Jump to content

Recommended Posts

Posted (edited)

Per the below Browser protection log entries, this has happened to date for two Firefox updates.

Appears Firefox attempts to load updated .dlls into memory and Eset blocks the activity. Luckily, it only happens at Firefox update time and does not occur on subsequent Firefox startups thereafter;

Quote

Time;Action;File;Hash;Information;User

6/25/2024 11:35:35 AM;Blocked;c:\program files\mozilla firefox\mozglue.dll;27C73014334E04778992D7BCA18BB7ECAFA65680;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:01 AM;Blocked;c:\program files\mozilla firefox\nss3.dll;252E64F4C98045F35E729414B58B86C432E33D16;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:01 AM;Blocked;c:\program files\mozilla firefox\gkcodecs.dll;5EE30BE8EC53997C9C8F78F359D122DB1C915D98;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:01 AM;Blocked;c:\program files\mozilla firefox\lgpllibs.dll;AE8BC5383218301F97FE55336D2C5F1793BD1246;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:04 AM;Blocked;c:\program files\mozilla firefox\xul.dll;D4B6F0222712DE27DBFF6958D682CDEBCF0B91C2;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:05 AM;Blocked;c:\program files\mozilla firefox\softokn3.dll;9BD0F99EA295BF19251A6CBB7FDC4036B1B875BD;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:05 AM;Blocked;c:\program files\mozilla firefox\freebl3.dll;28E44614BF2CBD2B60C7C4816FE7595B118FFC7D;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:05 AM;Blocked;c:\program files\mozilla firefox\ipcclientcerts.dll;EE5A466DA479FD3F3CEB8B3CA28FC09C08F0819A;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:05 AM;Blocked;c:\program files\mozilla firefox\libglesv2.dll;B556C120716B02578BDDCAEABCF1DC90CB65113A;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:05 AM;Blocked;c:\program files\mozilla firefox\libegl.dll;62E488CB1FCDE82269981BEA6FA622C444DEC578;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:07 AM;Blocked;c:\program files\mozilla firefox\nssckbi.dll;DE812FB818AC53AF8FB921EF3360BDCC43A3CA44;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:08 AM;Blocked;c:\program files\mozilla firefox\osclientcerts.dll;BFBBE38628276709C04C039F082AF56B367C6C87;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:09 AM;Blocked;c:\program files\mozilla firefox\mozavcodec.dll;5AE2E014729ABD2E4A3EA5ED15B24E07F38EEA91;Untrusted file;xxxxxxxxxx
6/25/2024 11:36:31 AM;Blocked;c:\program files\mozilla firefox\mozavutil.dll;FAD8A8BE7816A8ACE3057614E7311E42AA504D28;Untrusted file;xxxxxxxxxx
7/26/2024 10:53:40 AM;Blocked;c:\program files\mozilla firefox\mozglue.dll;6B3A6C2B9884D0A92178B9D4BD345D4A6EB0EC7B;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:23 AM;Blocked;c:\program files\mozilla firefox\nss3.dll;A64643758917B9715B037C9FD0B960D748139BBE;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:23 AM;Blocked;c:\program files\mozilla firefox\gkcodecs.dll;A83ECF57AF41B84EE0ABFBE4CCAAE074EC18EEDE;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:23 AM;Blocked;c:\program files\mozilla firefox\lgpllibs.dll;704CA20B86FADA5929F3BB0FFE731F6DA79AF605;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:26 AM;Blocked;c:\program files\mozilla firefox\xul.dll;C5EECFDB7E4B7E03866753EDD5833EB8067116FB;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:27 AM;Blocked;c:\program files\mozilla firefox\softokn3.dll;5AEEEF7EEF209AED6E1F23849CDFD46C3BEABA5B;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:27 AM;Blocked;c:\program files\mozilla firefox\freebl3.dll;3B318C4A05477A24973DA22C3A8A9DAF29C6F10D;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:27 AM;Blocked;c:\program files\mozilla firefox\ipcclientcerts.dll;5268E22B982BF35F93F173287FD11E70BC616DF2;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:27 AM;Blocked;c:\program files\mozilla firefox\libglesv2.dll;FA36A2866D232DA41910AB8484D20E4259459291;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:27 AM;Blocked;c:\program files\mozilla firefox\libegl.dll;EC434693316251F3D6EFD7AC581F0CEADCE29E62;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:29 AM;Blocked;c:\program files\mozilla firefox\nssckbi.dll;FDF27C78B2AD7AF446ECC22D16DF12BC80E68139;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:30 AM;Blocked;c:\program files\mozilla firefox\osclientcerts.dll;E3FE5E197FFEDA0EFD2CDB8C0DCAFF6DFFD6DA5C;Untrusted file;xxxxxxxxxx
7/26/2024 10:54:31 AM;Blocked;c:\program files\mozilla firefox\mozavcodec.dll;2471109DA279E5D05480B5006E4BE453EFC34CC1;Untrusted file;xxxxxxxxxx
7/26/2024 10:55:44 AM;Blocked;c:\program files\mozilla firefox\mozavutil.dll;893386C71B520BB28196B7060534FB7A778DA2A0;Untrusted file;xxxxxxxxxx

