktail?
A: Business on the rocks.
Jul 13 '08 #13

P: n/a
On Sun, 13 Jul 2008 11:44:42 -0500, Tom <tw******@hotmail.comwrote:
On Sun, 13 Jul 2008 09:15:23 -0500, Bear Bottoms wrote:
>Or just use Opera!

I'm confused. I thought Mozilla Firefox was "the safe" browser?
What's different about Opera with respect to these quicksand pages?
http://thecatalogfree.net
http://www.spywareiso.com
http://antivirus-scanner.com
http://findyourlink.net
http://www.findyourlink.net
http://spywareiso2008.com
http://www.immenseclips.com
http://antivirus2009-scanner.com

Can an Opera user try these pages with Opera to see if they're
quicksanded
to let us know what's different about Opera than Firefox when it hits
HTML
quicksand?
I tried them all, Opera alerts you to nefarious activity and you can
simply close the tab.

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #14

P: n/a
Tom
On Sun, 13 Jul 2008 17:03:54 +0100, hummingbird wrote:
Afaik the only solution is to shut the browser down and
enter its name in your HOSTS file, so you never go there again.
Hummingbird has a great answer!

Here's what I did when I went to an HTML kwiksand domain just now on
Firefox 3.0 on WinXP with JavaScript and Java enabled ('cuz you need 'em
for other pages).

1. I opened a tab to http://thecatalogfree.net with Firefox 3.0 on WinXP
2. I tried to kill the tab -the html kwiksand prevented this
3. I tried to go to a new tab -the html kwiksand prevented this
4. I tried to kill firefox -the html kwiksand prevented this
5. Rather than kill the firefox process in the task manager ...
6. I now just type Start->Run->hosts and enter the domain
127.0.0.1 thecatalogfree.net
7. I then shift-reload my browser (to flush cache)
8. Voila! A shift-reload flushes cache & dumps the kwiksand page!

Note this one-time setup:
1. Copy hosts to host.txt and to hosts.bck
2. Start->Run->Regedit to add the following key-value pair:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths
hosts.exe = c:\windows\system32\drivers\etc\hosts.txt

Do this every time you are caught in HTML kwiksand!
1. Go to the web page http://thecatalogfree.net
2. You'll note you are stuck on that page forever
3. Rather than control alt delete kill the Firefox browser session ...
4. Just type Start -Run -hosts
5. Enter the domain into that hosts.txt file
127.0.0.1 thecatalogfree.net
6. Write the hosts.txt file to hosts (overwriting the hosts file)
8. Quick out of your text editing session (I used vim freeware)
9. Shift Reload your browser
10. The kwiksand web page will disappear!

Woo hoo! Hummingbird found the solution to HTML kwiksand!!!!!!!!!!!!!!
Jul 13 '08 #15

P: n/a
Tom
On Sun, 13 Jul 2008 10:58:00 -0400, Sherman Pendley wrote:
Patient: Doctor, it hurts when I do this.
Doctor: Then don't do that.
Hi Sherman,
The problem is that you are redirected unkwittingly to the HTML kwiksand
web pages from a variety of other entrapment pages.

It's like saying "Doctor, it hurts when someone hits me on the back of the
head" ... for the doctor to say "tell them not to hit you" won't work 'cuz
they're intent on these HTML kwiksand pages in trapping you.

Luckily the great Hummingbird came up with a solution that we can all live
with! Hooray!
Jul 13 '08 #16

P: n/a
Op 13-07-08 18:44 heeft Tom als volgt van zich laten horen:
On Sun, 13 Jul 2008 09:15:23 -0500, Bear Bottoms wrote:
>Or just use Opera!

I'm confused. I thought Mozilla Firefox was "the safe" browser?
What's different about Opera with respect to these quicksand pages?
http://antivirus-scanner.com
If I click on this in Firefox 3 (on Linux, but that shouldn’t make a
difference), I get a page warning that it is a scam page, with a button
‘Get me out of here!’.

That should say enough.

H.
Jul 13 '08 #17

P: n/a

Tom wrote:
How do we get out of the browser infinite loop quicksand when we navigate
to web pages designed to lock us in and force us to hit the "pay me" button
(whatever they want to force you to do)?

