Jump to content

Default Browser hack

  • Please log in to reply
No replies to this topic

#1 Guest_bugbugbug_*

  • Guests

Posted 03 November 2006 - 12:55 PM

Hi. I came across a topic on your forum which was of interest.

In this topic (now closed): http://forums.spywar...showtopic=87508
.. a user here recently reported some nasty trojan that his firewall caught accessing Port 3460, duplicated the Default Browser's process in Task Manager, and slowed down the computer. Other tried to help, but with no luck - the trojan was undetected, even with the usual av/spyware/rootkit detectors. The OP decided to format the harddrive in the end, and the topic was closed.

The following link describes the symptoms, which trojan (or variants) it is likely to be, and what files are known to be dropped onto the system, and how to manually remove it: http://kb.mozillazin...exe_always_open

Note: the problem is not exclusive to Firefox (it attaches itself to the Default Browser), but strangely seems to be almost exclusively reported by people who have Firefox installed. Unfortunately, as it is such a nasty and hard to detect trojan, many people just end up reformatting - and positive identification of the trojan vs # of people infected is alarming low.

Edited by bugbugbug, 03 November 2006 - 02:27 PM.

Member of UNITE
Support SpywareInfo Forum - click the button