Web graphics used to spread viruses through IE

[Dave_07]

Ok, ok, IE is in trouble, and so am i now... and im gonna have to change to another browser now. Either that or put up my IE Internet security settings to High and put up with this DAMN "your current internet security settings may cause this page to load incorrectly" ms pop up box..

Ok, so i guess the question is thus, what browser should i go for, wait, be for you say FIREFOX!, are there any other popular browsers out their to think about ?
Also is FireFox deffo not affected by this new method of spreading viruses through web graphics ?

Finaly my AVG Resident Shield keeps briging up a pop up box saying there is a "Virus, Trojan horse Dialer.7.AS Found in C;\System Volume information\..."
And says to run AVG test to cure it, but even a complete test do not detecte it. What should i do ?

Cheers, Dave.

[Elmo]

i used to have that problem with AVG.
turn ur system restore off ( control panel -> system -> system restore), close all connections to the internet, run a full AVG scan, then turn system restore back on.

Thats what i used to have to do with AVG, so try it. I've now changed to norton and had zero problems

[Iain]

Spreading a virus through a web graphic is not new, it;s been done for years. The 1 pixel gif is even used by web sites to maintain session functionality and is an accepted method of doing this across several backend systems. Whilst IE is more susceptible to virii than other browsers e.g. Firefox, good anti-vrus software should be sufficient to allow you to use IE if you want.

If you're still considering another browser then the main contender to Mozilla is Opera at http://www.opera.com

[Paul Adams]

I assume Dave is referring to this - a new trojan which tries to take advantage of several patched IE vulnerabilities and 2 that have not previously been seen.

However, while the javascript trojan is inserted in the appended footer for every page served by an infected web server, it can't execute if it is attached to images.

- Will the javascript attached to images be executed?
No. The javascript attached to images is harmless. It's the JavaScript attached to the .htm or .html files that gets executed, forcing the browser to connect to the Russian site.

Seems the only seen incarnation of this virus is to silently install the "I-Lookup" toolbar, and SANS are not aware of any web servers currently (still) infected.

Some AV products will pick up the trojan - AVG picks up the proof of concept one from the site linked to by SANS, for example.

[Dave_07]

I don't know what this Dialer.7.AS thing is, and im only bringing it up becuase a week ago a AVG Full scan actually detected this Dialer thing as did SpyBot-S&D, spybot-s&d said it removed it and AVG said it moved part of the Dialer thing to it's Virus valt and "Healed" the rest, it only healed it instead of totally removing the dialer thing because apparently access was denied or sommet, So i thought the prob was fix, but now the box just keeps poping up. So obviously it's not fixed.
Elmo i'll try what waht u suggested and see it that helps.

PS, I forget to ask be for, when you install a new browser like Firefox, do you need to uninstall IE or sommet ? If so, how ? as IE is not in my add/remove list only a patch for IE is listed there called "Internet Explorer Q831167"

Cheers, Dave.

[Iain]

no need to uninstall IE

[Dave_07]

Is there any way to stop this IE pop up box "your current internet security settings may cause this page to load incorrectly" ??

[luap.h]

Ok, so i guess the question is thus, what browser should i go for, wait, be for you say FIREFOX!, are there any other popular browsers out their to think about ?

I'm finding opera a joy to use, though it isn't completely compatible with all web pages, so you find yourself going back to IE now and again. Opera has some neat features which you miss like crazy when you use something else. Kinda like going back to a mouse with no scroll wheel! The mouse gestures are pure genius

[Iain]

Firefox has mouse gestures as well via it's extensions library

[Kezzer]

I thought it's impossible to uninstall IE? All it does is remove shortcuts iirc

[Steve]

I thought it's impossible to uninstall IE? All it does is remove shortcuts iirc

You are indeed correct, it's integrated with Windows.

Back in the 98 days, when there was uproar about IE's integration, MS said that windows 98 simply couldn't run without IE. Somebody did a bit of fiddling and proved them shamefully wrong by stripping out IE entirely, leaving windows 98, but without any IE features. The interface was, of course, much more like windows 95, but the kernel under the bonnet was still 98...

/pub trivia.

[directhex]

IE depends on a big ol' file called mshtml.dll, which does all the rendering duties. recent versions of Explorer depend on this file to work. 98lite pulled out the file & used the 95 version of explorer