Windows + Firefox = viruses
 

I just got a trojan downloaded to my PC (Windows 7). The timestamp on the files shows 20:46, they downloaded to c:\programdata %userdata\locallow\roaming. The virus pops up a number of very convincing 'delayed write error' messages.

It then tries to sell me some kind of PC fix software, and requests repeatedly to run a privileged 'reinstall.exe' app (this was denied as I have full password-enabled UAC). It also kills taskmgr.exe so I had to kill the processes via cmd.exe/taskkill.

The other thing it did was set all my files to +H (hidden).

WRT the timestamp, my history for the 10 minutes before the trojan got downloaded shows:

amazon.com
sennheiser.co.uk
google.co.uk
google.com
flyertalk.com
headphone.com
*.cnet.com
nytimes.com
printerland.co.uk

Nothing bad there....

Firefox tells me my Java is vulnerable (6.0.210.6/se 6 u21).

I suspect, therefore, that Java is the source of the problem. http://threatpost.com/en_us/blogs/ne...it-kits-112811

Isn't it supposed to notify me that it's outdated?

Are you blaming Firefox for your computer getting a virus? :confused::confused:

Well, a lot of people said MSIE was insecure and to switch to Firefox. Now it seems to me that Firefox is no better.

If I was using lynx, which is a text-only browser, there's no way I could have got any virus.

So yes, Firefox is vulnerable.

If you think that it's better to you to run a text-only browser then, by all means, go ahead! :rolleyes:

No not really, but just dispelling the myth that Firefox is more secure. I don't think it is.

Well you do have a really good sample size, so there's that.

More secure than IE? Yes. Immune to java exploits? No, no browser is.

Your argument should be that java is not secure.

Sounds like you're one of the unlucky 1% who needs to get a Mac! :D

I have been using the combination of windows and firefox for years and think the last time I got a virus was back using windows 98. of course i use ad blocker plus and taco so that probably removes a lot of the crap.

the title of this post making a blanket statement that using windows and firefox means you will get viruses is just bad logic. there is a lot more to it.

oh and stop looking at the freaky stuff.

Partially because of this reason, and primary because of advertisements, I turn off all 3rd party plugins by default.

If you do not play games, you do not need flash, you definitively do not need bright ads flashing this and that playing horrible sounds, and not really many people even have use for JVM on browsers. (For me, sometimes some academics use java applets to illustrate some algorithms and such, maybe I get to one of those once a month :rolleyes:)

I have ....... plus on.

Youtube requires flash

Even if it is more secure (and a lot of that advice, IMO, went out the window with improvements in Vista and IE7+) "more secure" (or more properly, "less insecure") is relative and nothing is 100% (besides, perhaps, wget and parsing the HTML by hand *lol*)

With either IE or Firefox, it's imperative to keep your patches up to date. Chrome is the only one of the major three that's truly transparent about it, and folks on older Firefox versions (for values of "older" dating to the last 3.6.x versions less than a year ago) have to upgrade to 4.x semi-manually to be on the full upgrade cycle.

Enabling browser-side Java (and I say this as a server-side Java software engineer) is kinda sketchy. If you have to have it, it's really imperative to keep your patches up to date. 1.6.0_21 is nowhere near up to date.

I got the Win 7 Security 2012 virus a few weeks ago from visiting a collegiate athletics forum. I had to reinstall Windows to get rid of it, but it was about that time of the year anyways. I now use ....... since the virus was from a Flash or Java exploit.

Have always used FF. Have never had a virus.

Ditto, along with ....... Plus and, if you're really paranoid, NoScript.

....... did not stop my virus.

Why should it? It stops adverts not virus.

Your question should be why your anti-virus software didn't pick it up?

Windows = Virus

FIXED

Not necessarily, otherwise YouTube videos wouldn't play on iPads and iPhones.

iPads and iPhones are not the platform under discussion.

Neither was Flash under discussion, at least at the beginning of the thread.

I am trying to remember the name of this one, but I have had it a couple of times and have seen countless instances over the last 6 years or so. What have you done to remove the virus? Do you have any protection on the system?

The first thing I would tell you to do would be to download malwarebytes, (its free and it actually works really well. I would run a quick scan first, let it clean then restart and run a full scan, let it clean and reboot. See if that fixes your issue. If not I am happy to do what I can to help over the forums.

If you already fixed the issue and this was a post about FF and security, I apologize.

You got hit by a 'Drive By download' very common and browsing history means nothing. A single ad on any site COULD trigger the download. Was very common and still maybe for 'Drive by downloads' to happen on popular news sites and sports/entertainment sites.
I along with many others run FF + an assortment of add on`s + Win* and have never had an issue. Could be diligence in maintaining OS patching or luck? :D

Try using FF + "No script" addon.

