Mozilla has warned about a critical zero-day vulnerability affecting Firefox 3.5 and Firefox 3.6 users.
"We have received reports from several security research firms that have found exploit code leveraging this vulnerability in the wild," Mozilla said on its security blog.
According to Mozilla, the problem first surfaced on the Nobel Peace Prize website. Access to that site has now been blocked, but the browser developer warned that other sites could be infected and said "users who visited an infected site could have been affected by the malware".
Read more: http://www.pcpro.co.uk/news/security/362266/mozilla-warns-over-firefox-trojan
It's time to have one machine for accessing the web, independent of all others on a network. :(
Patched in 3.6.12
Thanks, Dorset, I am. :)
what was the trojan name?
I had some bother yesterday and got hit with some thing some how :dunno: :dunno: dont know how as its very rare for me to even get warnings.NOD kept blocking something,I got about 45 failed to send email messages ..nothing I had sent....my system slowed to a crawl and task manager was showing cpu usage as 100% :o :o
eventually got a av scan/spyware/malware done and it found some variant of win32/ramnit virus.
I didnt even have any system restore points showing so couldnt do that.
weird
No-one seems to have said, Baz.
Ramnit.A seems pretty nasty and not easy to rid can even spread to external drives :eek4:
I really am beginning to think of having a net machine which I image up in Acronis and then just re-install if there's problem. Isolate it from other machines on the network, but give it access to printers. :shake:
Dual boot with Linux ............. internet access via Linux and Windows for everything else.
That would be another way, certainly. :thumb:
Or a VM using VirtualBox ( or VMWare ). Make a shapshot of the VM ( before doing anything! ) and then if needs be just restore from the snaphot.
Or even simpler, just keep a Linux Live CD and boot it up for browsing etc
Plenty of good ideas to chew on there. Thanks. :thumb:
likely to break your teeth if you chew on a CD. ;D
Quote from: Rik on Oct 27, 2010, 12:32:36
It's time to have one machine for accessing the web, independent of all others on a network. :(
Or a VM machine. Windows 7 almost does this now. However, there is always the "I'll transfer that download to"... BAM Virus.
Quote from: Steve on Oct 28, 2010, 18:44:30
Ramnit.A seems pretty nasty and not easy to rid can even spread to external drives :eek4:
DAMN :mad: :mad: :mad: :mad: :mad:
got hit with that somehow and cant get system running well at all.every time i plug in to router my cpu usage shoots up to 100% and slows every thing down.no malware finds or spyware but had loads of AV infiltrations. got rid of them,I think,but still having trouble .
HELP!!!!!!!!!
Quote from: Steve on Oct 28, 2010, 18:44:30
Ramnit.A seems pretty nasty and not easy to rid can even spread to external drives :eek4:
I spent 4 hours with this worm (W32/Ramnit.A!htm) today, I'm sad to say, it beat me. :mad: The laptop is being rebuilt.
Quote from: Baz on Oct 29, 2010, 20:36:15
DAMN :mad: :mad: :mad: :mad: :mad:
got hit with that somehow and cant get system running well at all.every time i plug in to router my cpu usage shoots up to 100% and slows every thing down.no malware finds or spyware but had loads of AV infiltrations. got rid of them,I think,but still having trouble .
HELP!!!!!!!!!
http://forums.techguy.org/virus-other-malware-removal/938626-win32-ramnit-worm-hijack-log.html Look at Combofix.
http://www.google.co.uk/search?client=opera&rls=en&q=Ramnit.A&sourceid=opera&ie=utf-8&oe=utf-8
Oh dear, seems the malware authors are becoming brighter by the day.
Quote from: Glenn on Oct 29, 2010, 20:41:36
I spent 4 hours with this worm (W32/Ramnit.A!htm) today, I'm sad to say, it beat me. :mad: The laptop is being rebuilt.
http://forums.techguy.org/virus-other-malware-removal/938626-win32-ramnit-worm-hijack-log.html COMBOFIX is said to be what you need.
Now why couldn't I find that this morning? :blush:
how do I save it to my desktop if I cant get online as the computer is slow as
If you can get to the page, right click the link and select Save Target As.../Save Link As...., if accessing from a mobile you might have a bit of trouble.
Might be an idea to try booting in Safe Mode (Start PC and keep tapping F8 until you get the startup menu) select safe mode with networking and go direct to that site.
i got it on a pendrive thanks and its struggling to download whatever it needs from M/Soft.
my main problem is why my cpu usage is 100% nothing is running in background but it shoots right up as soon as i plug in to router
does this Combofix actually fix a problem or just give a log file
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
It removes what it can and produces a log file.
Pass, FF patched itself earlier so am immune from the pox so luckily not had to run it.
well I dont know what happened or what i've done but its running now.....to a certain degree.But heres a strange one, was on google and clicked a link and CPU usage shot right up to 100% again and it took me to some totally random site not the one I wanted.So I tried again with a google search of 'Dogs' clicked a link, any one and again I got some wild site full of ads.It only does this 100% thing on google it seems at the moment. :dunno:
Any ideas.Theres something still not right with my system some where.I have the latest version of FF in case it was that just got it tonight.
You seem to have some malware on board, Baz. Suggest Super AntiSpyware and / or Malwarebytes.
Try these online scanners Baz :
http://www.eset.com/online-scanner
http://housecall.trendmicro.com/uk/
http://www.pandasecurity.com/activescan/index/?track=100737
the problem with a lot of the worm type infections is that they need manual removal from the registry.
thanks guys will try those links if i get running again.have both those progs Simon and Malware did find something but today as soon as I booted up I got the same 100% cpu usage problem.Ran Combofix again but now im stuck on the windows welcome screen :mad:
Its getting annoying now.cant even get it to run so I can save files and stuff and do a clean install.
Safe mode?
Quote from: Rik on Oct 28, 2010, 18:46:49
I really am beginning to think of having a net machine which I image up in Acronis and then just re-install if there's problem. Isolate it from other machines on the network, but give it access to printers. :shake:
A simple answer that certainly works is the new Avast Internet Suite which offers a superb Sandbox virtualisation system for any application you choose.
I had shied away from any of the suites/av-firewall combos due to the often dire effects on performance and the fact that mnay of them actually are proven to give less protection than many of the free offerings.
Wanting something else to do I have over the last couple of weeks tried applications from the top of the VB100 list. G-Data,Ikarus and TrustPort . G-Data and Trustport had several applications , each of which I found to be hopeless as they bogged down my system to the point of being unusable.
Having gone back to Avast5 Free the GUI has been carrying an upgrade offer,50% discount time limited, for their new suite. So for the last few days the trial version has been running on 2 machines here and I have to say it is excellent. There is zero lag even running a browser in Sandbox mode.
This system means you can visit suspect (or even known bad sites) and your system is secure from attack and any application you are unsure of can be run in the Sandbox to check its function without it being able to execute on your machine.
( To get the 50% upgrade discount it looks like you need to install the free version first)
well...here I go again,trying to get the thing running that is ;D.had to do a clean install so i'm in the proceeds of getting it back to how I like it so beware of lots of daft questions in the next few days ;)
starting with how do I change the keyboard to english one,at the moment I cant type some symbols the 'at' one for example types as this " I just cant remember how to do it :blush:
;D
Control Panel > Regional & Language options, Baz.
tried that but didnt see any thing connected with the keyboard.have the country correct, does it need a restart?
That should knock through to the keyboard as I recall it, Baz. Reboot anyway.
Which version of Windows Baz?
Booting into Safe Mode should stop it from loading as chances are its added a registry key to start itself as a system service.
XP Dorset if you have any tips for me but......@@@@@@@ I found it thanks.that daft EN symbol on the taskbar has a settings option in the menu.
heres a question I just remembered,after a clean install do I need to activate windies again? still using the same disc which has already been done whenever I got it,will it stop working if I dont,and how do I stop the 'activate this now...'bubble showing up
You will need to Baz.
You can activate as many times as you need, the complication can occur if you change something such as your CPU as the hardware hash changes.
thanks :thumb:
NP
Ramnit.a!htm - the advice is to rebuild.
http://www.bleepingcomputer.com/forums/topic354757.html/page__p__1983863__hl__ramnit__fromsearch__1#entry1983863
If you activate to many times and its a retail version you may have to call in for a code to type in from what I recall.
Deep joy, Glenn. :(
Quote from: Gary on Nov 01, 2010, 12:16:29
If you activate to many times and its a retail version you may have to call in for a code to type in from what I recall.
I've actually had cause to test that out recently with a retail copy of Vista. Long story short the PC would install and then fail to see the installation as valid due to what turned out to be a hardware fault. This happened at least five times, possibly as many as ten and every time Vista would authenticate with Microsoft.
I was rather surprised at that so I'm wondering just how many times you can reinstall or if there's a different criteria i.e. hardware mapping to a signature tied to the key.
Quote from: Gary on Nov 01, 2010, 12:16:29
If you activate to many times and its a retail version you may have to call in for a code to type in from what I recall.
If it is stored by MS, the same way as XP. Then after 6 months the records are deleted, so the codes will work again, without need to contact MS.