Firefox let a virus called "Best Antivirus 2011" through TODAY
I was viewing my watchlist on Ebay, when the whole page was replaced by a page saying I had 11 viruses in My Docs, 3 viruses in Files and 11 on my hard-drive. The options to "remove" or "cancel" resulted in "You have chosen to open Best Antivirus 2011"...which meant I had now downloaded it! I scanned the computer with my antivirus program and sure enough, IT found 3 threats...each being "Best Anti Virus 2011". I have repeated scan/removal 5 times, but it is re-embedding itself each time. SO MUCH FOR FIREFOX SECURITY! YOU have been hacked!
Additional System Details
- Default Plug-in
- Shockwave Flash 10.2 r152
- Npdsplay dll
- DRM Store Netscape Plugin
- DRM Netscape Network Object
- User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:188.8.131.52) Gecko/20110319 Firefox/3.6.16
Firefox is not an anti-virus program, it is just a web browser. If viruses are not blocked you need to look at the anti-virus program that you are using.
If a Virus (or "Trojan") can OBLITERATE my Mozilla Page, I THINK Mozilla" SHOULD BE CONCERNED!...SO FAR...Thanks for NOTHING! The VIRUS "got PAST" everything I had!
A virus can obliterate any program, not just Firefox. You need to ensure you have a good, anti-virus program with up-to-date signatures installed.
I am using the"Latest/greatest" (updated just YESTERDAY), Anti-virus protection POSSIBLE!...Yet I "got DONE!" DO NOT "CLAIM" wonderous skills/protections if you DO NOT have them!..."Just a browser" ISN'T good enough! I download YOUR latest/greatest "Version" with ALL of it's promises, only to find you "run away" when I get HACKED!
Why are you NOT checking "yourself"? I HAVE WARNED YOU OF A VIRUS THAT GOT TO ME VIA FIREFOX! I got "caught out" by it...I am TRYING TO WARN OTHERS! Hit "Cntrl, Alt, & Delete" if this happens to YOU...DO NOT try to "Close", "Cancel"...or ANYTHING ELSE...or it will DOWNLOAD!
hieeeee! sorry to interrupt , Firefox is a free source of Browser it has nothing to do with virus or any kind of downloads . I have faced the situation which you had mentioned but you trust me or not a excellant internet security can shut the doors of those fake site . Its not just in Firefox it also happen in IE . So i recommend you to use Trend Micro "Titanium" Internet security Or Trend Micro "Titanium" maximum security. Okay i am not promoter of this Internet security but it has 100% detection rate so if anything it fails to catch; then u can take money from the company hehehehehehe :p uuhuuuu .... To other if you face the above situation just use Alt+Ctrl+del click application select firefox and click end task or Alt+Ctrl+del click processer search for firefox and click end process simple! ;) then disconnect the internet and scan Windows folder , if no viruse then celebrate and even call me or if virus then throw your internet security because it failed to do what it should have. I tested trend micro personally by going to sites which contains tonnes of hacker/worms/virus but this bad internet security blocked all :'( very bad na? I hope this helpzzzzzzzz even if not what can i do :p . Not IT guy just a 24x7 pc user boy ............
Modified by simon080
I WAS/AM using Trend Titanium (Full Version), and "Best Antivirus 2011" stomped in right over the top of it! Now... (not knowing to hit ctrl+alt+del), I hit Close, i.e "x", then "Cancel", then "minimize", so I could call a friend for help. This meant the Virus downloaded 3 times. Trend "Live Help" terminated my session before I could type details they had asked for! Simon080's response was useful BEFORE you are hit, but even if you minimize the screen to look for help, the virus will download. I believe I have beaten the bug! I ran a Trend scan approx 8 times. Each time, it found 3 threats, & I "paused" the scan, writing down the File, for each threat. The virus threw out new threads at each scan. I went into each thread (I had written down) & because I knew the EXACT TIME the virus had slammed me, I deleted each File modified AT that time, or up to several minutes later (when I was scanning with Trend) INCLUDING a "modified Firefox File". Then, I scanned again, with only 1 threat found. I was then going to take the computer to a Tech, but after turning the computer off for the night, there was NO threat found next time I turned it on. CAUTION HERE...The (in bold line) "Number of Threats Found;0" line would drop down a line, then bounce back up to its "normal" position in a split second...If you blinked, you would miss it!...SUSPICIOUS. THAT computer has been OFF-LINE since March 30. Repeated Trend scans, defrags, then more scans, show NO threats & the bold line no longer drops/jumps back up. I will call a friend (to check if I should/can RESTORE to settings and system as it WAS days before the virus hit)...I think I should be set to go. Trend received a "NOT HAPPY JAN" email from me, and didn't even have the decency to respond, much less offer help or advice!...So much for SUPPORT...They will be hearing from me again. There aren't even any updates for Trend SINCE I notified them of this virus and their Software failure.