 

Edited by itman
Posted (edited)

Forgot to mention this.

Based on the file time stamps in the Firefox directory for the 7/26 update, it appears Firefox attempted to load the updated .dlls into its memory space prior to the files being updated in its directory. The file updating actually occurring on directed manual restart of Firefox.

Edited by itman
  • Administrators
Posted

It's weird that the dlls were considered untrusted since the certificate was whitelisted in May already. I'm waiting for developers to comment it.

Posted (edited)
3 hours ago, Marcos said:

It's weird that the dlls were considered untrusted since the certificate was whitelisted in May already.

As far as the cert. associated with the 7/26 updated .dlls, it shows a signing date of 7/25/2024. Cert. was a code signing one issued by Digicert;

Eset_Cert.png.13834dc378ff4567ba5f7d0e202efe0a.png

Also, I never received any Eset alert these .dlls were blocked.

Edited by itman
Posted (edited)

Yesterday I went to a web site that I frequent often to make a purchase. Firefox locked up as noted previously in this forum posting: https://forum.eset.com/topic/41758-firefox-hangs-in-ver-172/ . This has never happened previously when accessing this web site.

I have had it with the Secure all browsers feature. It no longer works properly with Firefox and I am tired of trying to get it to work. As long as Safe Banking Browser protection works w/o issue that is sufficient for me.

Edited by itman
Posted

Since I can't use Secure all browsers option with Firefox, I would like to see the Websites redirection feature added back to ver. 17. This would allow me to manually add web site URLs that would auto open upon access to Safe Banking secured browser mode. This option would only be effective if Secure all browsers mode is disabled.

image.png.52d18462c7cef469966a8f6614f15994.png

  • ESET Staff
Posted

Having a problem with Firefox even after restarting the browser (in Secure All Browsers mode)? We're looking into it, but once Firefox update was blocked, it should be allowed the next time it's launched.

  • Administrators
Posted

@itman please provide C:\ProgramData\ESET\ESET Security\local.db for a check.

Posted
3 hours ago, Marcos said:

@itman please provide C:\ProgramData\ESET\ESET Security\local.db for a check.

Note, Secure all browsers is disabled when the file was created;

local.zip

Posted (edited)
4 hours ago, constexpr said:

Having a problem with Firefox even after restarting the browser (in Secure All Browsers mode)?

I have been having the Eset ver. 17 lockup issue w/loss of Internet connectivity in Firefox w/Secure all browsers enabled since ver. 127. It got worse with ver. 128.

Edited by itman
  • Administrators
Posted

We are in touch with Mozilla developers and they will try to make some changes that might help mitigate this issue. We'll see in future versions of Firefox if it helps.

Posted (edited)
20 hours ago, Marcos said:

We are in touch with Mozilla developers and they will try to make some changes that might help mitigate this issue. We'll see in future versions of Firefox if it helps.

Sounds like this will take some time to resolve; if it does get resolved.

I would still like to see Websites redirection feature added back. Note I am referring to user manual addition of web site URLs; not the past problematic Eset auto creation of same. The feature should have never been removed for just this situation.

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...