FireFox & SystemDoctor

[Yegvardd]

For information:-

I am have just been re-installing software after re-formating and reloading Windows XP. Firefox 2.0.0.3 is loaded and F-Secure Internet Security 2007 up and running. (All updates right up to date.) I have just downloaded-loaded plug-in ForecastFox 0.9.5.2 and re-started FF. Clicked on the green icon to check on that the weather location was still correct (from MozBackup) and FireFox minimised and I had two dialogue boxes pop up. On becoming increasingly suspicious that something was up I checked Adblock Plus, by right clicking, but didn't get the expected action box. No box at all on the click!!

One box was a SystemDoctor variation on the Wickipaedia page http://en.wikipedia.org/wiki/WinFixer (found on a Google search.) The other was a very small (minimised) sort of box, which I didn't click on.

Ran a-squared at both levels and apart from tracing cookies only a menman.vxd file came up as a medium risk. Curiously, the following day both F-Secure and a-squared found RiskToll.Win32.Pskill.1101 files, missed the day before. All now quarantined.

So Firefox isn't totally immune from this social engineering malware. But still a safer bet than IE. Would it be possible to block (filter) out known URLs that cause these script problems?

Hope this helps some one

Mike

[Mrkvonic]

Hello,
Firefox is immune to nothing. It's up to YOU.
Where did you download the extension. From official site? Otherwise, who knows what the extension packed. It has nothing to do with Firefox.
Mrk

[Yegvardd]

HI,

Yes the ForecastFox plugin came off the Mozilla secure server. Due to several re-installs, OEM advised for other reasons. This is not the first time I have taken the download. But it is the first problem.

Maybe it was timebombed, from another site, but the problem announced itself immediately I clicked on the green globe icon. I have one of this year's best software firewalls, so I do take security seriousluy.

Far from saying FireFox was immune I was highlighting a weakness, which I thought someone may benefit from knowing about. The man in the street struggles to know what a browser is, although he knows what it does. When someone tells you of a problem, and you ask if they have anti virus on board and they say yes it came with the computer but then deny updating you have to worry.

The man in the street needs help and guidance. I have a little knowledge, which may be dangerous, but I didn't click anywhere on the the window, I used the Task Manager. I suspect very few people would do that. This is a highly specialised forum, but still with a great range of experience and knowledge.

It's like driving a modern car, they just get in and drive - no idea what is under the bonnet.

Mike