Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox? Spyware?


  • Please log in to reply
8 replies to this topic

#1 yano

yano

    I can see what you post!


  • Members
  • 6,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:43 PM

Posted 07 April 2005 - 10:15 PM

C:\Program Files\Mozilla Firefox\firefox.exe
Diagnois: Found a possible backdoor!

While executing the program aČ detected a possible malicious behavior. Normally this behavior is common for backdoors only. In rare cases this can be a false detection of legit server software. It's recommended to terminate the program and to submit it for further analysis.


C:\Program Files\Mozilla Firefox\firefox.exe
Found a possible LAN bypass backdoor or spyware
While executing the program aČ detected a possible malicious behavior. The program tries to invisibly send data to the internet. If you are sure you want that program to continue its invisible datatransfers allow it. If you are unsure or you don't know that programm terminate it and send it in for further analysis.


C:\Program Files\Mozilla Firefox\firefox.exe
Found a possible trojan or spyware downloader
While executing the program aČ detected a possible malicious behavior. The program tries to invisibly download and install files from the internet. If you don't know that program its highly recommended to terminate the program and to send it in for further analysis.


Ok I just got A-Squared and when I went to open up Firefox I got these 3 messages? Could this be because of my problem with the Javascript? Or is normal for the first time I open Firefox?

Edited by yanowhiz, 07 April 2005 - 10:16 PM.


BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:43 PM

Posted 07 April 2005 - 10:38 PM

Its a false positive.

#3 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:09:43 PM

Posted 08 April 2005 - 07:52 AM

What application is issuing these warnings?

#4 yano

yano

    I can see what you post!

  • Topic Starter

  • Members
  • 6,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:43 PM

Posted 08 April 2005 - 08:11 AM

Ok first thing, Grinler, how is this a "false positive?"

And also if you read my first post you would have noticed at the bottom I said I'm using this new program called "A-Squared."

Is the perfect addition to antivirus - Against Trojans, Worms, Dialers and Spyware!

a-squared Personal New Version 1.6!
(with scanner and background guard with IDS)

A-squared Personal is a Malware scanner and remover of the latest generation which is specialized in Trojans, Dialers and Spyware. So it is the perfect addition to your existing antivirus software. [read more]

Unbeatable realtime protection

The a-squared background guard prevents harmful programs running on your PC. It blocks Malware before it can become active. To do so, it uses our unique and highly effective behavior analysis technology to provide an Intrusion Detection System (IDS) which alerts you immediately if any running programs exhibit suspicious behaviour. [IDS details]

Reliably prevents against:
*Trojan Horses
Including keyloggers and backdoors, which open up your PC to attackers control or use your PC to send spam emails.
*Worms
Bagle & others are worm viruses which usually arrive as an email attachment. Worms can destroy all your saved data.
*Dialers
Change the dial-in number of your modem connection to premium rate numbers causing high phone bills .
*Spyware
Adware and HiJackers continuously show annoying popup ads and spy your private data as well.



#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:43 PM

Posted 08 April 2005 - 01:33 PM

Yes a-squared has a problem where it reports a false positive, for whatever reason, on firefox. I have seen this before. There is something in its detection engine that thinks firefox is aproblem when its not.

#6 yano

yano

    I can see what you post!

  • Topic Starter

  • Members
  • 6,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:43 PM

Posted 08 April 2005 - 01:40 PM

Oh, ok thanks. Good thing I have nothing to worry about then...

Also after completing the 4 hour scan of my hard drive with it (27.9GB) it said it found 2 things and it removed them... However I'm still having my firefox problem and I have both "Java" and "Javascript" disabled...

#7 BlueFury

BlueFury

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:43 PM

Posted 08 April 2005 - 09:02 PM

You can still get spyware from programs that associate itself with firefox - in my case, I had used firefox preloader before I learned that it hogged up a lot of memory (I learned this until way after I installed Preloader, unfortunately). A website, www.dirs.org, had attached spyware to this Preloader program that forced my computer to load the dirs.org website as it preloaded firefox.

It drove me nuts until I figured out that having Preloader on my system was causing the problem (among others) - if you have any programs that claim to help Firefox's functioning, it may add a spyware backdoor to Firefox without meaning to.

#8 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:09:43 PM

Posted 08 April 2005 - 09:10 PM

The program tries to invisibly send data to the internet.

Firefox does send crash data to the developers so they can see whats
going on.You can choose to disable this when you install FF.
Although it's disabled the functionality is still there and probably
being detected by aČ.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#9 yano

yano

    I can see what you post!

  • Topic Starter

  • Members
  • 6,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:43 PM

Posted 08 April 2005 - 10:27 PM

yea i got the popup problem fixed! :thumbsup: i posted a hjt log and someone helped me, so now i have no problems. :flowers:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users