Malware
Thread Starter
Join Date: Jun 2003
Location: UK
Posts: 474
Likes: 0
Received 0 Likes
on
0 Posts
Malware
My Ad-Aware runs tell me that I have the undernoted malware results in my Fire fox Bookmarks.
Family: Malware
Category: Browser: Firefox Bookmark URL: http://www.thebugs.ws/search.shtml?w...rom%20v7.0.8.2
Family: Malware
Category: Browser: Firefox Bookmark URL: http://www.symantic.com
I remove them, but, the next day the same two have appeared. Now, "thebugs" has connotations of spyware- but Symantic, I thought is a reputable company who wouldn't be involved in carrying out spying or spreading malware??
Besides which, at a glance on my list of bookmarks, I can't find either (I haven't pressed "Remove" on Ad-Aware yet.)
Is there a way to find them? And what would be the cause of them returning?
Thanks for reading,
Tosh
Family: Malware
Category: Browser: Firefox Bookmark URL: http://www.thebugs.ws/search.shtml?w...rom%20v7.0.8.2
Family: Malware
Category: Browser: Firefox Bookmark URL: http://www.symantic.com
I remove them, but, the next day the same two have appeared. Now, "thebugs" has connotations of spyware- but Symantic, I thought is a reputable company who wouldn't be involved in carrying out spying or spreading malware??
Besides which, at a glance on my list of bookmarks, I can't find either (I haven't pressed "Remove" on Ad-Aware yet.)
Is there a way to find them? And what would be the cause of them returning?
Thanks for reading,
Tosh
The first one implies an attempt to connect to a warez (cracked software) site, in this case probably to get a free version of Nero.
Ring any bells at all? Anyone using the computer likely to try this?
The second has got to be some kind of FP, on the face of it. But the fact they are not actually in your bookmarks implies something a little more sinister, perhaps an attempted browser hijack.
Any other symptoms?
Personally, I wouldn't touch AdAware anymore, support for SE has been discontinued, and the 2007 version I found exceedingly buggy and had plenty of false detections during its brief life on my machine.
Try scanning with something a bit more effective, like Superantispyware. (free and paid versions available.)
Ring any bells at all? Anyone using the computer likely to try this?
The second has got to be some kind of FP, on the face of it. But the fact they are not actually in your bookmarks implies something a little more sinister, perhaps an attempted browser hijack.
Any other symptoms?
Personally, I wouldn't touch AdAware anymore, support for SE has been discontinued, and the 2007 version I found exceedingly buggy and had plenty of false detections during its brief life on my machine.
Try scanning with something a bit more effective, like Superantispyware. (free and paid versions available.)
Spoon PPRuNerist & Mad Inistrator
Symantic is indeed a suspicious name - the genuine name is Symantec.
You probably have some malware / virus that needs cleaning out. Check your startup folder (yours and All Users) and the registry for "Run" or "Run Once" entries.
Lots of info available on cleaning up your system - Hijack This is a good start.
SD
You probably have some malware / virus that needs cleaning out. Check your startup folder (yours and All Users) and the registry for "Run" or "Run Once" entries.
Lots of info available on cleaning up your system - Hijack This is a good start.
SD
Red On, Green On
Join Date: May 2004
Location: Between the woods and the water
Age: 24
Posts: 6,487
Likes: 0
Received 2 Likes
on
2 Posts
Except that if you click on URL: http://www.symantic.com it forwards to http://www.symantec.com/index.jsp 
Thread Starter
Join Date: Jun 2003
Location: UK
Posts: 474
Likes: 0
Received 0 Likes
on
0 Posts
I already have Nero, for some time now, and I've never heard of the thebugs website! I'll see what tonight's scan produces.
Thanks for the replies so far- I'll give SuperAntiSpyware a go as well.
Thanks for the replies so far- I'll give SuperAntiSpyware a go as well.
Hippopotomonstrosesquipidelian title
Join Date: Oct 2006
Location: is everything
Posts: 1,826
Likes: 0
Received 0 Likes
on
0 Posts
"I'm bookmarking warez sites looking for Nero cracks. What could possibly go wrong?"
thebugs.ws is one of the sites added as a bookmark by the favadd-d trojan, which can be a drive-by install. But that's on IE only, I think. Ad aware probably flags it since it may indicate a favadd-d infection.
Since this bookmark includes the search terms, it was probably a deliberate bookmark and as such, it's safe.
Symantec owns symantic.com, so that's safe, too.
thebugs.ws is one of the sites added as a bookmark by the favadd-d trojan, which can be a drive-by install. But that's on IE only, I think. Ad aware probably flags it since it may indicate a favadd-d infection.
Since this bookmark includes the search terms, it was probably a deliberate bookmark and as such, it's safe.
Symantec owns symantic.com, so that's safe, too.
Tosh, try opening IE, see if the "malware" found by AdAware appears in the bookmarks.
Anyone else likely to have used the 'pooter and used IE? Don't know if it's otherwise possible to have bookmarks created in it "out of nowhere", so to speak. Probably is, somehow.
Anyone else likely to have used the 'pooter and used IE? Don't know if it's otherwise possible to have bookmarks created in it "out of nowhere", so to speak. Probably is, somehow.
