Visited an attack page in Firefox...

Toggle sidebar Toggle sidebar
T

thirtythree

Diamond Member
Aug 7, 2001
8,680
3
0
Firefox came up with the "Reported attack page" on a page I had bookmarked, and I clicked "Ignore this warning" to proceed to the page (why? I don't know) then closed it immediately. I scanned my computer with TrendMicro HouseCall, which found this trojan -- I don't typically use this scanner though, so it's possible it's from before and AVG didn't detect it. Then I did a full scan with AVG Free which found nothing. I haven't noticed anything strange but I'm wondering if I should still be worried. If it helps, here is the Google info on the page:

http://safebrowsing.clients.google....efox&hl=en-US&site=http://www.vegcooking.com/

Would it be possible to get something like a rootkit just from loading the web page using Firefox 3.6? I ran the free version of Sophos Anti-Rootkit but it just came up with over 100 "Unknown hidden file" messages -- those which I recognized were legitimate programs.

Thanks.
 
balloonshark

balloonshark

Diamond Member
Jun 5, 2008
7,165
3,630
136
I'm no expert but from your first link it looks like an adobe reader exploit. If it was up to date and the browser plug-in was disabled you might be ok.

It wouldn't hurt to scan with other quality scanners. You could run the free (scan/remove only) versions of MalwareBytes and SuperAntiSpyware for a second or third opinion. You could also scan with a quality online scanner. I was going to suggest Kaspersky's but apparently it's being improved.

http://malwarebytes.org/

http://superantispyware.com/

Also, I would suggest disabling the browser plug-in for any PDF readers you may have. It may also be wise to disable javascript while your in the options/preferences. PDF's seem to be the bad guys favorite way of distributing malware at the moment.

Not sure which browser your using or the options but be sure the browser prompts for all downloads. This would give you another chance to say no to the download/malware.

Edit: For an online scan try ESET's (NOD32). http://www.eset.com/online-scanner
 
Last edited:
T

thirtythree

Diamond Member
Aug 7, 2001
8,680
3
0
Thanks for the suggestions. Malwarebytes and SuperAntiSpyware came up clean so I'm probably okay. I disabled the plugins I don't need also. It sounds like the exploits are for older versions of Adobe Reader, plus the web sites they try to access are unavailable. I was just concerned that I might have something else unrelated.

EDIT: Do most virus scanners (or any of these) detect MBR viruses? I assume they're pretty uncommon, but I saw one recently so I'm a bit paranoid.
 
Last edited:
Chiefcrowe

Chiefcrowe

Diamond Member
Sep 15, 2008
5,056
199
116
Yes as far as I know most modern Antivirus programs will scan for MBR viruses. However, Antimalware programs don't scan for these things.
 
mechBgon

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
thirtythree said:
Would it be possible to get something like a rootkit just from loading the web page using Firefox 3.6?
Click to expand...

If you were running FF at non-Admin privilege level, then almost certainly not, because it would take Admin privileges to install a rootkit. Are you on Vista or 7 with UAC enabled, or on WinXP with a Limited account?

This would be a good time for you to check your rig for vulnerable stuff using the free Secunia PSI utility, too. http://secunia.com/vulnerability_scanning/personal/
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom