• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

firefox crashing

B

bball1523

Senior member
Sometimes when I go to some websites, my browser suddenly crashes. This is with firefox 2.0. With 1.5 it never really crashed, but with 2.0, I've noticed crashes here and there. I think it may be advertisements that are causing this, but I'm uncertain.

It has happened recently when I visit operationsports.com's forum.

does anyone know what to do?
 
Based on a preliminary look, it appears that they or their advertisers have been exploited. Here's a screenshot of some of the network traffic, showing the culprit: expand pic to full size :camera:

7/8/2007 3:12:42 PM Script: hXXp://80.93.48. 74/wskfewfwtrqw/[4] detected Trojan program 'Trojan-Downloader.JS.Psyme.gr'
Click to expand...

So I guess it's a good thing you always use a Limited account to run your web browsers...

...right? 😉 Wake-up call! Normally-safe websites can be subverted.

Get going on an antivirus scan with a current-generation antivirus program; if you need one for free, AntiVir and AOL Kaspersky are a couple respectable free ones (use one or the other, not both). Also check your rig for vulnerabilities at Secunia and fix them, and here are a few more tips if you're interested.


[ / herding cats ]
 
Originally posted by: montag451
Did you uninstall the old installation of Firefox before you installed the new vers?
Click to expand...

I had reformatted my computer and installed 2.0 first.

Is the trojan that bad for my computer? Lately it has been that specific website at operationsports.
 
Originally posted by: bball1523
Originally posted by: montag451
Did you uninstall the old installation of Firefox before you installed the new vers?
Click to expand...

I had reformatted my computer and installed 2.0 first.

Is the trojan that bad for my computer? Lately it has been that specific website at operationsports.
Click to expand...

If it doesn't bother you that the bad guys might be getting some/all of the following...

  • a copy of everything you type, including CC numbers, eBay/PayPal log-ins and stuff
  • a screenshot of everything you see/click on the screen
  • your CD keys for your games
  • your WoW account to steal your stuff from and auction it
  • the use of your Internet connection and CPU power to send covert Spam with, host phishing websites on, and commit click-fraud with to make money for them
then yeah, it's just dandy to have Trojans and backdoors on your computer. Oh, and I forgot the important thing... they're crashing your browser. 😛

I haven't determined what the payload actually is in this case (my JavaScript de-obfuscation skeels are not up to the task), but that sort of stuff is the usual motive the bad guys are working from. You might not be infected, either... why not give your system a thorough check-up and find out 🙂
 
Originally posted by: mechBgon
Originally posted by: bball1523
Originally posted by: montag451
Did you uninstall the old installation of Firefox before you installed the new vers?
Click to expand...

I had reformatted my computer and installed 2.0 first.

Is the trojan that bad for my computer? Lately it has been that specific website at operationsports.
Click to expand...

If it doesn't bother you that the bad guys might be getting some/all of the following...

  • a copy of everything you type, including CC numbers, eBay/PayPal log-ins and stuff
  • a screenshot of everything you see/click on the screen
  • your CD keys for your games
  • your WoW account to steal your stuff from and auction it
  • the use of your Internet connection and CPU power to send covert Spam with, host phishing websites on, and commit click-fraud with to make money for them
then yeah, it's just dandy to have Trojans and backdoors on your computer. Oh, and I forgot the important thing... they're crashing your browser. 😛

I haven't determined what the payload actually is in this case (my JavaScript de-obfuscation skeels are not up to the task), but that sort of stuff is the usual motive the bad guys are working from. You might not be infected, either... why not give your system a thorough check-up and find out 🙂
Click to expand...

I used Antivir and it didn't find anything... any other recommendations?
 
Originally posted by: bball1523
Originally posted by: mechBgon
Originally posted by: bball1523
Originally posted by: montag451
Did you uninstall the old installation of Firefox before you installed the new vers?
Click to expand...

I had reformatted my computer and installed 2.0 first.

Is the trojan that bad for my computer? Lately it has been that specific website at operationsports.
Click to expand...

If it doesn't bother you that the bad guys might be getting some/all of the following...

  • a copy of everything you type, including CC numbers, eBay/PayPal log-ins and stuff
  • a screenshot of everything you see/click on the screen
  • your CD keys for your games
  • your WoW account to steal your stuff from and auction it
  • the use of your Internet connection and CPU power to send covert Spam with, host phishing websites on, and commit click-fraud with to make money for them
then yeah, it's just dandy to have Trojans and backdoors on your computer. Oh, and I forgot the important thing... they're crashing your browser. 😛

I haven't determined what the payload actually is in this case (my JavaScript de-obfuscation skeels are not up to the task), but that sort of stuff is the usual motive the bad guys are working from. You might not be infected, either... why not give your system a thorough check-up and find out 🙂
Click to expand...

I used Antivir and it didn't find anything... any other recommendations?
Click to expand...

Here's some: http://www.mechbgon.com/build/security2.html You might also want to configure AntiVir to do a rootkit scan when it's starting a scheduled scan (rootkits hide other malware). To have it do the rootkit scan, right-click your AntiVir umbrella icon, choose Configure AntiVir and then mark the "Expert" checkbox and go through all the sub-panels. I'm going from memory, it's in there somewhere. While you're in there, max out the heuristics (which is one of AntiVir's strong points) and enable all the optional detections when you see those options.

If you use FireFox, I heard good things about the https://addons.mozilla.org/en-US/firefox/addon/722">NoScript add-on</a>, which would help in the scenario you're in. If you use IE, you can disable Java and active scripting in IE's Internet Options > Security > Internet Zone, then set the Trusted Zone to Medium-High security and add trusted domains to the Trusted Zone list (mech's narrated screencapture how-to, Windows Media Player format).


Why does that help? Because it appears that there's a rogue advertiser, or a compromised ad server, which is putting a malicious ad banner on that site. From what I can tell, it uses JavaScript to run an exploit. Your system might not be vulnerable to the exploit, but that's beside the point; you can arbitrarily disable JavaScript and Java applets except on domains you explicitly "whitelist." So the ad banner, whose host domain is not going to be on your whitelist, wouldn't be allowed to do its thing.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top