Safe Browsing detected browser Firefox has been compromised

Hi Sophos
From this alert, please advice step and how to solve this case.
RAW LOG
Intruder

Platform     6.1.7601/x86 v37 06_3c
PID          111064
Enabled      005D2E3C1DBF9104
Silent       0000000000000100
Application  C:\Program Files\Mozilla Firefox\firefox.exe
Created      2017-11-10T03:37:09
Modified     2017-11-10T03:37:16
Description  Firefox 43.0.1


Loaded Modules (111)
-----------------------------------------------------------------------------
010C0000-01123000 C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation), 
                  version: 43.0.1
57800000-5821A000 C:\Program Files\Mozilla Firefox\icudt55.dll (The ICU Project), 
                  version: 55, 1, 0, 0
5B260000-5B2CA000 C:\Program Files\Mozilla Firefox\nssckbi.dll (Mozilla Foundation), 
                  version: 2.5
5B2D0000-5B3AF000 C:\Program Files\Mozilla Firefox\icuuc55.dll (The ICU Project), 
                  version: 55, 1, 0, 0
5B3B0000-5B4EC000 C:\Program Files\Mozilla Firefox\icuin55.dll (The ICU Project), 
                  version: 55, 1, 0, 0
5B4F0000-5DA92000 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation), 
                  version: 43.0.1
5DAA0000-5DB52000 C:\Program Files\Mozilla Firefox\lgpllibs.dll (Mozilla Foundation), 
                  version: 43.0.1
5DB60000-5DD04000 C:\Program Files\Mozilla Firefox\nss3.dll (Mozilla Foundation), 
                  version: 43.0.1
60670000-6075E000 C:\Program Files\Mozilla Firefox\MSVCR120.dll (Microsoft Corporation), 
                  version: 12.00.21005.1 built by: REL
614A0000-614F6000 C:\Program Files\Mozilla Firefox\freebl3.dll (Mozilla Foundation), 
                  version: 3.20.1 Basic ECC
627D0000-62841000 C:\Program Files\Mozilla Firefox\MSVCP120.dll (Microsoft Corporation), 
                  version: 12.00.21005.1 built by: REL
69F90000-69FB5000 C:\Windows\system32\rdpendp.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
6A530000-6A5A9000 C:\Windows\system32\mscms.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
6B0B0000-6B0C8000 C:\Program Files\Mozilla Firefox\nssdbm3.dll (Mozilla Foundation), 
                  version: 3.20.1 Basic ECC
6B4B0000-6B620000 C:\Windows\system32\explorerframe.dll (Microsoft Corporation), 
                  version: 6.1.7601.24468 (win7sp1_ldr_escrow.19052
6B970000-6B997000 C:\Program Files\Mozilla Firefox\softokn3.dll (Mozilla Foundation), 
                  version: 3.20.1 Basic ECC
6C840000-6C84F000 C:\Windows\system32\wbem\wbemsvc.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
6C930000-6C9C6000 C:\Windows\system32\wbem\fastprox.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
6EB00000-6EC0C000 C:\Windows\system32\dwrite.dll (Microsoft Corporation), 
                  version: 6.1.7601.24494 (win7sp1_ldr_escrow.19062
6ED90000-6EDDF000 C:\Windows\System32\Wpc.dll (Microsoft Corporation), 
                  version: 1.0.0.1
6F000000-6F035000 C:\Program Files\Mozilla Firefox\sandboxbroker.dll (Mozilla Foundation), 
                  version: 43.0.1
6F150000-6F156000 C:\Windows\system32\sensapi.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
6F360000-6F37D000 C:\Program Files\Mozilla Firefox\mozglue.dll (Mozilla Foundation), 
                  version: 43.0.1
6FBD0000-6FBE2000 C:\Windows\system32\SAMLIB.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
714F0000-71508000 C:\Windows\system32\NTDSAPI.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
71E00000-71E38000 C:\Windows\System32\fwpuclnt.dll (Microsoft Corporation), 
                  version: 6.1.7601.18283 (win7sp1_gdr.131011-1532)
71F10000-71F6C000 C:\Windows\system32\wbemcomn.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
71F70000-71F7A000 C:\Windows\system32\wbem\wbemprox.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
72080000-72090000 C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll (Mozilla Foundation), 
                  version: 43.0.1
72800000-72836000 C:\Windows\system32\AUDIOSES.DLL (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
72890000-72895000 C:\Windows\system32\MSIMG32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24467 (win7sp1_ldr_escrow.19052
72D90000-72D9D000 C:\Windows\system32\rtutils.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
72DA0000-72DB5000 C:\Windows\system32\rasman.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
72DC0000-72E12000 C:\Windows\system32\RASAPI32.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
72F60000-72F74000 C:\Windows\system32\MSACM32.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73140000-73153000 C:\Windows\system32\dwmapi.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73210000-73305000 C:\Windows\system32\propsys.dll (Microsoft Corporation), 
                  version: 7.00.7601.17514 (win7sp1_rtm.101119-1850
73310000-73349000 C:\Windows\System32\MMDevApi.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
733A0000-733CF000 C:\Windows\system32\DUser.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
733D0000-73482000 C:\Windows\system32\DUI70.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73630000-73670000 C:\Windows\system32\UxTheme.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73670000-7380E000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24483_none_2b200f664577e14b\comctl32.dll (Microsoft Corporation), 
                  version: 6.10 (win7sp1_ldr.190604-0600)
73BF0000-73BF6000 C:\Windows\system32\rasadhlp.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73C30000-73C3D000 C:\Windows\system32\wshbth.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
73CC0000-73CE7000 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.), 
                  version: 7.250.4232.0
73CF0000-73CF5000 C:\Windows\System32\wshtcpip.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73D00000-73D12000 C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73D20000-73D28000 C:\Windows\System32\winrnr.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73D60000-73D70000 C:\Windows\system32\napinsp.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
73D70000-73D80000 C:\Windows\system32\NLAapi.dll (Microsoft Corporation), 
                  version: 6.1.7601.17964 (win7sp1_gdr.121003-0333)
73E50000-73E5F000 C:\Windows\system32\SAMCLI.DLL (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
740B0000-740BA000 C:\Windows\system32\slc.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
74130000-7413F000 C:\Windows\system32\wkscli.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
