From: "Duh_OZ"
| http://www.bitdefender.com/VIRUS-1000451-en--Trojan.PWS.ChromeInject.B.html
| =======
| It drops an executable file (which is a Firefox 3 plugin) and a
| JavaScript file (detected by Bitdefender as:
| Trojan.PWS.ChromeInject.A) into the Firefox plugins and chrome folders
| respectively.
| It filters the URLs within the Mozilla Firefox browser and whenever
| encounter the following addresses opened in the Firefox browser it
| captures the login credentials.
| ========
Subject: Avert Labs Low-Profiled Threat Notice: Generic.dx!707DA3A8
Notice
This is a Low-Profiled Threat Notice for Generic.dx!707DA3A8
Justification
Generic.dx!707DA3A8 has been deemed Low-Profiled due to media attention at
http://www.theregister.co.uk/2008/12/04/firefox_plug_in_trojan/.
Generic.dx!707DA3A8 is referred to as "ChromeInject-A" in the article at
theregister.co.uk.
Read About It
Information about Generic.dx!707DA3A8 is located on VIL at:
http://vil.nai.com/vil/content/v_153534.htm
Detection
Generic.dx!707DA3A8 was first discovered on December 4, 2008 and detection was added to
the 5436 dat files (Release Date: November 16, 2008).
To stay updated and protected download the latest dat files from
http://www.mcafee.com/us/downloads/index.html
If you suspect you have Generic.dx!707DA3A8, please submit a sample to
http://www.webimmune.net
Risk Assessment Definition
For further information on the Risk Assessment and Avert Labs Recommended
Actions please see:
http://www.mcafee.com/us/threat_center/outbreaks/virus_library/risk_as...sment.h
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV -
http://www.pctipp.ch/downloads/dl/35905.asp
FAQ
Profile
Private Messages
Log in
