Spyware question

I surf ebay a lot. They say they do not support spyware. From my research it
seems this tribalfusion spyware is big and it it planted in banner ads on
ebays web pages. I am continually getting a security warning dialog box that
says: The current web page is trying to open a site on the internet. Do you
want to allow this? Then it lists 2 urls: http://atribalfusion.com and
res://ieframe.dll. I am constantly having to click No to make the dialog box
go away. Does anyone know what I can do to prevent this from loading but get
rid of the annoying dialog box.

Thanks

John wrote:

> I surf ebay a lot. They say they do not support spyware. From my research it
> seems this tribalfusion spyware is big and it it planted in banner ads on
> ebays web pages.


Banners ads can't possibly contain any spyware in executable fashion.

> I am continually getting a security warning dialog box that
> says: The current web page is trying to open a site on the internet. Do you
> want to allow this? Then it lists 2 urls: http://atribalfusion.com and
> res://ieframe.dll.


This sounds like you're abusing MSIE as a webbrowser. Why are you then even
discussing security issue? They're inherent!

> I am constantly having to click No to make the dialog box
> go away. Does anyone know what I can do to prevent this from loading but get
> rid of the annoying dialog box.


Flatten and rebuild your user profile? If not the entire machine? You should
reasonably assume it as compromised.

"Sebastian G." <seppi@seppig.de> writes:

> John wrote:
>
> > I surf ebay a lot. They say they do not support spyware. From my
> > research it seems this tribalfusion spyware is big and it it planted
> > in banner ads on ebays web pages.
>
>
> Banners ads can't possibly contain any spyware in executable
> fashion.

Really? So what magical pendantic definition of "spyware" and
"executable fashion" do you ahve on your mind to back that up.
There is no shortage of reports to the contrary:

http://blog.washingtonpost.com/secur...are_to_mo.html
http://www.malwarehelp.org/news/article-6210.html
http://weblog.infoworld.com/security...eunwanted.html
http://apcmag.com/5382/microsoft_apo...e_to_customers
http://news.netcraft.com/archives/20...r_malware.html

http://www.google.com/search?q=banner+malware


Best Regards,
--
Todd H.
http://www.toddh.net/

On 5-Oct-2007, "John" <blackberry@vintageaudioetc.com> wrote:

> Does anyone know what I can do to prevent this from loading but get
> rid of the annoying dialog box.

Download and use Firefox from mozilla.com for starters.
If you simply _must_ use ie, learn how to 'tweak' it so that it is at
least a bit less vulnerable.

--
I am not a complete idiot.
Parts are missing.

Todd H. wrote:

> "Sebastian G." <seppi@seppig.de> writes:
>
>> John wrote:
>>
>>> I surf ebay a lot. They say they do not support spyware. From my
>>> research it seems this tribalfusion spyware is big and it it planted
>>> in banner ads on ebays web pages.
>>
>> Banners ads can't possibly contain any spyware in executable
>> fashion.
>
> Really? So what magical pendantic definition of "spyware" and
> "executable fashion" do you ahve on your mind to back that up.
> There is no shortage of reports to the contrary:
>
> http://blog.washingtonpost.com/secur...are_to_mo.html
> http://www.malwarehelp.org/news/article-6210.html
> http://weblog.infoworld.com/security...eunwanted.html
> http://apcmag.com/5382/microsoft_apo...e_to_customers
> http://news.netcraft.com/archives/20...r_malware.html
>
> http://www.google.com/search?q=banner+malware


Actually this quite supports my statement: You can embed executable binary
or script code, but it won't get actually execute unless you explicitly
demand it - like, for example, by abusing MSIE as a webbrowser. On a real
webbrowser, such attempts are inherently futile.