These are just a sample of nasty quicksand web pages I've run into which
lock your browser into a loop and won't let you get out until you hit the
"install" or "run" or "OK" button... (whatever it is they want you to do).

http://www.spywareiso.com
http://antivirus-scanner.com
http://findyourlink.net
http://www.findyourlink.net
http://spywareiso2008.com
http://www.spywareiso2008.com
http://www.immenseclips.com
http://antivirus2009-scanner.com
http://thecatalogfree.net
etc.

When you navigate to these quicksand links, you can not get out of their
infinite loop with your browser no matter what you do. I'm forced to
control alt delete and kill the browser from the task manager ... but I ask
...

Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than control alt
deleting the browser process?
I just tried all those links using nothing but FireFox 3 with javascript
and java enabled. All of them bar two failed to load. Of those, one
was blocked by OpenDNS, one was blocked by FF/antivirus/spywareblaster,
two loaded no probs although I could easily navigate away/shut them down
(spywareiso2008). The others have been taken down.

--
Me Here
Liberty lies in the rights of that person whose views you find most
odious. -- John Stuart Mill
Jul 13 '08 #18

P: n/a
Tom
On Sun, 13 Jul 2008 11:09:07 -0400, David H. Lipman wrote:
If you post possibly malicious web sites it is incumbant upon you to obfuscate the URL to
make sure said URL is NOT clickable such as...
hxxp://antivirus2009-scanner.com
This will protect others from possibly getting infected.
This is a good idea. I will do so in the future!

Please do not click on the prior links.

Use these instead.
hxxp://thecatalogfree.net
hxxp://findyourlink.net
hxxp://antivirus2009-scanner.com
hxxp://www.spywareiso.com
hxxp://spywareiso2008.com
hxxp://antivirus-scanner.com
hxxp://www.immenseclips.com

Jul 13 '08 #19

P: n/a
Tom
On Sun, 13 Jul 2008 10:43:39 -0500, VanguardLH wrote:
Didn't bother to test the rest as I already found one of your listed
sites which did NOT behave as you claim for the web browser that I used
(IE7).
I must admit, those were the last few I ran into.

But the last one occurred today (which I started putting at the top of the
list for just the type of thing you wonderfully tested!)

What happens when you try this one?
http://thecatalogfree.net
Jul 13 '08 #20

P: n/a
Tom
On Sun, 13 Jul 2008 10:00:34 -0700, David E. Ross wrote:
Also, does not the Home button on your Personal toolbar work?
No. Nothing works except to kill firefox and not restart with all the same
tabs all over again.

The only other thing that stops the quicksand while you're still in the
browser session is to add it to the hosts file and then shift reload the
browser.

Only then does the quicksand page dump itself.

Try it yourself with the following domain which quicksanded me today!

hxxp://thecatalogfree.net

(note I obfuscated the http protocol to protect others as per lipman)
Jul 13 '08 #21

P: n/a
Tom
1. I opened a tab to http://thecatalogfree.net with Firefox 3.0 on WinXP
....
127.0.0.1 thecatalogfree.net
7. I then shift-reload my browser (to flush cache)
8. Voila! A shift-reload flushes cache & dumps the kwiksand page!
I tried this without shift reloading and the kwiksand page still locks up
the browser infinately.

So, the kwiksand page must NOT be looking at the hosts file after the first
reload which means it must be looking only in your cache which means it
must have already dumped its malicious code in your cache from the start.

Only shift reloading the browser after putting the quicksand page into the
hosts file will solve the problem.
Jul 13 '08 #22

P: n/a
Tom
On Sun, 13 Jul 2008 19:16:24 +0200, Hendrik Maryns wrote:
If I click on this in Firefox 3 (on Linux, but that shouldnt make a
difference), I get a page warning that it is a scam page, with a button
Get me out of here!.
That warning must be coming from the browser. That was an old link I gave
you (from my past experience).

What happened when you clicked on http://thecatalogfree.net (which I
verified today)?

Does http://thecatalogfree.net also give you that "get me outta'here"
warning?
Jul 13 '08 #23

P: n/a
Tom wrote:
How do we get out of the browser infinite loop quicksand when we navigate
to web pages designed to lock us in and force us to hit the "pay me" button
(whatever they want to force you to do)?
If Windows, Ctrl Alt Delete to call up the task manager; select the
browser; kill it.
Jul 13 '08 #24

P: n/a
Tom wrote:
On Sun, 13 Jul 2008 10:00:34 -0700, David E. Ross wrote:
>Also, does not the Home button on your Personal toolbar work?
No. Nothing works except to kill firefox and not restart with all the same
tabs all over again.

