Firefox 3.6.3 Exploit is Out There
Damn. I can’t rememer exactly what I was browsing… Looking for some MAD TV stuff usin Firefox. I normally use several different browsers, but only FF and Chrome were active, and FF was the one I was using. Suddenly FF crashes and up pop this fake security scanne from an exe called VMA.EXE stored in Local Settings. It tried to make a network connection that the firewall stopped. I killed it and it came back up. There was anothe file in the same subdir with a number for a name and the same timestamp, both with hidden or system attributes. I nuked them, but they must have rewritten the EXE handler for Explorer.exe as no Programs would run – they would pop up the “select program to run this file with” dialog. I had seen a similar piece of shit a few weeks back in one of the kids machines.
Messing with an infected machine is a waste of time. I immediately shut it off, popped in the Windows Home Server recovery disk and restored a backup. It didn’t look like this crapware was some sort of “sleeper” so I was back up and running with just a hicup.
This reminds me… Maybe I should be using VIrtual Machines for browsing… I used to run my entire machine as a VM. I want to use VMs to offload a bit from my desktop workstation. This little incident was a bit of a reminder to stop goofing.