Page 2 of 3 FirstFirst 123 LastLast
  1.    04 Nov 2016 #11
    Join Date : Apr 2015
    Posts : 13,288
    W10Prox64
    Thread Starter

    Quote Originally Posted by COMPUTIAC View Post
    Dang it, 26 ?

    ***** [ Registry ] *****

    Key Found: HKLM\SOFTWARE\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}
    Exactly what I got as well.
      My ComputerSystem Spec
  2.    04 Nov 2016 #12
    Join Date : Apr 2015
    Posts : 13,288
    W10Prox64
    Thread Starter

    Sophos came up clean, Running MBAM now.

    ESET NOD32 came up clean too. And, I didn't see anything on the FRST scan report.
    Attached Thumbnails Attached Thumbnails 2016_11_04_16_05_441.png  
      My ComputerSystem Spec
  3.    04 Nov 2016 #13
    Join Date : Aug 2015
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)

    Dang, @simrick, that sucks!

    AFAIK, Fx installers directly from the Mozilla official source should always be safe.
    https://www.mozilla.org/en-US/firefox/all/
    I assume the auto-updater ought to be safe, too.

    I've been on 49.x (via the manual, standalone, full installer) since a few days after it shipped, on all 3 boxes, with no problem. I suppose anything is possible, but there's been no spike in traffic at the mozillazine forum suggesting a widespread problem.
    And 49.x has been available for quite a while.

    Are you sure you didn't have a tab open somewhere else, or perhaps a "time bomb" from a trojan that made it onto the system undetected earlier? (IOW a coincidence with your Fx update?)

    What a PAIN!!
    Hope you get straightened out soon!

    MM
      My ComputerSystem Spec
  4.    04 Nov 2016 #14
    Join Date : Apr 2015
    Posts : 13,288
    W10Prox64
    Thread Starter

    Quote Originally Posted by MoxieMomma View Post
    Dang, @simrick, that sucks!

    AFAIK, Fx installers directly from the Mozilla official source should always be safe.
    https://www.mozilla.org/en-US/firefox/all/
    I assume the auto-updater ought to be safe, too.

    I've been on 49.x (via the manual, standalone, full installer) since a few days after it shipped, on all 3 boxes, with no problem. I suppose anything is possible, but there's been no spike in traffic at the mozillazine forum suggesting a widespread problem.
    And 49.x has been available for quite a while.

    Are you sure you didn't have a tab open somewhere else, or perhaps a "time bomb" from a trojan that made it onto the system undetected earlier? (IOW a coincidence with your Fx update?)

    What a PAIN!!
    Hope you get straightened out soon!

    MM
    IDK what to think MM. FF was working fine first thing this morning, then the toaster popped up (again) telling me v49 should be installed. I had TF, gmail, gmx mail and yahoo mail open. Decided I would update before I got into my work mode, and that's when all hell broke loose. Once FF restarted, everything was crazy like I've only seen with bad infections. Pages were freezing, scripting errors, nothing would download, the box would flash repeatedly while trying to download something, the whole browser would freeze constantly....exactly like severe infestations and worms. I couldn't even export my bookmarks - had to do it outside FF. Updating to v50 didn't help, reverting to v48 didn't help. I had to nuke the whole thing completely, clear it out of the computer, and reinstall clean.

    Thing is, aside from the 26 reg entries found by ADWCleaner (which may be FPs), nothing has shown up - not on ESET or MBAM or Sophos or SAS or my eval of FRST - nothing! I am stumped. Those reg entries point to a trojan from back in the XP W2K days. No other computer in the house is on, so there can't be any contamination from them either. I just don't understand. Wish I could nail this thing, so I'd know what the heck was going on.
      My ComputerSystem Spec
  5.    05 Nov 2016 #15
    Join Date : Oct 2013
    Watford
    Posts : 15,507
    Windows 10 Home 64bit