The only other thing that stops the quicksand while you're still in the
browser session is to add it to the hosts file and then shift reload the
browser.

Only then does the quicksand page dump itself.

Try it yourself with the following domain which quicksanded me today!

hxxp://thecatalogfree.net

(note I obfuscated the http protocol to protect others as per lipman)
403 Forbidden.

--
Ed Mullen
http://edmullen.net
I have found the paradox, that if you love until it hurts, there can be
no more hurt, only more love. - Mother Teresa
Jul 13 '08 #25

P: n/a

On Sun, 13 Jul 2008 10:08:48 -0700 'Tom'
wrote this on alt.comp.freeware:
>On Sun, 13 Jul 2008 17:03:54 +0100, hummingbird wrote:
>Afaik the only solution is to shut the browser down and
enter its name in your HOSTS file, so you never go there again.
>Hummingbird has a great answer!

Here's what I did when I went to an HTML kwiksand domain just now on
Firefox 3.0 on WinXP with JavaScript and Java enabled ('cuz you need 'em
for other pages).

1. I opened a tab to http://thecatalogfree.net with Firefox 3.0 on WinXP
2. I tried to kill the tab -the html kwiksand prevented this
3. I tried to go to a new tab -the html kwiksand prevented this
4. I tried to kill firefox -the html kwiksand prevented this
5. Rather than kill the firefox process in the task manager ...
6. I now just type Start->Run->hosts and enter the domain
127.0.0.1 thecatalogfree.net
7. I then shift-reload my browser (to flush cache)
8. Voila! A shift-reload flushes cache & dumps the kwiksand page!

Note this one-time setup:
1. Copy hosts to host.txt and to hosts.bck
2. Start->Run->Regedit to add the following key-value pair:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ap p Paths
hosts.exe = c:\windows\system32\drivers\etc\hosts.txt

Do this every time you are caught in HTML kwiksand!
1. Go to the web page http://thecatalogfree.net
2. You'll note you are stuck on that page forever
3. Rather than control alt delete kill the Firefox browser session ...
4. Just type Start -Run -hosts
5. Enter the domain into that hosts.txt file
127.0.0.1 thecatalogfree.net
6. Write the hosts.txt file to hosts (overwriting the hosts file)
8. Quick out of your text editing session (I used vim freeware)
9. Shift Reload your browser
10. The kwiksand web page will disappear!

Woo hoo! Hummingbird found the solution to HTML kwiksand!!!!!!!!!!!!!!
Yep, you got the HOSTS syntax absolutely right in [5.] above.
Deal with these malware peddlers by blocking access to them.
It works wonders :-)
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
Jul 13 '08 #26

P: n/a
Tom
On Mon, 14 Jul 2008 03:22:18 +1000, Me Here wrote:
I just tried all those links using nothing but FireFox 3 with javascript
and java enabled. All of them bar two failed to load. Of those, one
was blocked by OpenDNS, one was blocked by FF/antivirus/spywareblaster,
two loaded no probs although I could easily navigate away/shut them down
(spywareiso2008). The others have been taken down.
I must admit these were in a series which, over the past weeks, I've been
keeping track of.

Let me dig today to try to hit a site that is definate for today so we can
all run the right tests!
Jul 13 '08 #27

P: n/a
On Sun, 13 Jul 2008 12:40:22 -0500, Tom <tw******@hotmail.comwrote:
hxxp://thecatalogfree.net
All kinds of bells and whistles went off and Cox intercepted it saying it
was trying to change my network settings via a Trojan. Not a nice place.
Of course, no harm was done to my computer, but I wouldn't advise anyone
to try it out.

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #28

P: n/a
On Sun, 13 Jul 2008 12:49:43 -0500, hummingbird <hu*********@127.0.0.1>
wrote:
Yep, you got the HOSTS syntax absolutely right in [5.] above.
Deal with these malware peddlers by blocking access to them.
It works wonders
Rather after-the-fact isn't it?

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #29

P: n/a
On Sun, 13 Jul 2008 12:37:34 -0500, Tom <tw******@hotmail.comwrote:
On Sun, 13 Jul 2008 10:43:39 -0500, VanguardLH wrote:
>Didn't bother to test the rest as I already found one of your listed
sites which did NOT behave as you claim for the web browser that I used
(IE7).

I must admit, those were the last few I ran into.