hieeeeeeeeeee Mr.Jeniedreams03 firstly :p uuhuu , one serious thing is what ever i am going to write next is professional but i am again saying i am not IT guy just a kid who love virus , hackers , worms experiments ;) . I agree 3 things enter your PC when you face that situation (as i faced the situation 1 time by mistake and 4 time purposely long before) but this 3 thing aren't virus :p. One of it is url dialer (an hacking tool which joins with our browser) second is virus (a very basic virus which can be found by any anti-virus mostly win-32 trogen) thirdly; now here comes the champ, an hiding tool which act as hacking tool but its a mix of all virus+worm+hacking tool(its not rootkit, which also functions the same). Now you can think "why a boy is giving this shit of description ??" okay the theme behind this was, first to know with whom you are fighting then plan a head (this is my coaching techq of chess) , now make the tools available and finally make the use of available tool or weapons. What I mean? Trend security got 100% detection rate in anti-virus scanning , now some fools would not even read it , dear it only has 100% virus detection rate but not hacking tool or worm (they all are different, you can Google because I learned from there ;) ) so it can remove virus efficiently . Now what to do with other two bad guys? hmm.., let me first warn you if you get virus and there are many imp file in PC never run a anti-viruse , just turn anti-virus off (may sound funny but i spent 4 years in it, so your wish to believe me or not) also turn internet completely. Use a tool like Advance System care 3 stable version (very efficient in detecting url hacking tool) and do "Maintain window" scan full then do "Diagnose system" (just uncheck the disk defragment ) scan, now again do "Maintain window scan" , now use CCleaner : till now you will have deleted the first two threat hahahaha:D now third threat . This third treat feeds on first two so the best way of scanning is restart your PC while rebooting press F5 or F8 and click the "last best configuration"(some time virus dont allow you to resteart pc thats why this step is dam imp ok? :p) . Now immediately use ccleaner and next anti-virus scan , it will solve the problem. Now use the both step of Advance System care 3 . You will feel like God of the Virus+hacker+worm because you had beaten them badly hehehehe :D . Now to the user who dont have imp data in pc what will they do ?? Just format windows or linux or any u hve :P hahahha. Always try to have two anti-virus! if one get attacked the other will help.. IMP note: the above method will only work for newly infected PC with pre-intstalled security programs . Please use don't be afraid to try and find new ways. You can ask any programs related queries but i won't answer hehehehehee :p lolxx
Modified by simon080
@jeniedreams03 : I can't believe what you said "i use Trend " and even if its true you have not made full use of it because after reading your difficulty I again conducted the experiment and you know what ?? Trend Blocked the access to that site and that to very forcefully , no matter how many time i clicked to view the page it blocked then I turned off trend and as i am mad i went to that site , this time 3 thing were about to enter but Norton 360 told them not to come in my friends PC :'( so they went. Now you can ask, why you were not able to detect and i was., right? the few thing we all should do is; keep your PC clean (best ccleaner stable version), keep PC turned on at least for 3hr a day (auto scan is carried by all anti-virus) most Imp is that, you failed to keep the internet security to high level i.e. change the setting of security suits from normal to high(only internet security not anti-virus because if your PC config is low then it may damage hard drives or may even corrupt it). I hope you will try it and give me some smile when you will kick the virus in style ;)
Modified by simon080
To all who like to keep browsing safe and secure use Mozilla add-ons. you can search or ask me for the best...................................................... Mozilla Rokzzzz :)
Hi Simon080. I do NOT think what you are telling me is rubbish...in fact, thank you for getting a bit technical. If I understand you...I DO still have part of the virus "sleeping" in there?...This would make sense, because I didn't delete every single modified File (I was too scared to). I will do as you suggest, and see what happens. One question; What do YOU mean by "CCcleaner? Is that part of Windows, or a separate program I would need to purchase? You were "spot on" as to where I found some of the virus threads too. Thanks.
