User Help for Mozilla Firefox
7 posts • Page 1 of 1
I recently changed malware/virus protection and it detected vbs loveletter in my cache. This could explain some odd behaviour lately! All now dealt with, but I thought this spread by opening dodgy attachments? I always delete strange mail on sight. Or could it have got there through a genuine mail or just through surfing?
I forgot to say that I periodically delete my cache yet somehow this remained.
As Loveletter rewrites several files, manual removal is very difficult.
As a general rule, as long as the corrupted dll, exe or vbs script remains on your disk, deleting the cache is of no use since the infected files are created again at each start up.
You need a specific tool like:
http://www.symantec.com/security_respon ... 09-4441-99
And of course you must, if not allready the case, force your system to show hidden files and extensions,e.g. xxx.dll.vbs instead of xxx.dll.
What is curious is that Loveletter is indeed bound to mail (more specifically Outlook), and i suppose it can express itself even without opening the mail if you receive mail in html format and read therein some kind of script. It is also said to be spread through IRC or loading scripts on "darkside" websites.
Hereby, it needs IE to express itself and one should, if not allready done, firewall deny IE.
One can keep himself from this kind of infection by choosing mail only in text format and either disabling the vbs extension, either making the default option for it to be opened with Notepad.
Contrary to what brucine has written, anything in your Firefox cache is considered harmless. See this post http://forums.mozillazine.org/viewtopic ... 01#3241601 for a recent explanation.
Just be aware that if you try to run any programs that you download or receive in e-mails, Firefox cannot protect you against that. By design, Firefox will not run such scripts -- but YOU can. Just don't do it.
By the way, I can't think of any reason to delete your cache periodically. It empties itself as needed to make room for more. And if there's anything harmful there, it was harmful BEFORE you emptied the cache, wasn't it?
And don't discount the possibility of a false alarm. This sometimes happens.
If you do not open the mail message, you cannot have html rendered in it and therefore no scripts are going to be run. If you read the mail message as plain text, the same situation applies. Scripts will not be run.
If Firefox has to stop and clear things out of the cache to make room for more, that will slow it down.
Nonsense. It's designed to work that way, as is any other program that uses a cache.
Firefox doesn't run VBScript. It might download the code when you retrieve the message, but the script will just be ignored.
However, if you use the IETab extension to read email, then messages you open within that tab could run VBScript. But probably those would appear in IE's Temporary Internet Files folder rather than Firefox's cache.
So my best guess is that particular script never ran, and any problems with the PC have other causes.
7 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 25 guests