Viruses From Firefox?

snipes1988 · ‎07-08-2009

i was watching TV on a website, when I saw that it Norton 360 scanned a file that was downloaded from that site. I never downloaded anything, somehow it did download though. Norton found an adware virus in the download. I looked at where it was downloaded,(The location was "c:\users\name\appdata\local\temp\ofppwf_9.exe.part", and there was one in firefox profiles.) and I had Norton 360 scan my appdata folder. It found 4 Trojans in it. The location os the 4 viruses was "c:\users\name\appdata\locallow\sun\java\deployment\cache\6.0\56\". My question is, how did I get those Trojans, Are there more in other folders?

Any Ideas?

SendOfJive · ‎02-07-2009

snipes1988 wrote:
The location os the 4 viruses was "c:\users\name\appdata\locallow\sun\java\deployment\cache\6.0\56\". My question is, how did I get those Trojans, Are there more in other folders?
Any Ideas?

If you have not updated your Java program to Java Update 20 (1.6.0_20) you are vulnerable to exploits that are targeting a security flaw in earlier versions. In fact, Mozilla has disabled older versions of the Java Deployment Toolkit plugin in the browser as a further precaution. Did you happen to see a pop-up recently in FIrefox asking you to restart the browser in order to disable this plugin? From the location of the malware that was detected on your system, it certainly would appear that a Java vulnerability was used to deliver the malware. Please update your Java to the latest version and then in Firefox go to Tools > Add-ons > Plugins and disable Java Deployment Toolkit 6.0.190.4.

floplot · ‎04-11-2009

Hello snipes1988

Did N360 clean up those trojans or do you still have them now? What were the trojans listed? Perhaps this would be a good time to run a full scan with the free version of Malwarebytes.

Success always occurs in private and failure in full view.

Stevend · ‎04-23-2010

These four trojans showed up on my laptop today. Apparently they are only a week old.

http://community.norton.com/t5/Norton-Internet-Security-Norton/Infected-with-three-hi-class-trojans-...

snipes1988 · ‎07-08-2009

I did not update my java at the time, but now I did. Should I keep the Java Deployment toolkit plugin disabled? Or should I now enable it because I updated it to the latest version. I did a full system scan with Malware Bytes and it found an adware thing. "C:\Program Files (x86)\Mozilla Firefox\extensions\{7a421f25-2f30-a619-8b31-52c5390d5a40}\components\IW-VcYImx_4.dll (Adware.BHO)" I had Malware Bytes fix it. Then I ran a Norton 360 full system scan in safe mode. All it found was tracking cookies and I had those fixed. It seems as everything is ok now.

SendOfJive · ‎02-07-2009

Hi snipes1988,

You should have two Java Deployment Toolkits showing in your Firefox plugins list. Leave 6.0.190.4 disabled, as this is the old, vulnerable version. You should have the other version, 6.0.200.2 enabled.

Norton 360

Viruses From Firefox?

Re: Viruses From Firefox?

Re: Viruses From Firefox?

Re: Viruses From Firefox?

Re: Viruses From Firefox?

Re: Viruses From Firefox?

Products

Services

Support