@All user: This situation only happen while visiting a site which has low security level or due to clicking any advt.. so be alert because this isn't Mozilla's fault ..
@jeniedreams03: i may be your friend but when it comes to asking somthing Google is Bestfriend ;) CCleaner is a freeeeeeeeeeeeeeeeeeee tool that delete the waste things from PC , why you need it ? because Virus(not exactly but surly worms) breed on this waste and grow like big big dinosaur .(i am afraid of them :-( ). but dear its been a week na since you got infected ? you know why you are able to use your PC even after it was infected this is because that three thing is developed to earn money from internet , though i can't explain the entire process but its true . You can ask for more Doubt to some mad people not me :p uuuhhuu heheheh lolxxxx
Modified by simon080
sorry sorry Mr. dreamer again i conforms the three things that enter isn't very strong in nature but they will open the doors for other i.e this three don't have multiplying capacity but this will allow there friend to come in your PC and have party in your PC .. Do it at earliest and all the best .. Simon.email@example.com for software related help can ask on this address but i hardly be online heehhehhehehee now i will study tataaaa ba-byeeeeeeee best of luck! ;)
Modified by simon080
The Internet setting at the time of being hacked WAS "medium", and Trend had been updated just 2 days before the virus hit...this is why I was SO angry about it. It slammed in when my Son clicked on a watched item in my Ebay...I alerted Ebay to the virus and the item my Son had clicked on too. A Tech installed it on my laptop, and I used the same settings he did on the other computer (purchase of Trend Titanium allows it to be used in 3 home computers)... I will keep you posted as to how I go Simon080...obviously something wasn't "right".
No worries Simon080. I have only used THAT computer OFFLINE since the virus. Thank you for all your help. I printed it all out, and will follow it. Happy studies to you, and kind regards.
hmmmm okay i can tell where the bad guy viruse/hacking tool is but you should give me treat hehehe sorry i cnt be serious . reinstall firfox completely(after the above process). because browser is infected i am very sure. second after scanning with trend install avast anti-virus free version do boot scan(Avast in camp in removing virus from system files) please beware while sacanning boot , don't delete the system file (it will ask you do you want to delete system file say no/skip) after the work is done remove avast . since it won't be possible for you to handle two anti-virus so remove trend and install Avast and then after the process get over (after boot scan) reinstall the trend because u hve paid version as you mentioned. NOte: You wont be able to handle two anti-virus n i am very serious so only keep one. i can tell all the places where the virus but its no use it can never be removed physically(that is deleting it directly) . but still you asked me so i will System Volume , windows file in c; drive , some internet softwares like browsers , your anti-virus(this is the reason i asked u to use another anti-virus) , document files , other drives system volume , software that is there in you pc , registery .... many seem big list but if you keep following what i said , they will lose and you will win . i faced virus nearly 10000 times ,its great fun to have them. why? it makes us tensed , makes us to think(which i dont do in usually hehe) , makes us to google (good habit) , teach us a about technology and many more
Modified by simon080
thx for the regards :p uuuhhhuuuuu
The more you tell me Simon080, the more "correct" you are. I feel like SOMEONE is helping, and yes, Trend won't "allow" another antivirus in there. I will do as you suggest. The "places" you listed the virus would be in were correct...even as you say...my Firefox Browser had been "modified" too. You say you are only a kid, but you are a fine kid. Again, thank you, I appreciate it.
You have what's commonly known as "Scareware" installed. These are rogue applications which purport to demonstrate that your system has been infected with one or more viruses and offers to remove them for you for a fee.
However, not only is your PC not infected and therefore there's nothing to remove, these scammers are after your credit card and bank details. It would be avisable therefore to keep an eye on both in the future if you succumbed to the scam in case unauthorized transactions start to take place.
There are around 200 of these authentic looking rogue AV apps circulating on the Internet. Here's a classic example of another one complete with screenshots: XP Security 2011
You'll find instructions on that site's forums on how to remove the one you've got.