Infection via Website

Giganews Newsgroups
Subject: Infection via Website
Posted by:  Dennis (dennispubl…@hotmail.com)
Date: 1 May 2007

There's a website I know of...  as soon as you visit it, your anti-
virus (AVG in my case) starts setting off warnings. The site is
clearly trying to install  spyware/viruses (apparently it is well
known for doing this).

As someone studying to become an MCSE I am curious in the specifics of
how the site is trying to infect computers. IE: is it using java to do
this? Active x? applets? scripts?  I know it manages to get a few
files onto my harddrive (the files being on my harddrive are what
actually triggers the AVG warnings). How does it activate those files
and get them running in memory/startup? Can Active X/Java/etc/etc make
changes to your registry? Do you fully need to turn off these IE
settings to be truly safe? etc etc...

If anyone could give me some very basic info, or point me to some good
(brief & to the point) links, it would be much appeciated.

Thanks in advance

Replies