Technical Discussion
  >> Windows Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | >> (show all)   Print Thread
Standard User cheshire_man
(knowledge is power) Fri 16-Jan-15 08:00:38
Print Post

Uncertain Firefox dialog


[link to this post]
 
My son in Kent gets an occasional dialog box when running Fire fox.

Opening pdj
You have chosen to open:

pdj

which is: application/octet-stream
from: http[colon]//pixel.fetchback.com

What should Firefox do with this file?

etc.
He clicks the Cancel button but is wondering why it's happening?

Googling seems to suggest pixel.fetchback is some sort of advertising but I can't find anything else.

Any thoughts?

Edit: He's just emailed me witrh another. This time it's

You have chosen to open:

search

which is: application/octet-stream
from: http[colon]//www.wowhd.co.uk
Clearly he's got something on his PC which may be adware, or it may be more malicious.

Tony
We have more and more laws, and less and less enforcement

Edited by cheshire_man (Fri 16-Jan-15 08:19:22)

Standard User RobertoS
(elder) Fri 16-Jan-15 18:01:28
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
It might be an idea for him to run Malwarebytes. Followed by a full system scan by his IS Security, whatever it is.

My broadband basic info/help site - www.robertos.me.uk | Domains,site and mail hosting - Tsohost.
Connection - Plusnet UnLim Fibre (FTTC). Sync ~ 57.1/14.8Mbps @ 600m. - IPv4BQM IPv6BQM

"Angels can fly because they can take themselves lightly." - G K Chesterton.

Edited by RobertoS (Fri 16-Jan-15 18:02:45)

Standard User cheshire_man
(knowledge is power) Fri 16-Jan-15 18:07:09
Print Post

Re: Uncertain Firefox dialog


[re: RobertoS] [link to this post]
 
Yes, I've already suggested that, and SuperAntispyware.

By IS Security I assume you mean his AV?

Tony
We have more and more laws, and less and less enforcement


Register (or login) on our website and you will not see this ad.

Standard User RobertoS
(elder) Fri 16-Jan-15 18:47:52
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
Yes. AV + Firewall (from the same company) = Internet Security Suite. I tend to prefer that arrangement to AV from one and firewall from another.

My broadband basic info/help site - www.robertos.me.uk | Domains,site and mail hosting - Tsohost.
Connection - Plusnet UnLim Fibre (FTTC). Sync ~ 57.1/14.8Mbps @ 600m. - IPv4BQM IPv6BQM

"Angels can fly because they can take themselves lightly." - G K Chesterton.
Standard User cheshire_man
(knowledge is power) Fri 16-Jan-15 19:07:10
Print Post

Re: Uncertain Firefox dialog


[re: RobertoS] [link to this post]
 
He's running Win 7 & MSE. So both firewall and AV from MS.

I need to talk to him when he gets home from work as the sites that seem to be popping up relate to music, DJ, etc. and that is something he has a great interest in.

Hopefully I'll have a Teamviewer session later and can have a look around his FF setup, add ons, whatever.

Tony
We have more and more laws, and less and less enforcement
Standard User Banger
(eat-sleep-adslguide) Fri 16-Jan-15 19:35:25
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
Good idea to run Malwarebyeds as well SAS.

Tim
www.vivaciti.net & freenetname
Billion 7800 on 24 Meg Enta
http://www.thinkbroadband.com/speedtest/results.html...
Standard User cheshire_man
(knowledge is power) Fri 16-Jan-15 22:46:01
Print Post

Re: Uncertain Firefox dialog


[re: Banger] [link to this post]
 
I've had a Teamviewer session for 45 minutes: Malwarebytes ran clean; SAS quick scan ran clean. Full SAS scan now under way, that'll take several hours so I'll leave it overnight.

Tony
We have more and more laws, and less and less enforcement
Standard User RobertoS
(elder) Fri 16-Jan-15 23:13:52
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
I doubt if it will find anything.

I went looking around for single-pixel malware, as it was talked about a lot a year or so ago. Once I discounted the Pixel virus, in the end I came across a forum discussion somewhere where this link was posted.

I think that is what he is observing.

