Mozilla warns over Firefox Trojan

Started by Simon, Oct 27, 2010, 12:17:22

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Simon

Mozilla has warned about a critical zero-day vulnerability affecting Firefox 3.5 and Firefox 3.6 users.

"We have received reports from several security research firms that have found exploit code leveraging this vulnerability in the wild," Mozilla said on its security blog.

According to Mozilla, the problem first surfaced on the Nobel Peace Prize website. Access to that site has now been blocked, but the browser developer warned that other sites could be infected and said "users who visited an infected site could have been affected by the malware".

Read more: http://www.pcpro.co.uk/news/security/362266/mozilla-warns-over-firefox-trojan
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

It's time to have one machine for accessing the web, independent of all others on a network. :(
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

DorsetBoy


Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Baz

what was the trojan name?


I had some bother yesterday and got hit with some thing some how  :dunno: :dunno:  dont know how as its very rare for me to even get warnings.NOD kept blocking something,I got about 45 failed to send email messages ..nothing I had sent....my system slowed to a crawl and task manager was showing cpu usage as 100%  :o :o

eventually got a av scan/spyware/malware done and it found some variant of win32/ramnit virus.

I didnt even have any system restore points showing so couldnt do that.

weird

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Steve

Ramnit.A seems pretty nasty and not easy to rid can even spread to external drives :eek4:
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

I really am beginning to think of  having a net machine which I image up in Acronis and then just re-install if there's  problem. Isolate it from other machines on the network, but give it access to printers. :shake:
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

DorsetBoy

Dual boot with Linux ............. internet access via Linux and Windows for everything else.

Rik

That would be another way, certainly.  :thumb:
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

MisterW

#10
Or a VM using VirtualBox ( or VMWare ). Make a shapshot of the VM ( before doing anything! ) and then if needs be just restore from the snaphot.

Or even simpler, just keep a Linux Live CD and boot it up for browsing etc

Rik

Plenty of good ideas to chew on there. Thanks.  :thumb:
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

likely to break your teeth if you chew on a CD.  ;D

Technical Ben

Quote from: Rik on Oct 27, 2010, 12:32:36
It's time to have one machine for accessing the web, independent of all others on a network. :(
Or a VM machine. Windows 7 almost does this now. However, there is always the "I'll transfer that download to"... BAM Virus.
I use to have a signature, then it all changed to chip and pin.

Baz

Quote from: Steve on Oct 28, 2010, 18:44:30
Ramnit.A seems pretty nasty and not easy to rid can even spread to external drives :eek4:

DAMN :mad: :mad: :mad: :mad: :mad:

got hit with that somehow and cant get system running well at all.every time i plug in to router my cpu usage shoots up to 100% and slows every thing down.no malware finds or spyware but had loads of AV infiltrations. got rid of them,I think,but still having trouble .



HELP!!!!!!!!!

Glenn

Quote from: Steve on Oct 28, 2010, 18:44:30
Ramnit.A seems pretty nasty and not easy to rid can even spread to external drives :eek4:

I spent 4 hours with this worm (W32/Ramnit.A!htm) today, I'm sad to say, it beat me.  :mad: The laptop is being rebuilt.
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

DorsetBoy

Quote from: Baz on Oct 29, 2010, 20:36:15
DAMN :mad: :mad: :mad: :mad: :mad:

got hit with that somehow and cant get system running well at all.every time i plug in to router my cpu usage shoots up to 100% and slows every thing down.no malware finds or spyware but had loads of AV infiltrations. got rid of them,I think,but still having trouble .



HELP!!!!!!!!!

http://forums.techguy.org/virus-other-malware-removal/938626-win32-ramnit-worm-hijack-log.html   Look at Combofix.

http://www.google.co.uk/search?client=opera&rls=en&q=Ramnit.A&sourceid=opera&ie=utf-8&oe=utf-8

pctech

Oh dear, seems the malware authors are becoming brighter by the day.


DorsetBoy

Quote from: Glenn on Oct 29, 2010, 20:41:36
I spent 4 hours with this worm (W32/Ramnit.A!htm) today, I'm sad to say, it beat me.  :mad: The laptop is being rebuilt.


http://forums.techguy.org/virus-other-malware-removal/938626-win32-ramnit-worm-hijack-log.html       COMBOFIX is said to be what you need.

Glenn

Now why couldn't I find that this morning?  :blush:
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Baz

how do I save it to my desktop if I cant get online as the computer is slow as

pctech

If you can get to the page, right click the link and select Save Target As.../Save Link As...., if accessing from a mobile you might have a bit of trouble.


pctech

Might be an idea to try booting in Safe Mode (Start PC and keep tapping F8 until you get the startup menu) select safe mode with networking and go direct to that site.


Baz

i got it on  a pendrive thanks and its struggling to download whatever it needs from M/Soft.


my main problem is why my cpu usage is 100%   nothing is running in background but it shoots right up as soon as i plug in to router

Baz

does this Combofix actually fix a problem or just give a log file