I was hijacked a couple months ago by what turned out to be a pun. I haven't run into humor in malware before, so I thought I would pass it along for your information and possible pleasure.
It started when I opened IE to do an update, but instead of seeing GOOGLE on the screen (my default browser Home) I saw what appeared to be a pop-up for SPY BOUNCER. Nothing I could do would escape that screen. Yes, I could write in a URL on the Address Line and go where I wanted, but whenever I opened IE again, there was that SPY BOUNCER tar baby.
Of course I checked my IE's default Home Page, but it looked perfect, still that beastly ad popped up every time IE opened. I tried this and that (handstands and backflips) but nothing worked. So I went back to Firefox, my regular browser, and forgot about upgrades.
But every few days I would try IE again, and there was the SPY BOUNCER ad filling the screen. It wasn't till recently that the light bulb went off and I got the "joke". My default page did _not_ read http://www.google.com. It read http://goggle.com/ (!) That change had been fooling my eye each time I'd looked at it. Natch, I simply corrected the spelling and thereafter all was cool. Cute hijack, eh?
It started when I opened IE to do an update, but instead of seeing GOOGLE on the screen (my default browser Home) I saw what appeared to be a pop-up for SPY BOUNCER. Nothing I could do would escape that screen. Yes, I could write in a URL on the Address Line and go where I wanted, but whenever I opened IE again, there was that SPY BOUNCER tar baby.
Of course I checked my IE's default Home Page, but it looked perfect, still that beastly ad popped up every time IE opened. I tried this and that (handstands and backflips) but nothing worked. So I went back to Firefox, my regular browser, and forgot about upgrades.
But every few days I would try IE again, and there was the SPY BOUNCER ad filling the screen. It wasn't till recently that the light bulb went off and I got the "joke". My default page did _not_ read http://www.google.com. It read http://goggle.com/ (!) That change had been fooling my eye each time I'd looked at it. Natch, I simply corrected the spelling and thereafter all was cool. Cute hijack, eh?