But the last one occurred today (which I started putting at the top of
the
list for just the type of thing you wonderfully tested!)

What happens when you try this one?
http://thecatalogfree.net
You did it again...stop trolling dude.

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #30

P: n/a
Tom wrote:
On Sun, 13 Jul 2008 17:03:54 +0100, hummingbird wrote:
>Afaik the only solution is to shut the browser down and
enter its name in your HOSTS file, so you never go there again.

Hummingbird has a great answer!

Here's what I did when I went to an HTML kwiksand domain just now on
Firefox 3.0 on WinXP with JavaScript and Java enabled ('cuz you need 'em
for other pages).

1. I opened a tab to http://thecatalogfree.net with Firefox 3.0 on WinXP
2. I tried to kill the tab -the html kwiksand prevented this
3. I tried to go to a new tab -the html kwiksand prevented this
4. I tried to kill firefox -the html kwiksand prevented this
5. Rather than kill the firefox process in the task manager ...
6. I now just type Start->Run->hosts and enter the domain
127.0.0.1 thecatalogfree.net
7. I then shift-reload my browser (to flush cache)
8. Voila! A shift-reload flushes cache & dumps the kwiksand page!

Note this one-time setup:
1. Copy hosts to host.txt and to hosts.bck
2. Start->Run->Regedit to add the following key-value pair:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths
hosts.exe = c:\windows\system32\drivers\etc\hosts.txt

Do this every time you are caught in HTML kwiksand!
1. Go to the web page http://thecatalogfree.net
2. You'll note you are stuck on that page forever
3. Rather than control alt delete kill the Firefox browser session ...
4. Just type Start -Run -hosts
5. Enter the domain into that hosts.txt file
127.0.0.1 thecatalogfree.net
6. Write the hosts.txt file to hosts (overwriting the hosts file)
8. Quick out of your text editing session (I used vim freeware)
9. Shift Reload your browser
10. The kwiksand web page will disappear!

Woo hoo! Hummingbird found the solution to HTML kwiksand!!!!!!!!!!!!!!
Huh? My Windows XP Pro SP3 says: "Can't find hosts ..."

Why are you jumping through all these hoops? The Windows "hosts" file
is a plain text file you can edit in Notepad.

And do a search on "hosts.exe" and you'll find things like this:

http://www.bleepingcomputer.com/star....exe-8795.html

This entire thread is becoming suspect.

--
Ed Mullen
http://edmullen.net
In some cultures what I do would be considered normal.
Jul 13 '08 #31

P: n/a
On Sun, 13 Jul 2008 13:52:18 -0500, Ed Mullen <ed@edmullen.netwrote:
This entire thread is becoming suspect.
Bingo

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #32

P: n/a
On Sun, 13 Jul 2008 10:11:06 -0700, Tom wrote in <iGqek.14185$xZ.8716
@nlpi070.nbdc.sbc.com>:
On Sun, 13 Jul 2008 10:58:00 -0400, Sherman Pendley wrote:
Patient: Doctor, it hurts when I do this.
Doctor: Then don't do that.

Hi Sherman,
The problem is that you are redirected unkwittingly to the HTML kwiksand
web pages from a variety of other entrapment pages.

It's like saying "Doctor, it hurts when someone hits me on the back of the
head" ... for the doctor to say "tell them not to hit you" won't work 'cuz
they're intent on these HTML kwiksand pages in trapping you.

Luckily the great Hummingbird came up with a solution that we can all live
with! Hooray!
It's nice to be appreciated. What has Franklin and Ari ever done for
a.c.f. or any other group?

hb
--
....of all the things i've lost in my life ... i miss my mind the most
Jul 13 '08 #33

P: n/a

On Sun, 13 Jul 2008 13:41:19 -0500 'Bear Bottoms'
wrote this on alt.comp.freeware:
>On Sun, 13 Jul 2008 12:49:43 -0500, hummingbird <hu*********@127.0.0.1>
wrote:
>Yep, you got the HOSTS syntax absolutely right in [5.] above.
Deal with these malware peddlers by blocking access to them.
It works wonders
>Rather after-the-fact isn't it?
He can use the hosts file to avoid going to that site again.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
Jul 13 '08 #34

P: n/a
On Sun, 13 Jul 2008 09:10:33 -0500, Bear Bottoms wrote in
<op***************@bwwlxc1.br.no.cox.net>:
On Sun, 13 Jul 2008 09:06:32 -0500, Tom <tw******@hotmail.comwrote:
On Sun, 13 Jul 2008 08:14:37 -0500, Bear Bottoms wrote:
>Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than control
alt
deleting the browser process?

