Just wanted to inform you all of something rather insidious that's going around the internet called CoolWebSearch, or CWS for short.
This thing--I think it's a trojan virus--hijacks your browser, and hijacks links that you click on, and redirects it to some kind of alternate search engine. My browser kept going to Search-Biz.cc or
Search.cc This is really irritating! If you search for anything on Google, Duran Duran for example, and you start clicking on the links, you'll get redirected to one of these sites, with your seacrh criteria totally changed to something like debt consolidation or online gambling. There's information about this virus and fix methods here:
http://computercops.biz/article-4736-nested-0-0.html
and also at www.spywareinfo.com, which right now is under a DNS attack. There are supposedly something like 30 or 40 different variants of this worm. So if you're infected, try and get CWShredder and also CoolWWWSearch.SmartKiller.

maybe this could be a good fix as well: http://www.mozilla.org/products/firefox

Yeah, no kidding. I've been reading the thread about the pop-up stoppers, and I decided to try Mozilla. I'm on this site with it right now, and I've already switched it to my main browser. So chalk up another convert:)

Well if mozilla reaches critical mass it is not impossible that people might try to target Mozilla this way. The question is will they be able to. Seeing as mozilla is better described as the gecko layout engine and not everyone uses the actual mozilla browser there will be no one program to target. The best they could do is breach the layout engine. But what would that get them.

I'm not sure exactly how this virus works, but from what I read, it seems to infect when a particular web site is visited and a popup ad is displayed which then infects your computer. I'm not too technically sound as far as internet browsers go, but it seemed to be some kind of weakness that was exploited in Microsoft Virtual Machine. But I'm worried that if it's the website's popup ad that infects, why would a different browser not be (or be less) susceptible to this?

Well for one the Microsoft Virtual machine is not the Mozilla Virtual machine. If there were such a thing. What you are speaking of if I am not mistaken is the Java virtual machine. And ther are two to three different java virtual machines. Microsoft's which has not been developed or updated since about 1995. Aproximatly the time Microsoft fealt they had killed off Java. Everyone who is not Microsoft uses Sun Microsystems Java which is still being actively developed. I believe the Blackdown JVM is derived from Sun's Java while kaffe is original. But neither of them is used as much.

Microsoft's security practice and design is so atroacious as to compound the problem. IE considders many non executable file types as being executable. What's worse is that IE is not to keen on asking whether or not you wish to run them in the first place. Often deciding that it is better for you to run them automatically. Bam you are infected! Also it was shown recently is that Microsoft is not to keen on data validation. Prime example would be the unsigned bitmap structure exploit discovered from the IE5 source code that was leaked.

Ok, yes it was the Java Virtual Machine. So, I suppose if I just keep using Mozilla FireFox (which I like better anyhow) then I won't encounter this type of problem in the future. Is there a setting in FireFox which warns you if a website trys to install and execute malicious code?

Originally posted by trapvector
Ok, yes it was the Java Virtual Machine. So, I suppose if I just keep using Mozilla FireFox (which I like better anyhow) then I won't encounter this type of problem in the future. Is there a setting in FireFox which warns you if a website trys to install and execute malicious code?

obviously, if the web browser knew that a malicious code is beeing inserted, it would have prevented it. so the answer is probably no.

generally speaking, mozilla/firefox will not let anything to run on your computer without your explicit permission. you don't need to setup anything to get this 'feature'. in the latest versions of firefox you're not even allowed to exectute 'exe' files directly from the web, with or without your permission. you can only download them (but then you're given the option to open the target directory such that you can do whatever u want with the file directly, and knowingly).

In firefox javascript, Java, or flash are pretty much the only thing that will ever run. And of all those each and everyone is a minimal risk at worst. And Sun's Java is alot more secure than Microsoft's ever was. A Java "applet" may not touch your local file system without explicit permission. And that is every time you want it run. There is no way to override it and it is a bit anoying. But it is all for your security. Java aplications are different. But those can't be run in your browser. Mozilla is not invulnerable. But by being simpler and more straight forward it is alot more secure.

Ok. Thank you both for this information. Now that Mozilla is my primary web browser, I'll feel a lot more secure doing normal web browsing.:)