X
Tap here to go to the mobile version of the site.

Support Forum

update infected with a virus?

Posted

I installed the update to Firefox beta 33 (u8) and a warning from my WebRoot antivirus software popped up:

MALWARE GROUP: Pua.Speedbrowser

LOCATION: C:\program files (x86)\ Mozilla Firefox\ d3dcompiler_46.dll

I installed the update to Firefox beta 33 (u8) and a warning from my WebRoot antivirus software popped up: MALWARE GROUP: Pua.Speedbrowser LOCATION: C:\program files (x86)\ Mozilla Firefox\ d3dcompiler_46.dll

Additional System Details

Installed Plug-ins

  • Shockwave Flash 15.0 r0
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.9
  • Next Generation Java Plug-in 11.20.2 for Mozilla browsers
  • IE Tab plugin
  • NMP Browser Plugin 2.13.0
  • 5.1.30514.0
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • VLC media player Web Plugin 2.1.3
  • GEPlugin
  • The Hulu Desktop Plugin allows Hulu.com to integrate with the Hulu Desktop application.

Application

  • Firefox 33.0
  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
  • Support URL: https://support.mozilla.org/1/firefox/33.0/WINNT/en-US/

Extensions

  • Adblock Plus Pop-up Addon 0.9.2 (adblockpopups@jessehakanen.net)
  • Bluhell Firewall 2.4.0 ({6BB5760D-F97E-421B-AF5B-8457A90C3CED})
  • Classic Theme Restorer 1.2.3 (ClassicThemeRestorer@ArisT2Noia4dev)
  • Download videos and MP3s from YouTube 4.5.3.1206 ({B64D9B05-48E1-4CEB-BF58-E0643994E900})
  • Easy Youtube Video Downloader Express 7.34 ({b9acf540-acba-11e1-8ccb-001fd0e08bd4})
  • IE Tab 4.0.20130422 ({77b819fa-95ad-4f2c-ac7c-486b356188a9})
  • IE View 1.5.6 ({6e84150a-d526-41f1-a480-a67d3fed910d})
  • NoSquint 2.1.9 (nosquint@urandom.ca)
  • Troubleshooter 1.1a (troubleshooter@mozilla.org)
  • Updated Ad Blocker for Firefox 11+ 0.7.7 ({4DC70064-89E2-4a55-8FC6-E8CDEAE3618C})
  • Webroot Filtering Extension 1.0.0.40 (webrootsecure@webroot.com)
  • Netcraft Anti-Phishing Toolbar 1.9.2 ({0e10f3d7-07f6-4f12-97b9-9b27e07139a5}) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: ATI Mobility Radeon HD 4200 Series
  • adapterDescription2:
  • adapterDeviceID: 0x9712
  • adapterDeviceID2:
  • adapterDrivers: aticfx64 aticfx64 aticfx32 aticfx32 atiumd64 atidxx64 atiumdag atidxx32 atiumdva atiumd6a atitmm64
  • adapterDrivers2:
  • adapterRAM: 320
  • adapterRAM2:
  • adapterVendorID: 0x1002
  • adapterVendorID2:
  • clearTypeParameters: Gamma: 2200 Pixel Structure: R ClearType Level: 100 Enhanced Contrast: 400
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.2.9200.16571
  • driverDate: 7-3-2012
  • driverDate2:
  • driverVersion: 8.970.100.3000
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 2
  • numTotalWindows: 2
  • webglRenderer: Google Inc. -- ANGLE (ATI Mobility Radeon HD 4200 Series Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Direct3D 11