Why not just close the tab/page?
That's my whole point. You CAN NOT close the tab. It just won't close!
In fact, you can't even navigate AWAY from the tab!

What Firefox flaw are they taking advantage of that hijacks your browser
and won't even let you close the tab or the browser or even switch to
another tab. You're stuck in the quicksand and can't get out.

Can't help you there, I use Opera.
What if it's an Opera tab that is stuck on one of those URLs?

--
....of all the things i've lost in my life ... i miss my mind the most
Jul 13 '08 #35

P: n/a

On Sun, 13 Jul 2008 20:18:52 +0100 'FORGERY'
wrote this on alt.comp.freeware:
>On Sun, 13 Jul 2008 10:11:06 -0700, Tom wrote in <iGqek.14185$xZ.8716
@nlpi070.nbdc.sbc.com>:
>On Sun, 13 Jul 2008 10:58:00 -0400, Sherman Pendley wrote:
Patient: Doctor, it hurts when I do this.
Doctor: Then don't do that.

Hi Sherman,
The problem is that you are redirected unkwittingly to the HTML kwiksand
web pages from a variety of other entrapment pages.

It's like saying "Doctor, it hurts when someone hits me on the back of the
head" ... for the doctor to say "tell them not to hit you" won't work 'cuz
they're intent on these HTML kwiksand pages in trapping you.

Luckily the great Hummingbird came up with a solution that we can all live
with! Hooray!

It's nice to be appreciated. What has Franklin and Ari ever done for
a.c.f. or any other group?

hb
--------------FORGERY------------

--
If they give you an enema before you die, they could bury you in a matchbox.
Jul 13 '08 #36

P: n/a
On 2008-07-13, Tom wrote:
On Sun, 13 Jul 2008 19:16:24 +0200, Hendrik Maryns wrote:
>If I click on this in Firefox 3 (on Linux, but that shouldnt make a
difference), I get a page warning that it is a scam page, with a button
Get me out of here!.

That warning must be coming from the browser. That was an old link I gave
you (from my past experience).

What happened when you clicked on http://thecatalogfree.net (which I
verified today)?

Does http://thecatalogfree.net also give you that "get me outta'here"
warning?
No. I get:

Forbidden

You don't have permission to access / on this server.

I had no problems with the other links you posted, even when I
ignored FF's warning about the site.

--
Chris F.A. Johnson <http://cfaj.freeshell.org>
================================================== =================
Author:
Shell Scripting Recipes: A Problem-Solution Approach (2005, Apress)
Jul 13 '08 #37

P: n/a

On Sun, 13 Jul 2008 14:52:18 -0400 'Ed Mullen'
wrote this on alt.comp.freeware:
>Tom wrote:
>On Sun, 13 Jul 2008 17:03:54 +0100, hummingbird wrote:
>>Afaik the only solution is to shut the browser down and
enter its name in your HOSTS file, so you never go there again.

Hummingbird has a great answer!

Here's what I did when I went to an HTML kwiksand domain just now on
Firefox 3.0 on WinXP with JavaScript and Java enabled ('cuz you need 'em
for other pages).

1. I opened a tab to http://thecatalogfree.net with Firefox 3.0 on WinXP
2. I tried to kill the tab -the html kwiksand prevented this
3. I tried to go to a new tab -the html kwiksand prevented this
4. I tried to kill firefox -the html kwiksand prevented this
5. Rather than kill the firefox process in the task manager ...
6. I now just type Start->Run->hosts and enter the domain
127.0.0.1 thecatalogfree.net
7. I then shift-reload my browser (to flush cache)
8. Voila! A shift-reload flushes cache & dumps the kwiksand page!

Note this one-time setup:
1. Copy hosts to host.txt and to hosts.bck
2. Start->Run->Regedit to add the following key-value pair:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ap p Paths
hosts.exe = c:\windows\system32\drivers\etc\hosts.txt

Do this every time you are caught in HTML kwiksand!
1. Go to the web page http://thecatalogfree.net
2. You'll note you are stuck on that page forever
3. Rather than control alt delete kill the Firefox browser session ...
4. Just type Start -Run -hosts
5. Enter the domain into that hosts.txt file
127.0.0.1 thecatalogfree.net
6. Write the hosts.txt file to hosts (overwriting the hosts file)
8. Quick out of your text editing session (I used vim freeware)
9. Shift Reload your browser
10. The kwiksand web page will disappear!

