Jump to content

Search the Community

Showing results for 'firefox'.

Didn't find what you were looking for? Try searching for:

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • ESET General Forums
    • ESET Announcements
    • General Discussion
    • Forum FAQ's and Rules
    • Submit a virus, website or potential false positive sample to the ESET lab
  • ESET Home User Products
    • ESET Internet Security & ESET Smart Security Premium
    • ESET NOD32 Antivirus
    • ESET Cyber Security (for Mac)
    • ESET Cyber Security Pro (for Mac)
    • ESET NOD32 Antivirus for Linux Desktop
    • ESET Products for Mobile Devices
    • Web portals
  • Malware Detection and Cleaning
    • Malware Finding and Cleaning
    • ESET Standalone Malware Removal Tools
  • ESET Business User Products
    • ESET Endpoint Products
    • ESET Products for Windows Servers
    • ESET Products for Linux Servers
    • ESET Products for Mobile Devices
    • Remote Management
    • ESET Enterprise Inspector (EDR)
    • ESET Products for Virtualized Environments
    • Encryption
    • ESET Licensing for Business
  • ESET Beta Products
    • ESET Beta Products for Home Users
    • ESET Beta Products for Business Users
  • Slovak and Czech forums
    • ESET NOD32 Antivirus, ESET Internet Security a ESET Smart Security Premium
    • Produkty pre mobilné zariadenia
    • Vírusy a iné hrozby
    • Ostatné


