Brian Ladd’s Blog – Notes on Life

Just another weblog

Uninstalling the Clickonce Support for Firefox

Uninstalling the Clickonce Support for Firefox

A couple of years ago we heard clear feedback from folks that they wanted to enable a very clean experience with launching a ClickOnce app from FireFox.  James Dobson published FFClickOnce and got very good reviews, but we had many customers that wanted ClickOnce support for Firefox built into the framework… so in .NET Framework 3.5 SP1 we added ClickOnce support for Firefox!     This made ClickOnce apps much more accessible to a wide range of customers.

We added this support at the machine level in order to enable the feature for all users on the machine.  Seems reasonable right?  Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the “Uninstall” button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components.

Clearly this is a bit frustrating for some users that wanted an easy way to uninstall the Clickonce Support for Firefox.  But good news!  We have a fix in place (enabling each user to uninstall the feature for themselves) and our testing team is making sure that is rock-solid now.. I expect that to be out in the next few weeks.   I’ll be sure to post more information on that when I have it.

Update (5/2009):  We just release an update to .NET Framework 3.5 SP1 that makes the firefox plug in a per-user component.  This makes uninstall a LOT cleaner.. none of the steps below are required once this update is installed.

Update to .NET Framework 3.5 SP1 for the .NET Framework Assistant 1.0 for Firefox

In .NET Framework 3.5 SP1, the .NET Framework Assistant enables Firefox to use the ClickOnce technology that is included in the .NET Framework. The .NET Framework Assistant is added at the machine-level to enable its functionality for all users on the machine. As a result, the Uninstall button is shown as unavailable in the Firefox Add-ons list because standard users are not permitted to uninstall machine-level components. In this update for .NET Framework 3.5 SP1 and in Windows 7, the .NET Framework Assistant will be installed on a per-user basis. As a result, the Uninstall button will be functional in the Firefox Add-ons list. This update will also make this version of the .NET Framework Assistant for Firefox compatible with future versions of the Firefox browser. Updates to the .NET Framework Assistant may include updates to the Windows Presentation Foundation Plug-in for Firefox causing it to be enabled upon its initial update.


In the meantime, if you want to disable the Clickonce Support for Firefox here are the steps directly from the dev in charge..

Stop-gap Solution To uninstall the ClickOnce support for Firefox from your machine

1) Delete the registry key for the extension

i.                     From an account with Administrator permissions, go to the Start Menu, and choose ‘Run…’ or go to the Start Search box on Windows Vista

ii.                   Type in ‘regedit’ and hit Enter or click ‘OK’ to open Registry Editor

iii.                  For x86 machines, Go to the folder HKEY_LOCAL_MACHINE > SOFTWARE > Mozilla > Firefox > Extensions

For x64 machines, Go to the folder HKEY_LOCAL_MACHINE > SOFTWARE > Wow6432Node > Mozilla > Firefox > Extensions

iv.                 Delete key name ‘{20a82645-c095-46ed-80e3-08825760534b}’

OR alternatively

i.                     Open a command prompt window (must be ‘run as Administrator’ on Vista and later)

ii.                   Copy and paste the appropriate command below and hit ‘Enter’

For x86 machines:
reg DELETE “HKLM\SOFTWARE\Mozilla\Firefox\Extensions” /v “{20a82645-c095-46ed-80e3-08825760534b}” /f

For x64 machines:
reg DELETE “HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions” /v “{20a82645-c095-46ed-80e3-08825760534b}” /f

2) Reset the changes made to the Firefox user agent

i. Launch Firefox, go to the Firefox address bar and type in ‘about:config’

ii. Scroll down or use ‘Filter’ to find Preference name ‘general.useragent.extra.microsoftdotnet’

iii. Right-click on the item and select ‘reset’

iv. Restart Firefox

3) Remove the .NET Framework extension files

i. Go to the Start Menu, and choose ‘Run…’ or go to the Start Search box on Windows Vista

ii. Type in ‘explorer’ and hit Enter or click ‘OK’

ii. Go to ‘%SYSTEMDRIVE%\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\’

iii. Delete the ‘DotNetAssistantExtension’ folder and all its contents

Published 27 February 09 12:00 by BradA

# Silvr said on April 1, 2009 4:18 AM:
According to (

“This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC.”

Question is :

Is the above statement true. Is Brad Adams or anyone from Microsoft able to disprove it.

I respect this site since it gave me a lot of help for a lot of stuff microsoft had long-since discontinued support for, and it has provided me great troubleshooting advice.

I agree with other comments that this  secret install borders on the level of malware.(Sony anyone?)

It was stupid on Microsofts part for the following reasons :

1. Risking flak from security community and firefox community(if this indeed creates vulnerabilities in firefox)

2. Add the fact this was install without any user notification or consent. All my other plugins and extensions were installed with permission from me.

3. Risk antitrust allegations for using microsoft update to promote microsoft products over other(java).


June 1, 2009 Posted by | General Computer Tech, Security, Windows / Microsoft | Leave a comment

Microsoft Update Quietly Installs Firefox Extension

Microsoft Update Quietly Installs Firefox Extension

A routine security update for a Microsoft Windows component installed on tens of millions of computers has quietly installed an extra add-on for an untold number of users surfing the Web with Mozilla’s Firefox Web browser.

Earlier this year, Microsoft shipped a bundle of updates known as a “service pack” for a programming platform called the Microsoft .NET Framework, which Microsoft and plenty of third-party developers use to run a variety of interactive programs on Windows.

The service pack for the .NET Framework, like other updates, was pushed out to users through the Windows Update Web site. A number of readers had never heard of this platform before Windows Update started offering the service pack for it, and many of you wanted to know whether it was okay to go ahead and install this thing. Having earlier checked to see whether the service pack had caused any widespread problems or interfered with third-party programs — and not finding any that warranted waving readers away from this update — I told readers not to worry and to go ahead and install it.


I’m here to report a small side effect from installing this service pack that I was not aware of until just a few days ago: Apparently, the .NET update automatically installs its own Firefox add-on that is difficult — if not dangerous — to remove, once installed., which lists various aspects of Windows that are, well, annoying, says “this update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for Web sites to easily and quietly install software on your PC.” I’m not sure I’d put things in quite such dire terms, but I’m fairly confident that a decent number of Firefox for Windows users are rabidly anti-Internet Explorer, and would take umbrage at the very notion of Redmond monkeying with the browser in any way.

Big deal, you say? I can just uninstall the add-on via Firefox’s handy Add-ons interface, right? Not so fast. The trouble is, Microsoft has disabled the “uninstall” button on the extension. What’s more, Microsoft tells us that the only way to get rid of this thing is to modify the Windows registry, an exercise that — if done imprecisely — can cause Windows systems to fail to boot up.

When I first learned of this, three thoughts immediately flashed through my mind:

1) How the %#@! did I miss this?

2) The right way would have been to just publish the add-on at Mozilla’s Add Ons page.

3) This kind of makes you wonder what else MS is installing without your knowledge.

Then I found that I wasn’t the only one who had these ideas. Microsoft has heard these criticisms from others who long ago commented on this unfortunate development (see the comments underneath this post).

Anyway, I’m sure it’s not the end of the world, but it’s probably infuriating to many readers nonetheless. Firstly — to my readers — I apologize for overlooking this…”feature” of the .NET Framework security update. Secondly — to Microsoft — this is a great example of how not to convince people to trust your security updates.

// By Brian Krebs  |  May 29, 2009; 7:40 AM ET

June 1, 2009 Posted by | General Computer Tech, Security, Windows / Microsoft | Leave a comment