Page 2 of 3 FirstFirst 123 LastLast

  1. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       04 Nov 2016 #11

    COMPUTIAC said: View Post
    Dang it, 26 ?

    ***** [ Registry ] *****

    Key Found: HKLM\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}
    Exactly what I got as well.
      My System SpecsSystem Spec


  2. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       04 Nov 2016 #12

    Sophos came up clean, Running MBAM now.

    ESET NOD32 came up clean too. And, I didn't see anything on the FRST scan report.
    Attached Thumbnails Attached Thumbnails 2016_11_04_16_05_441.png  
      My System SpecsSystem Spec


  3. Joined : Aug 2015
    Posts : 754
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       04 Nov 2016 #13

    Dang, @simrick, that sucks!

    AFAIK, Fx installers directly from the Mozilla official source should always be safe.
    https://www.mozilla.org/en-US/firefox/all/
    I assume the auto-updater ought to be safe, too.

    I've been on 49.x (via the manual, standalone, full installer) since a few days after it shipped, on all 3 boxes, with no problem. I suppose anything is possible, but there's been no spike in traffic at the mozillazine forum suggesting a widespread problem.
    And 49.x has been available for quite a while.

    Are you sure you didn't have a tab open somewhere else, or perhaps a "time bomb" from a trojan that made it onto the system undetected earlier? (IOW a coincidence with your Fx update?)

    What a PAIN!!
    Hope you get straightened out soon!

    MM
      My System SpecsSystem Spec


  4. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       04 Nov 2016 #14

    MoxieMomma said: View Post
    Dang, @simrick, that sucks!

    AFAIK, Fx installers directly from the Mozilla official source should always be safe.
    https://www.mozilla.org/en-US/firefox/all/
    I assume the auto-updater ought to be safe, too.

    I've been on 49.x (via the manual, standalone, full installer) since a few days after it shipped, on all 3 boxes, with no problem. I suppose anything is possible, but there's been no spike in traffic at the mozillazine forum suggesting a widespread problem.
    And 49.x has been available for quite a while.

    Are you sure you didn't have a tab open somewhere else, or perhaps a "time bomb" from a trojan that made it onto the system undetected earlier? (IOW a coincidence with your Fx update?)

    What a PAIN!!
    Hope you get straightened out soon!

    MM
    IDK what to think MM. FF was working fine first thing this morning, then the toaster popped up (again) telling me v49 should be installed. I had TF, gmail, gmx mail and yahoo mail open. Decided I would update before I got into my work mode, and that's when all hell broke loose. Once FF restarted, everything was crazy like I've only seen with bad infections. Pages were freezing, scripting errors, nothing would download, the box would flash repeatedly while trying to download something, the whole browser would freeze constantly....exactly like severe infestations and worms. I couldn't even export my bookmarks - had to do it outside FF. Updating to v50 didn't help, reverting to v48 didn't help. I had to nuke the whole thing completely, clear it out of the computer, and reinstall clean.

    Thing is, aside from the 26 reg entries found by ADWCleaner (which may be FPs), nothing has shown up - not on ESET or MBAM or Sophos or SAS or my eval of FRST - nothing! I am stumped. Those reg entries point to a trojan from back in the XP W2K days. No other computer in the house is on, so there can't be any contamination from them either. I just don't understand. Wish I could nail this thing, so I'd know what the heck was going on.
      My System SpecsSystem Spec

  5.    4 Weeks Ago #15

    Looks like the AdwCleaner issue has been confirmed as a false positive and fixed. https://toolslib.net/forum/viewthrea...few-different/
      My System SpecsSystem Spec


  6. Joined : Aug 2015
    Posts : 754
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       4 Weeks Ago #16

    Hi:

    Yeah, the AdwCleaner hits were a F/P and were fixed sometime yesterday.

    then the toaster popped up (again) telling me v49 should be installed.
    Does Firefox generate toaster popups when outdated? (I do not recall ever seeing that, even though I often wait to upgrade for a few days after a new release version ships.)
    Or was that coming from Windows or some 3rd-party application update checker?
    Or am I losing what's left of my mind?
    (Sorry, I don't have a test box or VM to test this.)

    With an open browser and open webmail apps, I suppose it's possible that something may have slipped in, perhaps via some sort of drive-by exploit?

    The only thing I'm on which I'm willing to stake my leftover Halloween candy stash is that a legitimate Firefox installer directly from Mozilla would be 100% clean.
    I always do a manual, on-top upgrade with the full setup file I get here:
    https://www.mozilla.org/en-US/firefox/all/

    I'm no expert, but in all my years using Fx and hanging out at their user community & elsewhere, I've never heard of an infected installer.

    Sure does sound suspicious, though.

    Cheers,
    MM
      My System SpecsSystem Spec


  7. Joined : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 11,547
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       4 Weeks Ago #17

    OK, so this means we need to put the reg keys back in apparently , I'm curious as to what they were for. Nothing appears broke....yet. I researched one & got a ref to MS Office.

    @MoxieMomma, yes, I would think a FF installer would be clean, but then it wouldn't be the 1st time someone infiltrated an organization & planted malware. I'm thinking maybe her d/l got corrupted & caused the problems with FF?
      My System SpecsSystem Spec


  8. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       4 Weeks Ago #18

    Thanks everyone. I don't know what to think.
    I'm going to create a restore point and update to v49.
    MM-I was getting toasters when on the beta channel; fixed that, now I'm getting regular update windows.
      My System SpecsSystem Spec


  9. Joined : Apr 2015
    Posts : 9,117
    W10Prox64
       4 Weeks Ago #19

    Now I'm getting this:

    Click image for larger version. 

Name:	2016_11_05_16_49_361.png 
Views:	31 
Size:	10.7 KB 
ID:	108995
      My System SpecsSystem Spec


  10. Joined : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 11,547
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       4 Weeks Ago #20

    simrick said: View Post
    Now I'm getting this:

    Click image for larger version. 

Name:	2016_11_05_16_49_361.png 
Views:	31 
Size:	10.7 KB 
ID:	108995
    That's the stable version out right now.
      My System SpecsSystem Spec


 
Page 2 of 3 FirstFirst 123 LastLast


Similar Threads
Thread Forum
Solved Computer Infection--Emergency!
Hi There Running Avast 12.3.2280 right now, and Malware bytes for on demand protection Anyways started having System Process using CPU all the way up to 91 percent at times, it's down now, first scan with Malwarebytes found backdoor.spynet...
AntiVirus, Firewalls and System Security
Solved This bag of tricks may help stop a ransomware infection
This bag of tricks may help stop a ransomware infection | PCWorld
AntiVirus, Firewalls and System Security
FireFox has become IE - Strange Issue
Solved.
Browsers and Email
Solved Taobao infection
Color me embarrassed but I seem to have picked up ........... something. As you can see from my screenshot my Browser has gotten a .....visitor and I can't seem to make it leave. It seems to be a shortcut to Taobao. I've tried scans with...
AntiVirus, Firewalls and System Security
GPU and Firefox issue
First of all, I don't know if this belongs here or browsers sub forum :/ Move it to browsers if you think it's more appropriate I use Firefox now and in some occasions, Firefox (40) stops rendering using the GPU and reverts to software mode,...
Graphic Cards
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 21:57.
Find Us
Twitter Facebook Google+



Windows 10 Forums