| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 122302 | 2011-12-14 03:46:00 | firefox hijacks home page | mark c (247) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1248515 | 2011-12-14 03:46:00 | Hi, Windows 7 Prof. with AVG, windows firewall and CCleaner. I've set the homepage with Firefox 8 to Yahoo email but periodically Mozilla butts in advertising itself. I'm a fan and never had this before. Only every so often and haven't been able to find out why, what circumstances, history etc., and can't find anything in a Google search. Plenty of fixes for Firefox being hijacked to something else but not to Firefox itself. Anyone got any ideas or experiences of this? It's only an annoyance. I can easly reset the homepage back to Yahoo. More puzzled than anything else. Could it be to do with whether or not you opt in to send feedback? Under Help/About Firefox it says I'm currently on the release update channel but no idea what this is. | mark c (247) | ||
| 1248516 | 2011-12-14 04:25:00 | I should have added that this has only started in the last 3-4 days with no changes to the comp. No programs added/removed/altered. In Firefox I did 'stop images loading automatically' under Tools and through about:config changed 'image animation' to 'none'. Had this comp brand new since Oct 15. and no other problems. | mark c (247) | ||
| 1248517 | 2011-12-14 05:17:00 | Do a full scan with malwarebytes | Speedy Gonzales (78) | ||
| 1248518 | 2011-12-14 06:59:00 | OK thanks very much. Haven't got malwarebytes on this comp though have had it before. Bit odd that something intrusive should produce a Mozilla page. Will try it and get back. - M | mark c (247) | ||
| 1248519 | 2011-12-14 07:26:00 | Tried downloading malwarebytes but comp seemed to get jammed so cleared everything using CCleaner and ran AVG (2012.0.1890) and found "Trojan Horse Generic26.YRW" and removed. See how it goes. Still seems very odd to me that any infection should flip into a Mozilla page. Of course it could be a dummy but it looked legitimate to me as had various (convincing)pages. See if I can find the URL next time. Many thanks - M EDIT Just had a look around and found from Malwarebytes forum that a lot of malware will block the install by the name. I mean 'Malwarebytes'. And the solution was simply to rename. forums.malwarebytes.org |
mark c (247) | ||
| 1248520 | 2011-12-14 07:33:00 | Wonder if its Java if you use it. If this is installed, what version is installed?? You should only have 1 version of Java installed. (the latest). If there's more than one version installed, uninstall ALL previous versions. They'll have vulnerabilities | Speedy Gonzales (78) | ||
| 1248521 | 2011-12-14 16:52:00 | Hmmm I think I noticed something about multiple Java. In a hurry rushing out the door right now but will check. Thanks | mark c (247) | ||
| 1248522 | 2011-12-15 06:13:00 | I can only find one version of Java, jre6 -does that make sense? I installed Malwarebytes and ran a full scan in safe mode, three infected files which didn't look like what AVG found but couldn't eliminate. AVG says - TrojanHorseGeneric26.YRW and .ZOU and also C:/Windows/Temp/pwjciv/setup.exe and also, instead of the pwjciv, tuotoe Malwarebytes says they're removed but the same symptons are here. Bit of a worry, there is an option (in AVG) to sort of 'lock them down' instead of get rid of them. Maybe that's the next option. I realise I have brought this on myself by straying off the straight and narrow, pure and wholesome, path of the internet into the dark and profitable underbelly so very much appreciate your help. It does seem to be mostly a nuisance, but anything with 'trojan horse' in it is a worry too. Thanks very much for your help. |
mark c (247) | ||
| 1248523 | 2011-12-15 06:29:00 | Close browsers. Install ccleaner then run it. Then click on run cleaner. That should remove whats in the temp folder. What version of Java is installed?? I think the latest is either 6 update 29. Or 7 update 2 | Speedy Gonzales (78) | ||
| 1248524 | 2011-12-15 20:20:00 | Hi, from putting in Java -version in the Command Prompt I get "1.6.0_29" From Java/properties in program files it all says jre6. I've run CCleaner several times and rebooted, and done it in Safe Mode and still get the Mozilla page taking over homepage. I notice in CCleaner it's got 'Temporary Internet Files' to be deleted for Internet Explorer (which I don't use) so presumably under 'System' where it's got 'Temporary Files' to be deleted that means the temp files accumulated by Firefox? In Windows/Temp I've got.... MPTelemetry Submit sqpoqf avginfo.id MpCmdRun ...that won't go away. Is there a way to delete these files while I've got Windows/Temp open without activating them? |
mark c (247) | ||
| 1 2 | |||||