  • Files
    • Early Access
    • Miscellaneous

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 101 results

  1. But I uninstalled firefox and this remained, as I started the pc this program started opening pages in the malicious firefox.
  2. ESET Internet Protection v13.0.24.0 on Windows 10 using FireFox Attempting to download a file and selecting Save, I normally get the Windows Explorer dialogue allowing me to select the download location. Instead, ESET bypasses this, saving the files to a specific folder. Can this be modified to use the above?
  3. Firefox updater is located in C:\Program Files\Mozilla Firefox and it's called updater not update.exe This file is malicious , and it's suspicious Upload it to one of these : https://www.virustotal.com/gui/home/upload https://www.hybrid-analysis.com/ https://app.any.run/submissions/
  4. In Manjaro 18.1.5 (kernel 5.4.12-1 and, XFCE 4.14.3), not only chromium 79 is affected but also firefox 72. In chromium 79 it closes at approximately 10-15 seconds, unless we deactivate the sandbox. In firefox 72 a process called IPC LAUNCH # 1 appears, which does not close when closing firefox, consuming a lot of RAM, because several of these processes are generated at the same time. En Manjaro 18.1.5(kernel 5.4.12-1 y, XFCE 4.14.3),no solamente se ve afectado chromium 79 sino tambien firefox 72. En chromium 79 se cierra aproximadamente a los 10-15 segundos, salvo que, desactivemos la sandbox. En firefox 72 aparece un proceso llamado IPC LAUNCH #1, el cual no se cierra al cerrar firefox, consumiendo mucha RAM, porque se generan varios de estos procesos al mismo tiempo.
  5. HI, I'm administrator of Eset security management center in my Company. ESET Security Center Server 7.1.717.0 Eset File Security 7.1.12008.0 Eset Management Agent 7.1.717 We have on our black list of web pages domains: facebook.com twitter.com hub.com.pl I found the every open other pages from diferend domains block the connections to the domain facebook.com. On the end users pc I try to use diferend web browsers like: Microsoft Edge/ Google Chrome/ Firefox and always I have detection regarding Web protection URL to domain facebook.com. It's the malvare or facebook.com try to receive some Cookies information from every open the web page on the pc's? Can somebudy help me?
  6. Restored to Firefox 73. Tried ESET's pre-release update and no go... Will wait for Firefox new release.
  7. Doesn't work for me. I can readily restore my normal profile and that works fine but ESET appears to create another shadow profile which it uses for secure banking, indexed from the normal profile. Without updating restoring that to the pre Firefox upgrade version, Firefox objects each time I run secure banking and insists on creating a new profile
  8. Most issues with FireFox posted to date in regards to Eset have traced backed to a corrupted FireFox profile. And some were "real doozie's" to diagnose.
  9. OK! https://www.wilderssecurity.com/threads/new-firefox-browser-version-released.361562/page-107 https://www.mozilla.org/en-US/firefox/73.0/releasenotes/ Thanks...
  10. I missed something in the recent VT analysis of this update.exe; aka firefox.exe. The below screen shot shows known processes that will startup/create this update.exe process. If you have uTorrent installed, that would be my prime suspect on how this puppy arrived on your PC: https://www.virustotal.com/gui/file/fb9045b74615a339fcdc3016f899aec5b8afbdacde5421d94d777c709295c2fd/relations
  11. I found the Error page today (2/28/20) and later found that -- IF I CLK LOGIN on THAT ERROR Page -- it opens to my Anti-Theft page as intended. Firefox 73.0.1 / New Edge Chrom got same error earlier.
  12. Thank you Marcos! I installed 4.0.93 and observed the same behavior so I submitted a ticket along with the customer_info.tgz. I discovered that Chrome also has issues streaming with NOD32 installed. If I try to watch a ‘twitch.tv’ stream, it will black out after a few minutes and sometimes I’ll get an error saying Chrome unexpectedly shut down”. Like with Firefox, disabling NOD32 doesn’t fix the problem, but uninstalling it completely does. I noticed that it requires some 32-bit libraries to run even though it’s supposed to be a 64-bit product. ‘libgtk2.0-0’ (for Ubuntu 19) & ‘libc6-i386’. Hopefully there's no conflict.
  13. Also note that from the Avast forum posting, Avast didn't detect this fake FireFox update.exe as malicious. It triggered on the outbound communication from it to a known malicious URL/IP address. My best guess is this bugger is legit software being used for other than legit purposes. Most likely for spyware purposes.
  14. Here's an old thread in the Avast forum dating from 2015 where the behavior observed was almost identical to that on your device: https://forum.avast.com/index.php?topic=92407.0 . The only difference here was the directory where the fake Firefox updater.exe was located was named ComObjects. The OP in this posting stated he had a "new build." This leads me believe that this software was installed by the OEM of the device. In any case, removing that startup entry for the software, prevented it from running thereafter. So my opinion is yes, you have eliminated whatever this thing was. If it reappears, I would start looking for any built-in diagnostic software or the like that was installed by the OEM of your device and uninstall that.
  15. I have a local account. I do not use online anytihng for this win10 debacle. I have SHUTUP switch off almost everything. I have no one drive, I have no microsoft accounts. microspasm have, over the years, clearly demonstrated their mistrust, disgust and lack of customer service for the very people who made them the global garbage patch they now are. As for a Linux recommendation, clearly, the front runner for new folk is Ubuntu. The GUI has evolved vastly over the years, it is stable, useful and easy to get to grips with. The standard desktop version contains all the workable software you would likely need. Installing more software is a doddle and there is a world of passionate, dedicated expert-like folk who will gladly offer any free assistance. There is NO activating online. There is (almost) no snooping - firefox, etc will have crash report info sent off but these things can easily be disabled. Almost everything you could want will be available as Open Source or GPL, etc so no worries about purchasing things. Virtualisation runs far better on the Linux platform than windows via KVM/QEMU. The only caveat that I have encountered is that cut/paste between host/guest and shared folders are a bit trickier to set up than would be the case with a windows setup. However, if you don't want a more hardware-centric virtualisation then you can still employ virtualbox which operates as well as virtualbox does anywhere. Software development tools do NOT require 10Gb or more of install as one gets with visual studio. By the same token, no registration is required such as microspasm force one into so they can spy on more of your activities. If one is a non-gaming user, Linux is ideal. If one is a business user, it could also be ideal but for the fact that the bulk of businesses use BackOffice tools - especially exchange/outlook; the latter of which has been altered so it is not so user-friendly any longer. I was weaned on UNIX (SYSV) and have been a ms/windows tech-type since MSDOS 3.x and windows 3. With every subsequent release, I have disliked windows less and UNIX-like more. The day windows is history will be a glorious day for the whole world! P.S. Once you feel confident enough you can even recompile your Linux kernel to streamline it to your tastes and speed-up your boot times. Personally, I have not recompiled a kernel since using Slakware but it is fun to try and would take far less time today than the 4-7 hours it used to take using pre-pentium intel chips back in 1993.
  16. i did wrote. IE11, firefox 73.0.1 (64-bit), chrome 80.0.3987.122 (Official Build) (64-bit) and in addition the latest Brave. It didn't login at all. shields up/down). All on win7 pro x64.
  17. Yes, Edge Firefox, and Opera. All the same results. What did you try?
  18. I know I have turned off cache on my firefox on my computer, i will re enable it
  19. As far as accessing the security status of Adguard DNS servers, I suggest you run this test: https://www.grc.com/dns/dns.htm Note that since this test is browser based if you are using FireFox with the default DoH setting enabled, this test will be against whatever DNS server set up in FireFox. By default, FireFox uses Cloudflare DNS servers for DoH.
  20. I finally found a web reference to this Omnisoft fake FireFox garbage. Per this MalwareByte forum posting thread: https://forums.malwarebytes.com/topic/238865-mozilla-pops-up-with-pon-contents-whenever-i-boot-my-pc/?tab=comments#comment-1279613 . Initially it appeared that this might be a rootkit and Kaspersky's TDSS Killer: https://usa.kaspersky.com/downloads/tdsskiller got rid of it. However as the OP posted, looks like the bugger reinfected the installation somehow. This might have been via the previously noted startup entry the malware created. Do as @Nightowl suggested. Run a Custom scan ensuring all drives, folders, files, and networks are selected. Make sure the scan is run as Administrator by clicking on like named button. This should at least let us know if a rootkit is present or the MBR is infected.
  21. Something just occurred to me. This Omnisoft stuff might be related to some extension or the like you installed directly or inadvertently in FireFox. Perhaps something by Mozilla itself. This would at least explain the signed cert. by Mozilla for update.exe.
  22. This C:\program files x(86)\common files\omnisoft\update.exe obviously has nothing to do with FireFox. It's update program is located in its specific C:\program files x(86) or C:\program files directory. For this reason alone, I say the program has nefarious purposes. Software located in C:\program files x(86)\common files directory get there usually as a result of something you downloaded and was placed there via installer method. It could also be adware that that was embedded or possibly even a coin miner since you state it is using a lot of system resources. The first place to check is Windows installed programs via Control Manager for anything that you don't recollect manually installing. I would start by creating an Eset firewall rule to block any outbound traffic from C:\program files x(86)\common files\omnisoft\update.exe. Make sure you enable event alert and log entry creation. When the alert occurs copy the Eset Network protection log entries related to the outbound traffic and post them in a forum reply. This will give us an idea of the server IP addresses the bugger is trying to connect to.
  23. I can confirm this too, tested with Edge-Chromium latest (v80.0.361.57) and Firefox latest (v73.0.1). With Google Chrome latest (v80.0.3987.122) I get the ESET PUA Alert. (Win10 x64 1909, EIS
  24. I'd suggest opening a support ticket with your local ESET distributor since the cause of the issue discussed in this topic was fixed by Mozilla in Firefox 73.0.1.
  • Create New...