The downside of NoScript is that sometimes, it is difficult to view certain sites.
It will also show you how some websites have links to dozens of other sides without your knowledge.

When u view a website, it shows content.
The content could be dynamically linked from tons of other websites.
Any of those external websites can contain viruses.
NoScript blocks out those other websites unless u choose to allow them.

Been using Win and FF and no viruses so far in years.
I've also been diligently updating the programs.

What was under discussion were vectors for infection of PCs through a web browser. Flash, Java and other plug-ins qualify.

Last I heard, an iOS device is not categorized as a browser plug-in. That said, there is one virus for which those devices are a vector:

iTunes ;)

Time to make sure you have Malwarebytes on your computer and log back on in safe mode with networking to clear it up.

I use FF, but I rely on Microsoft Security Essentials and Malwarebytes Pro to protect me from viruses and malware. Some people use Avast instead of MSE, but everyone loves Malwarebytes free and Pro. Pro has the real-time protection and updating.

My OS is diligently patched, I actually sent Microsoft a fairly long email in 2009 about a HTA vulnerability affecting my fully patched IE, it used javascript and AJAX to dowload and decode a trojan on the fly. Never got a response and switched to Firefox around that time.

Java is supposed to update itself, not sure why it didn't in this case.

I'm paranoid! ;):D

+1

Hackers sometime exploit vulnerabilities before they could be corrected or detected.

You just had bad luck. Sometimes it happen.

Some time ago a computer of mine got infected by the Blaster worm the first day (apparently) it was launched. No one knew it, no references to it. Lots of work before restoring the functionality of that computer.

Just another data point.

I use QuickJava, which allows me to turn on/off Javascript, Java, Flash, Silverlight, images, and Css. It's done from a toolbar at the bottom of the screen. An excellent utility.

For me, I just copy and paste address to Chrome for my video needs. (YouTube, TED, other blogs)

The QuickJava seems fantastic and I will give it a shot. ^^^

As others have said:
What Viri/malaware scanner were/are you using?
Are you logged in as admin or a reg user? Did you nerf the UAC?
What software was installed recently, was it ad supported, was it browser bar supported? was it licensed legally(no key gens/no full version download here)?
What online games did play, what FB game did you play?
How many YouTube videos did you watch, did you click on any links to make a banner or other screen clutter go away on those ads/games?

You could easily title the thread as Windows + Safari/IE/Opera/Chrome/FF = Virus
When it actually should be Windows + AVG(or what ever Viri/malware scanner you are using) = Virus

Actually, Java will only advise you of updates and/or run automatic updates if you have it set up to do so. If you’ve elected to run updates manually, then you obviously need to be diligent about checking for them. The current version is Java 6 update 30 – since you're only at 6.21, you clearly need to either change your update settings or be more disciplined about your manual updates. Go to the Java website to get the current update.

Which anti-virus/anti-malware package are you running? Do you keep it up-to-date on a constant real-time basis? Is it part of a security suite that includes a firewall? If you’re connecting anywhere other than your own well-secured wifi router, then you should definitely be running security suite.

If you’re not running at least an anti-virus package, then you can only blame yourself for the infection. There are a lot of excellent paid security suites out there—you can check out PC Magazine’s latest reviews, for example. Most of the new security suites are pretty much dummy-proof, and there are even a few very decent freeware packages, so there's really no excuse not to have one if you don't already.

As others have pointed out, there is no browser that can protect you fully from exploits. It just so happens, however, that Firefox is one of the least vulnerable. But it needs to be properly maintained. You need to keep it updated.

You also need to keep your add-ons updated. For instance, do you know whether you have the most current version of ....... Plus and the most recent version of your subscription filter(s)? Are you aware that there are multiple filter subscriptions for ......., each designed for different regions/languages/site types? Go to the EasyList/....... website and review the filter list. Subscribe to all of the filters that might be relevant to your surfing habits.

That said, as has already been mentioned, ....... is only one small piece of a better-secured computer. Research some of the other great add-ons out there, including Ghostery (we run it as a supplement to ....... Plus, but running both can make some websites a bit wonky); BetterPrivacy (blocks so-called super cookies), and Flashblock (allows you to control when flash does/doesn’t run on a page-by-page or site-by-site basis). There are many others.

You might also want to consider installing something like SpywareBlaster to block malicious cookies and ActiveX spyware on both IE and FF.

Sort of. I think you can get by with just html5 these days.

Not sure why you're blaming Firefox for a Java vulnerability... :confused:

Drive-by malware installations often occur because of malicious code in banner ads on otherwise reputable sites. Not much you can do to combat this, unfortunately, besides keep a well patched and well protected system. The net is a dangerous place, and if you venture out at all, you have to expect this.

According to that page, videos with ads (which is quite a lot of them), still require flash.

No, your computer is vulnerable. What virus, malware, etc. protections do you have installed.