MozillaZine

MPSIGSTUB.EXE

Discuss various technical topics not related to Mozilla.
NTLS
 
Posts: 45
Joined: February 12th, 2011, 12:47 pm
Location: Texas, USofA

Post Posted August 13th, 2016, 7:12 am

Greetings from the Great Country of TEXAS,

My antivirus found and removed a file that may have been placed on my system by FireFox. Cannot find any reference to this titled file, MPSIGSTUB.EXE, on my system nor in this forum, except for a posting done in 2009 without any replies. This file was not in the FireFox folder, but; was within the path:

C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\APPDATA\LOCAL\TEMP\~\MPSIGSTUB.EXE

Where the 'tilde' (~) is in the location was a rather very long 'alpha-numeric' string like a Registry Key. Was not able to see any data on that file in properties to decide if it should be called a FP and allowed to remain or remove same. To protect my system OPTed to remove.

Can anyone inform me as to the nature of this file if it does belong to FF?
NTLS aka 'd' - "Lone Wanderer" Win7 Pro SP1 x64 Auto Updates FireFox v48.x
"Not everything that can be counted counts, and not everything that counts can be counted." - Albert Einstein (1879-1955)

the-edmeister

User avatar
 
Posts: 31926
Joined: February 25th, 2003, 12:51 am
Location: Chicago, IL, USA

Post Posted August 13th, 2016, 7:21 am

A mind is a terrible thing to waste. Mine has wandered off and I'm out looking for it.

LIMPET235
Moderator

User avatar
 
Posts: 37631
Joined: October 19th, 2007, 1:53 am
Location: The South Coast of N.S.W. Oz.

Post Posted August 13th, 2016, 7:24 am

Ancient Amateur Astronomer
Win-7-HP/Intel® DualCore-2.0GHz/500G HDD/4 Gig Ram/550Watt PSU/350WattUPS/Firefox-20.0-56.0.1/T-bird-2.0.0.24/SnagIt-v10.0.1/MWP-7.11.0.
RadioYachting.
(Always choose the "Custom" Install.)

Brummelchen
 
Posts: 2609
Joined: March 19th, 2005, 10:51 am

Post Posted August 13th, 2016, 9:03 am

MPSIGSTUB.EXE here is part of windows 7/8/10
it has to be under c:\windows\system32

win7/64 md5: 2e6bd16aa62e5e95c7b256b10d637f8f
win7/32 md5: 5fc2e943231abd2ae60e9f80581f765c
win8/32 md5: 0da4eaa3687bc1453421e1042855a399
win10/32 md5: f2fdce6c2bbe3c482128db90afe8e102 (LTSB 10240)
win10/32 md5: c16bf5bd4742e9addda75e0c380ee004 (Pro 1511)


My antivirus

Vendor?
seems that your AV is not sufficient, use malwarebytes free and adwcleaner - now please

1. AdwCleaner AdwCleaner Download
Insert [Report] here, then [Cleanup]

2. Let Malwarebytes (install as free) search
Download https://www.malwarebytes.org/antimalware/
Insert logfile here

cheers.
users who problaby never will get an answer from me: f*x, f*n, j*n, k*s, k*x, l*y, m*o, m*d, m*x, o*l, p*y, s*e, d*h, l*t, d*e, j*k, f*u*a, h*2

NTLS
 
Posts: 45
Joined: February 12th, 2011, 12:47 pm
Location: Texas, USofA

Post Posted August 13th, 2016, 12:35 pm

Thanks to one and ALL that replied,

Have learned from µsoft Community (µ is the symbol 'mu' which represents 'micro') and this has been an ongoing issue on their site since about Oct, 2009. With complaints that the 'Properties' for that file has NOT any data as to the originator of that file. "MT" (empty) of information from 'µsoft' or any other needed information to identify what it is used for...

Now for my issue, my antivirus software is AVG FREE and is up to date, this is the one that identified the threat:

"C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\APPDATA\LOCAL\TEMP\~\MPSIGSTUB.EXE"

and could not check the 'Properties' of that file because AVG had my system LOCKED. In the mean time I collected as much information as could be found, as a safety precaution, before it was removed. I know what ALL say about running more than one of any of the security softwares on my system. I am my own MANAGER of my system, there is NOT any single antivirus, malware, monitoring, et ceteras... programs out there that can protect our systems the majority of the time, let alone 100%. My system is x64 and running nine (9) different security programs on my system at ALL times, they do not give me any troubles, they work together very nicely. This is not just recently, since about 2003 is when it started this way. You can only recommend we not do this, from experience this will continue. All I was looking for was given by "the-edmeister," "LIMPET235," & "Brummelchen" about it being apart of WU by µsoft, if they, µsoft, would "id" their own programs this would not happen.

Am transferring this information request to "µsoft Community" and must apologize to you on this forum for posting this request here. I have seen some references to "~Stub.exe" from other sites where I download software and just could not remember which one . . now I know that Mozilla FireFox is not one of those providers.

I know this is rather long, excuse me for this please? Have had hassles about running so many security softwares on my system at the same time with threats to ban me which is not a concern for me, because; "truth is knowledge, knowledge can set you free." Note: in my sig & I have more

P.S. Edited by NTLS, forgot to mention, Adware was used at one time many years ago, also my Malware Bytes Premium fully up dated and has been on my system for about four (4) years.

P.S.S. 2nd Edit by NTLS, my searches for the "SUBJECT:" file was not run just once it was run about three (3) times without finding any trace of that file. Talking with a friend about this issue he told me his was in ~\System32\ folder, did a search on just that folder and it was found there with 'Properties/Details' fully filed in as it should. MY recommendation to any that finds this file any place else without any of the "Detail" tab being filled in should remove that file, DELETE it ASAP, because the file we have been talking about with the FULL DETAILS filled in will be or should be "C:\Windows\Sysem32\MpSigStub.exe"
NTLS aka 'd' - "Lone Wanderer" Win7 Pro SP1 x64 Auto Updates FireFox v48.x
"Not everything that can be counted counts, and not everything that counts can be counted." - Albert Einstein (1879-1955)

Return to MozillaZine Tech


Who is online

Users browsing this forum: No registered users and 1 guest