Woo hoo! Hummingbird found the solution to HTML kwiksand!!!!!!!!!!!!!!
>Huh? My Windows XP Pro SP3 says: "Can't find hosts ..."

Why are you jumping through all these hoops? The Windows "hosts" file
is a plain text file you can edit in Notepad.

And do a search on "hosts.exe" and you'll find things like this:
The HOSTS file is named exactly that: HOSTS
It has no file extension.

>http://www.bleepingcomputer.com/star....exe-8795.html

This entire thread is becoming suspect.
BB thinks so too.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
Jul 13 '08 #38

P: n/a
On Sun, 13 Jul 2008 20:21:19 +0000, Chris F.A. Johnson wrote in <cefb0
$4*********************@TEKSAVVY.COM>:
On 2008-07-13, Tom wrote:
On Sun, 13 Jul 2008 19:16:24 +0200, Hendrik Maryns wrote:
If I click on this in Firefox 3 (on Linux, but that shouldnt make a
difference), I get a page warning that it is a scam page, with a button
Get me out of here!.
That warning must be coming from the browser. That was an old link I gave
you (from my past experience).

What happened when you clicked on http://thecatalogfree.net (which I
verified today)?

Does http://thecatalogfree.net also give you that "get me outta'here"
warning?
No. I get:

Forbidden

You don't have permission to access / on this server.

I had no problems with the other links you posted, even when I
ignored FF's warning about the site.
Was any file installed. Did any malware appear in the browser cache?

hb

--
....of all the things i've lost in my life ... i miss my mind the most
Jul 13 '08 #39

P: n/a
On Sun, 13 Jul 2008 15:37:26 -0500, hummingbird <hu*********@127.0.0.1>
wrote:
On Sun, 13 Jul 2008 09:10:33 -0500, Bear Bottoms wrote in
<op***************@bwwlxc1.br.no.cox.net>:
>On Sun, 13 Jul 2008 09:06:32 -0500, Tom <tw******@hotmail.comwrote:
On Sun, 13 Jul 2008 08:14:37 -0500, Bear Bottoms wrote:

Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than
control
>>alt
deleting the browser process?

Why not just close the tab/page?

That's my whole point. You CAN NOT close the tab. It just won't close!
In fact, you can't even navigate AWAY from the tab!

What Firefox flaw are they taking advantage of that hijacks your
browser
and won't even let you close the tab or the browser or even switch to
another tab. You're stuck in the quicksand and can't get out.

Can't help you there, I use Opera.

What if it's an Opera tab that is stuck on one of those URLs?
I've never been unable to close a tab. I tried all of the URL's he
provided that worked and didn't fall into any 'quicksand.' I've had issues
trying to use the back button on some sites, but then I just close the tab.

There is a bug in 9.50 and 9.51 I found playing spades on Yahoo. If a java
applet for say and invitation, or score applet is left open when you close
Opera, the browser closes, but a process is still running as viewed in the
task manager. You have to terminate that before you can run Opera again.
--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #40

P: n/a
On Sun, 13 Jul 2008 15:58:18 -0500, hummingbird <hu*********@127.0.0.1>
wrote:
>This entire thread is becoming suspect.

BB thinks so too.
So does Craig...whom I like but don't like but like but like but

Well, what I like about him is he ... er, well, he posts on the issue, not
the person...well most of the time somewhat.

--
Bear Bottoms
Freeware website: http://bearware.info
Jul 13 '08 #41

P: n/a

On Sun, 13 Jul 2008 16:30:26 -0500 'Bear Bottoms'
wrote this on alt.comp.freeware:
>On Sun, 13 Jul 2008 15:37:26 -0500, hummingbird <hu*********@127.0.0.1>
wrote:
>On Sun, 13 Jul 2008 09:10:33 -0500, Bear Bottoms wrote in
<op***************@bwwlxc1.br.no.cox.net>:
>>On Sun, 13 Jul 2008 09:06:32 -0500, Tom <tw******@hotmail.comwrote:

On Sun, 13 Jul 2008 08:14:37 -0500, Bear Bottoms wrote:

Is there a more graceful way, after the fact, to navigate away from
quicksand domains which have a hold on your browser, other than
control
alt
deleting the browser process?

Why not just close the tab/page?