Modified Preferences

  • accessibility.typeaheadfind.flashBar: 0
  • browser.cache.disk.capacity: 358400
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.disk.smart_size_cached_value: 358400
  • browser.cache.frecency_experiment: 3
  • browser.places.smartBookmarksVersion: 7
  • browser.search.suggest.enabled: False
  • browser.search.useDBForOrder: false
  • browser.sessionstore.upgradeBackup.latestBuildID: 20140929180120
  • browser.startup.homepage: http://www.dailyrotation.com/
  • browser.startup.homepage_override.buildID: 20140929180120
  • browser.startup.homepage_override.mstone: 33.0
  • browser.tabs.warnOnClose: False
  • browser.tabs.warnOnOpen: False
  • browser.zoom.siteSpecific: False
  • dom.mozApps.used: True
  • extensions.lastAppVersion: 33.0
  • font.internaluseonly.changed: True
  • gfx.direct3d.last_used_feature_level_idx: 0
  • media.gmp-gmpopenh264.lastUpdate: 1410196550
  • media.gmp-gmpopenh264.version: 1.0
  • media.gmp-manager.lastCheck: 1412060319
  • mousewheel.withcontrolkey.action: 3
  • network.cookie.cookieBehavior: 1
  • network.cookie.prefsMigrated: True
  • places.database.lastMaintenance: 1412104555
  • places.history.expiration.transient_current_max_pages: 100530
  • plugin.disable_full_page_plugin_for_types: application/pdf,video/x-flv,application/vnd.fdf
  • plugin.importedState: True
  • plugin.state.java: 2
  • plugin.state.np32dsw: 2
  • plugin.state.npctrl: 2
  • plugin.state.npdeployjava: 0
  • plugin.state.npdivx: 2
  • plugin.state.npgoogleupdate: 0
  • plugin.state.nphdplg: 2
  • plugin.state.npietab: 1
  • plugin.state.npovshelper: 2
  • plugin.state.nppdf: 2
  • plugin.state.npqtplugin: 2
  • plugin.state.npvlc: 2
  • plugin.state.npwlpg: 0
  • privacy.donottrackheader.enabled: True
  • privacy.sanitize.migrateFx3Prefs: True
  • privacy.sanitize.timeSpan: 0
  • storage.vacuum.last.index: 1
  • storage.vacuum.last.places.sqlite: 1410827339

Misc

  • User JS: No
  • Accessibility: Yes
R3Tech 0 solutions 1 answers

Do you know where you downloaded to update from?? (URL ADDRESS please) if not I can help you fix the problem and virus (no worries) Email : not on this forum you don't And I can send you instructions on how to update malware signatures , etc.


edited by a moderator - please see your inbox

Do you know where you downloaded to update from?? (URL ADDRESS please) if not I can help you fix the problem and virus (no worries) Email : ''not on this forum you don't'' And I can send you instructions on how to update malware signatures , etc. ''edited by a moderator - please see your inbox''

Modified by the-edmeister

James
  • Moderator
1594 solutions 11230 answers

Likely a false positive, especially if if you updated your definitions recently.

No official install or update for Windows, Mac OSX or Linux from mozilla.org have yet to be proven to have any form of malware, virus, trojan, toolbars, applications bundled in or such.

A way to help prove that is if it was ever true it would be a very hot topic here, on mozillazine forums, tech forums and tech sites.

What locale are you using? as I uploaded en-US of both stub and full setup for Windows to virustotal. Was the first to analyze them.

Firefox Setup Stub 33.0b8.exe en-US Detection ratio: 0 / 55 https://www.virustotal.com/en/file/9278dcf8d8ceb654bc6c5fa1ed3c1e48b36d4a0b990d26672cf8e247b2703fa2/analysis/1412112432/

Firefox Setup 33.0b8.exe en-US Detection ratio: 0 / 55 https://www.virustotal.com/en/file/dfa197736787f9a59fcdf450f254f31c8f042a529d8520e30be4cf8dbbf0dee8/analysis/1412112728/

Likely a false positive, especially if if you updated your definitions recently. No official install or update for Windows, Mac OSX or Linux from mozilla.org have yet to be proven to have any form of malware, virus, trojan, toolbars, applications bundled in or such. A way to help prove that is if it was ever true it would be a very hot topic here, on mozillazine forums, tech forums and tech sites. What locale are you using? as I uploaded en-US of both stub and full setup for Windows to virustotal. Was the first to analyze them. Firefox Setup Stub 33.0b8.exe en-US Detection ratio: 0 / 55 https://www.virustotal.com/en/file/9278dcf8d8ceb654bc6c5fa1ed3c1e48b36d4a0b990d26672cf8e247b2703fa2/analysis/1412112432/ Firefox Setup 33.0b8.exe en-US Detection ratio: 0 / 55 https://www.virustotal.com/en/file/dfa197736787f9a59fcdf450f254f31c8f042a529d8520e30be4cf8dbbf0dee8/analysis/1412112728/
FredMcD
  • Top 10 Contributor
4223 solutions 58930 answers
If you think you need it; '''[http://www.mozilla.org/en-US/firefox/all/ Download Firefox Full Installer For All languages And Systems]''' {web link}
James
  • Moderator
1594 solutions 11230 answers

Helpful Reply

Fred, the OP is testing the Beta builds (currently at 33.0b8) and not using the Release which is 32.0.3

https://www.mozilla.org/en-US/firefox/beta/all/

Fred, the OP is testing the Beta builds (currently at 33.0b8) and not using the Release which is 32.0.3 https://www.mozilla.org/en-US/firefox/beta/all/

Modified by James