My broadband basic info/help site - www.robertos.me.uk | Domains,site and mail hosting - Tsohost.
Connection - Plusnet UnLim Fibre (FTTC). Sync ~ 57.1/14.8Mbps @ 600m. - IPv4BQM IPv6BQM

"Angels can fly because they can take themselves lightly." - G K Chesterton.
Standard User cheshire_man
(knowledge is power) Sat 17-Jan-15 07:57:41
Print Post

Re: Uncertain Firefox dialog


[re: RobertoS] [link to this post]
 
Hmm. Apart from using the likes of Ghostery not sure if there's anything he can do - apart from keep away from such sites.

Tony
We have more and more laws, and less and less enforcement
Standard User cheshire_man
(knowledge is power) Sat 17-Jan-15 11:03:50
Print Post

Re: Uncertain Firefox dialog


[re: RobertoS] [link to this post]
 
The full SAS didn't find anything of significance (just 4 'normal' tracking cookies). The odd thing was the SAS failed when trying to update the definitions. I uploaded them from my PC to sort that.

I decided to un-install and re-install Firefox. Save the Bookmarks and used Revo to completely clean of FF leftovers. Reinstalled FF - and it couldn't access the internet! Evidently Internet Options were set to use a proxy server. Changed it to normal settings, no proxy. FF worked fine, and SAS was able to update.

So wondering whether something somewhere changed the proxy server setting. FWIW the settings were:
Use proxy
HTTP 127,0,0,1 Port 49164
Secure 127,0,0,1 Port 49164
Exceptions <-loopback>;*.local

I've no whether this may be significant (though 127,0,0,1 is for local machine)

Anyway we'll see over the coming days whether it's any better.

Tony
We have more and more laws, and less and less enforcement
Standard User Pipexer
(eat-sleep-adslguide) Sat 17-Jan-15 14:11:18
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
Sounds possible malware changed the proxy setting to redirect firefox traffic to a service on local machine (to spy or inject ads or whatever).

AAISP Home::1
Standard User cheshire_man
(knowledge is power) Sat 17-Jan-15 14:24:47
Print Post

Re: Uncertain Firefox dialog


[re: Pipexer] [link to this post]
 
Wonder if there's any way to find if there is such a service running?

Tony
We have more and more laws, and less and less enforcement
Standard User micksharpe
(legend) Sat 17-Jan-15 14:32:36
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
In reply to a post by cheshire_man:
Wonder if there's any way to find if there is such a service running?
Linky

"netstat -abn" seems to be the most useful. You will need to run as administrator.

Sweet Thames, run softly till I end my song,
Sweet Thames, run softly, for I speak not loud or long.
Standard User cheshire_man
(knowledge is power) Sat 17-Jan-15 15:19:06
Print Post

Re: Uncertain Firefox dialog


[re: micksharpe] [link to this post]
 
Thanks Mick

Got an interesting list, but no sign of anything using port 49164.

Tony
We have more and more laws, and less and less enforcement
Standard User micksharpe
(legend) Sat 17-Jan-15 16:05:02
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
It may be a left-over from malware that has already been removed.

Sweet Thames, run softly till I end my song,
Sweet Thames, run softly, for I speak not loud or long.
Standard User Banger
(eat-sleep-adslguide) Sat 17-Jan-15 16:45:10
Print Post

Re: Uncertain Firefox dialog


[re: micksharpe] [link to this post]
 
Check the hosts file for redirection.

Tim
www.vivaciti.net & freenetname
Billion 7800 on 24 Meg Enta
http://www.thinkbroadband.com/speedtest/results.html...
Standard User micksharpe
(legend) Sat 17-Jan-15 16:55:44
Print Post

Re: Uncertain Firefox dialog


[re: Banger] [link to this post]
 
In reply to a post by Banger:
Check the hosts file for redirection.
Good point although the hosts file is not easy to find or open in Windows 7. Instructions here. Damn Microsoft for making things unnecessarily difficult for end-users. Any competent hacker can get around their pathetic restrictions.

Sweet Thames, run softly till I end my song,
Sweet Thames, run softly, for I speak not loud or long.
Standard User Pipexer
(eat-sleep-adslguide) Sat 17-Jan-15 17:08:12
Print Post

Re: Uncertain Firefox dialog


[re: micksharpe] [link to this post]
 
No Mick, it's in exactly the same place as it was in Windows XP. You're just making an anti-Windows remark with no real justification.