That's my whole point. You CAN NOT close the tab. It just won't close!
In fact, you can't even navigate AWAY from the tab!

What Firefox flaw are they taking advantage of that hijacks your
browser
and won't even let you close the tab or the browser or even switch to
another tab. You're stuck in the quicksand and can't get out.

Can't help you there, I use Opera.

What if it's an Opera tab that is stuck on one of those URLs?
I've never been unable to close a tab. I tried all of the URL's he
provided that worked and didn't fall into any 'quicksand.' I've had issues
trying to use the back button on some sites, but then I just close the tab.

There is a bug in 9.50 and 9.51 I found playing spades on Yahoo. If a java
applet for say and invitation, or score applet is left open when you close
Opera, the browser closes, but a process is still running as viewed in the
task manager. You have to terminate that before you can run Opera again.
BB, you responded to a forgery.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
Jul 13 '08 #42

P: n/a

On Sun, 13 Jul 2008 22:11:50 +0100 'THE FORGER'
wrote this on alt.comp.freeware:
>On Sun, 13 Jul 2008 20:21:19 +0000, Chris F.A. Johnson wrote in <cefb0
$4*********************@TEKSAVVY.COM>:
>On 2008-07-13, Tom wrote:
On Sun, 13 Jul 2008 19:16:24 +0200, Hendrik Maryns wrote:

If I click on this in Firefox 3 (on Linux, but that shouldnt make a
difference), I get a page warning that it is a scam page, with a button
Get me out of here!.

That warning must be coming from the browser. That was an old link I gave
you (from my past experience).

What happened when you clicked on http://thecatalogfree.net (which I
verified today)?

Does http://thecatalogfree.net also give you that "get me outta'here"
warning?

No. I get:

Forbidden

You don't have permission to access / on this server.

I had no problems with the other links you posted, even when I
ignored FF's warning about the site.

Was any file installed. Did any malware appear in the browser cache?

hb
---------FORGERY----------

--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
Jul 13 '08 #43

P: n/a
Tom
On Sun, 13 Jul 2008 14:52:18 -0400, Ed Mullen wrote:
Why are you jumping through all these hoops? The Windows "hosts" file
is a plain text file you can edit in Notepad.
I know, I know.

Microsoft put the c:\windows\system32\drivers\etc\hosts file in the most
ridiculous non-intuitive spot it could possibly find, deep in muck, deep
under large directories that take a while to load, and without a decent
extension so you have to grope for your text editor (mine is vim freeware).

So, rather than "jump thru hoops" each time just to edit the hosts file, I
add a one-time-only registry key "hosts" which opens up the TEXT file (so
that I have a backup if I need it).

When I type "Start -Run -hosts", vim opens up that
c:\windows\system32\drivers\etc\hosts.txt text file, where I edit and save
to "hosts" which it saves in the current directory (i.e.,
c:\windows\system32\drivers\etc\hosts).

That's a LOT easier than navigating deep into the windows hierarchy into
the least logical place MS could have placed the hosts file and then
fumbling around to get notepad to edit the file with no extension.
Jul 14 '08 #44

P: n/a
Tom
On Sun, 13 Jul 2008 21:58:18 +0100, hummingbird wrote:
The HOSTS file is named exactly that: HOSTS
It has no file extension.
I know. I know. Of course it's named hosts.

I'll explain again. You can fumble around trying to find the hosts file
every time you have to edit it but I don't wish to be that inefficient.

I just type "hosts", I make my edits, and I save the results as "hosts" and
I'm done.

Behind the scenes, the magic of that simplicity is:
a) Typing "Start -Run -hosts" exercises the "hosts.exe" registry key
b) That hosts.exe registry key brings up the hosts.txt file
c) Saving that as "hosts" saves that file as the proper hosts file.

It's that simple. You might prefer the lousy inefficient way and that's
just fine. Here's the horribly inefficient way to edit the hosts file.

a) Navigate to C:\windows (hosts belongs here)
b) Navigate to system32 (dunno why it's here)
c) Navigate to drivers (it's not a driver)
d) Navigate to etc (what's etc got to do with it?)
e) Right click on the hosts file to edit in Notepad
f) Save as hosts.bak (you should have a backup)
g) Save as hosts (this overwrites the original file)

So, you can do it either way. I think the method I proposed is elegant.
I think both methods will work.