74140000-74151000 C:\Windows\system32\NETAPI32.dll (Microsoft Corporation), 
                  version: 6.1.7601.17887 (win7sp1_gdr.120704-0720)
74160000-74192000 C:\Windows\system32\WINMM.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
741A0000-741A7000 C:\Windows\system32\WINNSI.DLL (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
741B0000-741CC000 C:\Windows\system32\IPHLPAPI.DLL (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
741D0000-741D7000 C:\Windows\system32\WSOCK32.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
742C0000-743AB000 C:\Windows\system32\dbghelp.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
743B0000-743D1000 C:\Windows\system32\ntmarta.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
743F0000-743FD000 C:\Windows\system32\WTSAPI32.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
74410000-7444C000 C:\Windows\system32\pdh.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
74450000-74459000 C:\Windows\system32\VERSION.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
744B0000-744C9000 C:\Windows\system32\USERENV.dll (Microsoft Corporation), 
                  version: 6.1.7601.24453 (win7sp1_ldr.190425-0600)
745C0000-745FB000 C:\Windows\system32\rsaenh.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
74730000-74774000 C:\Windows\system32\Dnsapi.dll (Microsoft Corporation), 
                  version: 6.1.7601.17570 (win7sp1_gdr.110302-1503)
74810000-74827000 C:\Windows\system32\CRYPTSP.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
74830000-74839000 C:\Windows\system32\netutils.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
748C0000-748FC000 C:\Windows\system32\mswsock.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
749F0000-749F6000 C:\Windows\System32\wship6.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
74AB0000-74AF2000 C:\Windows\System32\wevtapi.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
74D10000-74D29000 C:\Windows\system32\srvcli.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
74D80000-74D88000 C:\Windows\system32\Secur32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
74DA0000-74DBB000 C:\Windows\system32\SSPICLI.DLL (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
74E10000-74E1C000 C:\Windows\system32\CRYPTBASE.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
74E80000-74E8E000 C:\Windows\system32\RpcRtRemote.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
74E90000-74EB9000 C:\Windows\system32\WINSTA.dll (Microsoft Corporation), 
                  version: 6.1.7601.18540 (win7sp1_gdr.140716-1508)
74EC0000-74ECB000 C:\Windows\system32\profapi.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
74ED0000-74FDF000 C:\Windows\System32\hmpalert.dll (SurfRight B.V.), 
                  version: 3.8.4.36
75040000-7504C000 C:\Windows\system32\MSASN1.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
75050000-7509B000 C:\Windows\System32\KernelBase.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
750A0000-751C2000 C:\Windows\system32\CRYPT32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
75260000-7528F000 C:\Windows\system32\WINTRUST.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
75290000-752A2000 C:\Windows\system32\DEVOBJ.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
752B0000-752D7000 C:\Windows\system32\CFGMGR32.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
752E0000-7538C000 C:\Windows\system32\msvcrt.dll (Microsoft Corporation), 
                  version: 7.0.7601.17744 (win7sp1_gdr.111215-1535)
75390000-753DE000 C:\Windows\system32\GDI32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24467 (win7sp1_ldr_escrow.19052
753E0000-753FF000 C:\Windows\system32\IMM32.DLL (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
75400000-75419000 C:\Windows\SYSTEM32\sechost.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
75450000-75562000 C:\Windows\system32\WININET.dll (Microsoft Corporation), 
                  version: 9.00.8112.16717 (win7_ie9_GDR_escrow(bui
75570000-75602000 C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24440
75610000-7561A000 C:\Windows\system32\LPK.dll (Microsoft Corporation), 
                  version: 6.1.7601.24439 (win7sp1_ldr.190413-2027)
75620000-756C2000 C:\Windows\system32\RPCRT4.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
756D0000-7631C000 C:\Windows\system32\SHELL32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24468 (win7sp1_ldr_escrow.19052
76400000-76517000 C:\Windows\system32\urlmon.dll (Microsoft Corporation), 
                  version: 9.00.8112.16717 (win7_ie9_GDR_escrow(bui
76520000-766DA000 C:\Windows\system32\iertutil.dll (Microsoft Corporation), 
                  version: 9.00.8112.16717 (win7_ie9_GDR_escrow(bui
766E0000-76781000 C:\Windows\system32\ADVAPI32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
76790000-768EF000 C:\Windows\system32\ole32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24486 (win7sp1_ldr.190607-0600)
768F0000-76925000 C:\Windows\system32\WS2_32.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
76930000-769CD000 C:\Windows\system32\USP10.dll (Microsoft Corporation), 
                  version: 1.0626.7601.24494 (win7sp1_ldr_escrow.19
769D0000-76AA5000 C:\Windows\System32\kernel32.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
76AB0000-76B33000 C:\Windows\system32\CLBCatQ.DLL (Microsoft Corporation), 
                  version: 2001.12.8530.16385 (win7_rtm.090713-1255
76B40000-76B97000 C:\Windows\system32\SHLWAPI.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
76BA0000-76BE5000 C:\Windows\system32\WLDAP32.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
76BF0000-76CB9000 C:\Windows\system32\USER32.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
76CC0000-76E5D000 C:\Windows\system32\SETUPAPI.dll (Microsoft Corporation), 
                  version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
76E60000-76FA2000 C:\Windows\System32\ntdll.dll (Microsoft Corporation), 
                  version: 6.1.7601.24499 (win7sp1_ldr.190612-0600)
76FB0000-76FB3000 C:\Windows\system32\Normaliz.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
76FC0000-76FC6000 C:\Windows\system32\NSI.dll (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)
76FD0000-7709C000 C:\Windows\system32\MSCTF.dll (Microsoft Corporation), 
                  version: 6.1.7601.18731 (win7sp1_gdr.150116-1503)
770A0000-770A5000 C:\Windows\system32\PSAPI.DLL (Microsoft Corporation), 
                  version: 6.1.7600.16385 (win7_rtm.090713-1255)

