Is Jaguar adding To Our Pages?

[terri]

Hi,

I still can't get a support ticket by going to my cpanel. It took them a week to get back to me on my last problem anyhow.

Here is most of an email I just sent to Greg in administration:

Hi,
You helped me before, I hope you can again.

Why are things being added to my page that I DID NOT ADD?????

I had edited a page, saved the page. When I clicked on the page addy to see my addition, I got "undergoing deveopment". NEVER saw that before.

As I needed to print the page TODAY, I took the page addy and uploaded the whole page to another paid acct. I have. Thanks goodness for that acct.

When I looked at the other acct. my codes were GONE.

Here's what was on the page I uploaded.

++++++++++++++++++++++++
<HTML>
<HEAD>
<META NAME="ROBOTS" CONTENT="ALL">
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="keywords" CONTENT="">
<META NAME="description" CONTENT="">
<TITLE>undergoing development</TITLE>
</HEAD>
<FRAMESET ROWS="*,68" FRAMEBORDER=0 FRAMESPACING=0>
<FRAME NAME="redirectTo" FRAMEBORDER=0 FRAMESPACING=0 MARGINHEIGHT=0 MARGINWIDTH=0 NORESIZE SRC="http://www.http.com//terrisfun.com/misc/aafinance.html">
<FRAME FRAMEBORDER=1 FRAMESPACING=5 MARGINHEIGHT=2 MARGINWIDTH=0 SCROLLING="NO" NORESIZE SRC="framead.php3?siteid=17194">
</FRAMESET>
<!--
<PRE>
http://terrisfun.com/misc/aafinance.html
</PRE>
-->
++++++++++++++++++++++++

YOU - Jaguar - added this to my page because I Didn't. Why?????????

WHY??? I don't expect a paid acct. to be touched in any way by anyone but ME!!

Who is responsible for this??? Will my pages EVER be added to again?? I certainly hope NOT!!

I'm sorry, but I am irate about this and usually I am pretty easygoing. I know it is not your fault. Not only did the Move cost me money, but this has cost me Time. My printing should be done by now.

Please find out about this for me.

Terri
terrisfun.com

The page was a list of online Loan Companies. Nothing, illegal or porn or anything like that. Why are they adding stuff to my pages and blocking me from accessing them???

If anyone from Jaguar reads this please let me know what this is all about.

Everyone else - heads up!!!

[gakenny]

Terri,

Looking at your html, it seems that you (rather than Jaguar) made a mistake of including the following in your code:
http://www.http.com//terrisfun.com/misc/aafinance.html

This is where the undergoing development message is coming from. This should have read:
http://www.terrisfun.com/misc/aafinance.html

I presume that you fixed it. Post to notify that the issue has been resolved.

Cheers.

[lookout]

Terri, before leaping to the conclusion that Jaguar is responsible for this, consider your own configuration first. What you are describing sounds very much like the result of scumware. One usually picks this up via a browser plugin or seemingly useful utility, packaged with a software that behaves much like a trojan horse.

Here's some links on the topic that should help:

http://sitetipsandtricks.com/art/a080701b.html (good review of the problem)

http://www.scumware.com/ (this link includes tools and instructions to help detect and remove scumware products)

http://www.spywareinfo.com/articles/hijacked/

http://unwantedlinks.com/gatored.htm

http://www.dslreports.com/shownews/15862

Not quite sure how this would work under your webTV configuration, but I'd guess it's a result of a browser plugin of some sort.

[terri]

I see the mistake in the addy of the page in question BUT:

The coding posted above is NOT MY coding. I didn't do any of THAT coding. The full thing was added to my page, just as you see it, NOT by me. I merely copied and pasted it into this post and the email to Greg.

WHO added it?? That's what I want to know? Whoever, THEY made the mistake in the addy.

http://www.terrisfun.com/misc/aafinance.html

Is the addy I clicked and got "unresolved development". I fixed it, yes. But why was it put there in the first place. And by WHO??

Now as far as scumware or plugins or trojans horses or other software - LOL!! - I'm using a webtv.

Webtv cannot add anything!!! We cannot buy software. Nowhere to insert it and NO Hard drive. We get NO viruses. We can't add plugins. Webtv is an internet connection/appliance and very limited.

When I make a page, and I make at least one a day, I can't use Front Page. Notepad or any of the others I have heard about. I type my own HTML coding in an editor/text box here, supplied by Jaguar/Aletia.

You probably all have one. Comes with the package.

The codes shown above in my orig post were NOT done by me. Who added them??

As far as I know the only people, other then myself, who can get in and edit or add to one of my pages is Jaguar.

Oh, I guess hackers could, but why would they want to?? I'm selling a mobile home at the shore and the page was a list to give to prospective buyers. DULL!!

Well, I just hope I never SEE added codes on one of my pages again. I still would like to know HOW they got there.

C'mon Jaguar, was it you? - accidental or on purpose??

Puzzled.

Terri
http://terrisfun.com

[lookout]

Originally posted by terri
Webtv cannot add anything!!! . . . We get NO viruses.

Not so. See this link. There's similar stuff out there affecting other popular internet appliances, like PDAs. As far as not being to install plugins of a sort, these sites here and here suggest otherwise. But plugins on WebTV are mostly limited to the periodic changes implemented by the WebTV development team.

When I make a page, and I make at least one a day, I can't use Front Page. Notepad or any of the others I have heard about. I type my own HTML coding in an editor/text box here, supplied by Jaguar/Aletia. You probably all have one. Comes with the package.

Just for clarity here, what Terri means is the simple text editor incorporated under cpanel's File manager. It is not an HTML specific editor like Frontpage, although one certainly can use it to code HTML. It's more akin to a basic ASCII editor, like UNIX's venerable VI, or the classic Windows notepad.

[terri]

Hi lookout,
The first link you posted was a script not a virus. Among Webtv users there are some nerds, hackers and genius'. THEY can make 'bombs' and other tricks but not really a virus. I once clicked on the answer to a post in a newsgroup and was taken to my 'switch user page' instead of the post. That type of nonsense.

The second link about plugins is for PC users.

All our upgrades, including any plugins, come from the Microsoft 'factory' in Calif. We have NO say in what an upgrade contains.
Microsoft sends it over our phone lines and its whatever THEY decide to have IN the upgrade. They have many testers - for months before an upgrade is released. To make sure it works right and even then sometimes it doesn't.

I have been on Webtv for 4 years and have never had a virus and have been told we CAN't get one. I must admit I wonder sometimes if the Microsoft Webtv 'factory' couldn't get one. Never know.

BTW, my MAIN question - WHO put the HTML codes ON my page still hasn't been answered.

Terri

[lookout]

I didn't say it WAS a virus. In fact my initial quote was behavior "much like a trojan horse", and scripts certainly can fall under that category and produce virus like activity. The 911 script that recently plagued WebTV users is an example of that.

My mistake on the second link and user installable plugins. The third link was the one that points out the use of webTV plugins, although as you say they are not implemented by the users. Plugins are certainly an area of vulnerability. Not much you can do about it though when there installation is in the hands of others. It reminds me a bit of some of the disasterous AOL updates in the past. Personally, I have little faith in software that automatically updates itself.

I don't mean to discount your interpretation of events. I'm just pointing out that there may another explanation that you have not considered.

[timechange]

The devil made me do it