BTW, there isn't any hosts.exe file.
Those who know the Windows registry know that, in Microsoft's infinite
wisdom, the "App Paths" key MUST end with "exe" for it to work. There is no
hosts.exe (I repeat) there is no hosts.exe. The whole point of the App
Paths key is to make the editing of hosts a simple one-click affair.

Hope this helps!
Jul 14 '08 #45

P: n/a
Tom
On Sun, 13 Jul 2008 21:36:51 +0100, hummingbird wrote:
>>Rather after-the-fact isn't it?

He can use the hosts file to avoid going to that site
The whole point is to be able to get out of the quicksand without having to
kill the entire browser session (losing all your tabs).

If you kill the browser, yet you wanted the OTHER tabs (not the quicksand
tab), you can't ever start it again 'cuz you can only recover all the tabs
or none of the tabs.

So, this hosts edit and then doing a shift reload, allows you to blank out
the one quicksand tab and move on with your life.

Elegant, isn't it?
Jul 14 '08 #46

P: n/a
Tom
On Sun, 13 Jul 2008 14:52:18 -0400, Ed Mullen wrote:
And do a search on "hosts.exe" and you'll find things like this:
I know. I know.

Those who know the Windows registry know that, in Microsoft's infinite
wisdom, the "App Paths" key MUST end with "exe" for it to work.

There is no hosts.exe (I repeat) there is no hosts.exe.

The whole point of the App Paths key is to make the editing of hosts a
simple one-click affair.

But, Microsoft insists that ALL "Apps Paths" keys end with "exe" whether or
not the file you're trying to open ends with ".exe".

So, that's the ONLY reason the hosts App Path key is called "hosts.exe".

Please reply if you understand this 'cuz I feel badly that this was
misunderstood by a few of you.
Jul 14 '08 #47

P: n/a
Tom
On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
If Windows, Ctrl Alt Delete to call up the task manager; select the
browser; kill it.
Very inelegant.

When you have a dozen tabs open, killing the browser, kills all the tabs.

When you restart Firefox, it asks if you want to open all the old tabs,
but, of course, that will just open the quicksand site all over again.

So, without editing the hosts file and shift reloading, you're forced to
say NO to reloading your old tabs ... and you lose them all.

That's why you don't kill the browser session.

Luckily we found a single-click way to solve the problem (type "start ->
run -hosts, add the offending domain, and shift reload the browser). This
turns the quicksand URL into cement. Voila! Thanks to hummingbird!
Jul 14 '08 #48

P: n/a
Tom
On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
If Windows, Ctrl Alt Delete to call up the task manager; select the
browser; kill it.
Very inelegant.

When you have a dozen tabs open, killing the browser, kills all the tabs.

When you restart Firefox, it asks if you want to open all the old tabs,
but, of course, that will just open the quicksand site all over again.

So, without editing the hosts file and shift reloading, you're forced to
say NO to reloading your old tabs ... and you lose them all.

That's why you don't kill the browser session.

Luckily we found a single-click way to solve the problem (type "start ->
run -hosts, add the offending domain, and shift reload the browser). This
turns the quicksand URL into cement. Voila! Thanks to hummingbird!
Jul 14 '08 #49

P: n/a
On 2008-07-13, hummingbird wrote:
On Sun, 13 Jul 2008 20:21:19 +0000, Chris F.A. Johnson wrote in <cefb0
$4*********************@TEKSAVVY.COM>:
>On 2008-07-13, Tom wrote:
On Sun, 13 Jul 2008 19:16:24 +0200, Hendrik Maryns wrote:

If I click on this in Firefox 3 (on Linux, but that shouldnt make a
difference), I get a page warning that it is a scam page, with a button
Get me out of here!.

That warning must be coming from the browser. That was an old link I gave
you (from my past experience).

What happened when you clicked on http://thecatalogfree.net (which I
verified today)?

Does http://thecatalogfree.net also give you that "get me outta'here"
warning?

No. I get:

Forbidden

You don't have permission to access / on this server.

I had no problems with the other links you posted, even when I
ignored FF's warning about the site.

Was any file installed.
Not if I didn't tell it to.
Did any malware appear in the browser cache?
What's malware?

--
Chris F.A. Johnson <http://cfaj.freeshell.org>
================================================== =================
Author:
Shell Scripting Recipes: A Problem-Solution Approach (2005, Apress)
Jul 14 '08 #50

103 Replies

This discussion thread is closed

Replies have been disabled for this discussion.