Thumbprint
99e1bfb83a40f8c6d9ad6e8c37bd24b80f3a8ef4776a8f161e728764c7ad7be2
Backwards compatible thumbprint (V1)
2968a5ef6c527b6f7ed3f713efc1d422f5001880e2838355abdcc325b00da9cd
Backwards compatible thumbprint (V2)
7fafddec969709b53a48a1d386000b717763b8787e7b4455aa4aab67e50637be
Backwards compatible thumbprint (V3)
99e1bfb83a40f8c6d9ad6e8c37bd24b80f3a8ef4776a8f161e728764c7ad7be2
Added TAGs
[edited by: Qoosh at 11:22 PM (GMT -7) on 4 Jul 2022]
Top Replies

Gladys 1 month ago +1

Hi Mohamad Hafifi Ab Halim,

Thank you for reaching out. Is this occurring on multiple devices? This type of alert requires further investigation, since the reason for this detection being triggered could…
0 Gladys 1 month ago

Hi Mohamad Hafifi Ab Halim,

Thank you for reaching out. Is this occurring on multiple devices? This type of alert requires further investigation, since the reason for this detection being triggered could be different every time. We recommend rebooting the device and starting a full scan, and observe if you see any further detection.

Thank you.

Gladys Reyes
Global Community Support Engineer
Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question, please use the "Verify Answer" button.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up +1 Vote Down

Reply

Verify Answer

Cancel