AAISP Home::1
Standard User micksharpe
(legend) Sat 17-Jan-15 17:36:56
Print Post

Re: Uncertain Firefox dialog


[re: Pipexer] [link to this post]
 
In reply to a post by Pipexer:
You're just making an anti-Windows remark with no real justification.
Not at all. I've never used Vista and I didn't use XP very much. All my development work was done on Windows 2000 which suited my requirements like a pair of comfy old gloves and there was no problem in tinkering with system files, even though it could be a pain in other ways. I had to upgrade eventually and moved directly to Windows 7. It was quite a shock at the time although I have come to love it. Since I now have a stable and usable software development environment, I'm not looking forward to having to upgrade again.

Edit: Actually, I don't recall having any difficulty in editing the hosts file on XP. I'm sure I must have done it since I did use it for some development work. The etc directory wasn't hidden and a user with admin privileges had write access to everything.

Sweet Thames, run softly till I end my song,
Sweet Thames, run softly, for I speak not loud or long.

Edited by micksharpe (Sat 17-Jan-15 17:59:44)

Standard User Nervous
(experienced) Sat 17-Jan-15 18:51:21
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
How is this a Windows issue?
Standard User Pipexer
(eat-sleep-adslguide) Sat 17-Jan-15 18:58:35
Print Post

Re: Uncertain Firefox dialog


[re: Nervous] [link to this post]
 
Well you may have a point if taking this forum title literally, but I think it's in the right forum myself.

AAISP Home::1
Standard User micksharpe
(legend) Sat 17-Jan-15 19:54:29
Print Post

Re: Uncertain Firefox dialog


[re: Pipexer] [link to this post]
 
Absolutely. We don't want to upset the fanbois, do we?

Sweet Thames, run softly till I end my song,
Sweet Thames, run softly, for I speak not loud or long.
Standard User cheshire_man
(knowledge is power) Sun 18-Jan-15 07:12:33
Print Post

Re: Uncertain Firefox dialog


[re: Banger] [link to this post]
 
Good point, I was aware of that file and should have thought of it.

I'll get him to email it to me, I've sent him the address path so he can find it.

Tony
We have more and more laws, and less and less enforcement
Standard User cheshire_man
(knowledge is power) Sun 18-Jan-15 12:12:25
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
I've now got his hosts file and it all looks just fine. Identical to mine (both Win 7 systems).

So, hopefully, it's running clean now.

Tony
We have more and more laws, and less and less enforcement
Standard User broadband66
(fountain of knowledge) Sun 18-Jan-15 18:58:06
Print Post

Re: Uncertain Firefox dialog


[re: Nervous] [link to this post]
 
Took 36 hours to complain!

Was Eclipse Home Option 1, VM 2Mb & O2 Standard
Now Utility Warehouse (up to 16mbps) via Talk Talk
Standard User cheshire_man
(knowledge is power) Mon 19-Jan-15 08:54:29
Print Post

Re: Uncertain Firefox dialog


[re: broadband66] [link to this post]
 
Trying to consider where else it could have been posted...

Plusnet area? (he's a Plusnet user)

Eclipse area? (I'm an Eclipse user)

Security area? (though not really a direct security issue)

Hardware area? (he's using a PC which contains hardware)

Technical issues? (but that's for DSL issues)

The Audio & Music Forum (son & I talk and share - some - music tastes)

Perhaps the Park? (we both know how to park motor vehicles)

/getting bored now, will leave for others to waste their time... wink

Tony
We have more and more laws, and less and less enforcement
Standard User RobertoS
(elder) Mon 19-Jan-15 09:46:23
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
General Broadband Chatter would probably have been the best place, but I don't see it matters.

My broadband basic info/help site - www.robertos.me.uk | Domains,site and mail hosting - Tsohost.
Connection - Plusnet UnLim Fibre (FTTC). Sync ~ 56.5/15.0Mbps @ 600m. - IPv4BQM IPv6BQM

"Angels can fly because they can take themselves lightly." - G K Chesterton.
Standard User micksharpe
(legend) Mon 19-Jan-15 12:46:59
Print Post

Re: Uncertain Firefox dialog


[re: cheshire_man] [link to this post]
 
In the past, it would probably have been Free Chat. /sigh

Sweet Thames, run softly till I end my song,
Sweet Thames, run softly, for I speak not loud or long.
Pages in this thread: 1 | 2 | 3 | >> (show all)   Print Thread

Jump to