    Looks like the AdwCleaner issue has been confirmed as a false positive and fixed. https://toolslib.net/forum/viewthrea...few-different/
      My ComputerSystem Spec
  6.    05 Nov 2016 #16
    Join Date : Aug 2015
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)

    Hi:

    Yeah, the AdwCleaner hits were a F/P and were fixed sometime yesterday.

    then the toaster popped up (again) telling me v49 should be installed.
    Does Firefox generate toaster popups when outdated? (I do not recall ever seeing that, even though I often wait to upgrade for a few days after a new release version ships.)
    Or was that coming from Windows or some 3rd-party application update checker?
    Or am I losing what's left of my mind?
    (Sorry, I don't have a test box or VM to test this.)

    With an open browser and open webmail apps, I suppose it's possible that something may have slipped in, perhaps via some sort of drive-by exploit?

    The only thing I'm on which I'm willing to stake my leftover Halloween candy stash is that a legitimate Firefox installer directly from Mozilla would be 100% clean.
    I always do a manual, on-top upgrade with the full setup file I get here:
    https://www.mozilla.org/en-US/firefox/all/

    I'm no expert, but in all my years using Fx and hanging out at their user community & elsewhere, I've never heard of an infected installer.

    Sure does sound suspicious, though.

    Cheers,
    MM
      My ComputerSystem Spec
  7.    05 Nov 2016 #17
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 18,067
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition

    OK, so this means we need to put the reg keys back in apparently , I'm curious as to what they were for. Nothing appears broke....yet. I researched one & got a ref to MS Office.

    @MoxieMomma, yes, I would think a FF installer would be clean, but then it wouldn't be the 1st time someone infiltrated an organization & planted malware. I'm thinking maybe her d/l got corrupted & caused the problems with FF?
      My ComputerSystem Spec
  8.    05 Nov 2016 #18
    Join Date : Apr 2015
    Posts : 13,288
    W10Prox64
    Thread Starter

    Thanks everyone. I don't know what to think.
    I'm going to create a restore point and update to v49.
    MM-I was getting toasters when on the beta channel; fixed that, now I'm getting regular update windows.
      My ComputerSystem Spec
  9.    05 Nov 2016 #19
    Join Date : Apr 2015
    Posts : 13,288
    W10Prox64
    Thread Starter

    Now I'm getting this:

    Click image for larger version. 

Name:	2016_11_05_16_49_361.png 
Views:	31 
Size:	10.7 KB 
ID:	108995
      My ComputerSystem Spec
  10.    05 Nov 2016 #20
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 18,067
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition

    Quote Originally Posted by simrick View Post
    Now I'm getting this:

    Click image for larger version. 

Name:	2016_11_05_16_49_361.png 
Views:	31 
Size:	10.7 KB 
ID:	108995
    That's the stable version out right now.
      My ComputerSystem Spec

 
Page 2 of 3 FirstFirst 123 LastLast


Similar Threads
Thread Forum
Solved Computer Infection--Emergency!
Hi There Running Avast 12.3.2280 right now, and Malware bytes for on demand protection Anyways started having System Process using CPU all the way up to 91 percent at times, it's down now, first scan with Malwarebytes found backdoor.spynet...
AntiVirus, Firewalls and System Security
Solved This bag of tricks may help stop a ransomware infection
This bag of tricks may help stop a ransomware infection | PCWorld
AntiVirus, Firewalls and System Security
FireFox has become IE - Strange Issue
Solved.
Browsers and Email
Solved Taobao infection
Color me embarrassed but I seem to have picked up ........... something. As you can see from my screenshot my Browser has gotten a .....visitor and I can't seem to make it leave. It seems to be a shortcut to Taobao. I've tried scans with...
AntiVirus, Firewalls and System Security
GPU and Firefox issue
First of all, I don't know if this belongs here or browsers sub forum :/ Move it to browsers if you think it's more appropriate I use Firefox now and in some occasions, Firefox (40) stops rendering using the GPU and reverts to software mode,...
Graphic Cards
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:12.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums