X
Tap here to go to the mobile version of the site.

Support Forum

Browser Hijackers.

Posted

Of all the browsers I've used, Firefox is my favorite. But it is also by far been the one most prone to browser Hijackers, such as launchpage.org.

Why is it so easy for these to install into Firefox without the users permission (as any browser Hijacker naturally does not need) and Firefox simply lets it slide?

In 2017 alone, I've had this issue over 10 times, whereas using Chrome for years, I've not once had this issue (but, I hate chrome for other reasons).

Is there a way to prevent anything installing to Firefox (as in ANYTHING whatsoever, everything I need or will ever need is already installed).

Note: 3rd party packaged apps that install these hijackers, only target Firefox 90% of the time, I have Chrome, Opera, SafeZone and Edge installed on the same PC, and none of these get targeted by these packaged Hijacker/adware software (usually). There is clearly a flaw in Firefox's security as far as I can tell, because it'll target Firefox regardless of where I downloaded/copied any such installers from. (not that installations particularly take not of that, lol)

I just want to know how to prevent anything and everything from being installed into firefox without my permission. I don't care if I can never download another extension ever again.

Of all the browsers I've used, Firefox is my favorite. But it is also by far been the one most prone to browser Hijackers, such as launchpage.org. Why is it so easy for these to install into Firefox without the users permission (as any browser Hijacker naturally does not need) and Firefox simply lets it slide? In 2017 alone, I've had this issue over 10 times, whereas using Chrome for years, I've not once had this issue (but, I hate chrome for other reasons). Is there a way to prevent anything installing to Firefox (as in ANYTHING whatsoever, everything I need or will ever need is already installed). Note: 3rd party packaged apps that install these hijackers, only target Firefox 90% of the time, I have Chrome, Opera, SafeZone and Edge installed on the same PC, and none of these get targeted by these packaged Hijacker/adware software (usually). There is clearly a flaw in Firefox's security as far as I can tell, because it'll target Firefox regardless of where I downloaded/copied any such installers from. (not that installations particularly take not of that, lol) I just want to know how to prevent anything and everything from being installed into firefox without my permission. I don't care if I can never download another extension ever again.

Additional System Details

Installed Plug-ins

  • Shockwave Flash 26.0 r0

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0

More Information

FredMcD
  • Top 10 Contributor
4269 solutions 59840 answers

It’s very sad, but many software downloaders/ installers will trick you into installing not only their program, but other programs as well.

You have heard of the fine print in shady contracts, right? Well, some installers you need to look at the itsy bitsy teeny weeny fine print.

You are thinking you are giving the installer permission to install the program you want by using the recommended option. But if you use the Manual Option Instead, you discover all kinds of stuff that you do not even know what it is or what it does.

From now on, everyone needs to Use The Manual Option to put a stop to this.

Note that these programs can also change browser/computer settings.


You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.

It’s very sad, but many software downloaders/ installers will trick you into installing not only their program, but '''other programs as well. ''' You have heard of the '''fine print in shady''' '''contracts, ''' right? Well, some installers you need to look at the '''itsy bitsy teeny weeny fine print. ''' You are thinking you are giving the installer permission to install the program you want by using the '''recommended''' option. But if you use the '''Manual Option Instead, ''' you discover all kinds of stuff that '''you do not even know what it is or what it does. ''' From now on, everyone needs to '''Use The Manual Option''' to put a stop to this. '''Note''' that these programs can also change browser/computer settings. ------------------ You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.

Question owner

FredMcD said

It’s very sad, but many software downloaders/ installers will trick you into installing not only their program, but other programs as well. You have heard of the fine print in shady contracts, right? Well, some installers you need to look at the itsy bitsy teeny weeny fine print. You are thinking you are giving the installer permission to install the program you want by using the recommended option. But if you use the Manual Option Instead, you discover all kinds of stuff that you do not even know what it is or what it does. From now on, everyone needs to Use The Manual Option to put a stop to this. Note that these programs can also change browser/computer settings.

You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.

I habitually check every checkbox in every installer. But I've had a few occasions where these hidden programs slip through (usually not even mentioned on the download page either)

And I never use recommended because I have two HDD, and I generally need to install to the secondary one. So if anything is hidden under the "advanced" installation option, I would see it.

The "launchpage.org. " that I mentioned earlier directly edits the firefox.exe, so unfortunately it's not a file that can be deleted/uninstalled.

I've tried Malbytes and Spy Hunter (so far), neither pick up launchpage.org. but at least they nailed whatever AdWare came with it.

Thanks for the link to the troubleshooting site, see a few issues there I've had before.

Would it be possible that a dev team exists that focuses on clamping down on Adware and hijackers? If so, this "launchpage.org. " seems to be an extremely common one. Dunno if they would be able to code any kind of blocker to specific programs and such.

''FredMcD [[#answer-992707|said]]'' <blockquote> It’s very sad, but many software downloaders/ installers will trick you into installing not only their program, but '''other programs as well. ''' You have heard of the '''fine print in shady''' '''contracts, ''' right? Well, some installers you need to look at the '''itsy bitsy teeny weeny fine print. ''' You are thinking you are giving the installer permission to install the program you want by using the '''recommended''' option. But if you use the '''Manual Option Instead, ''' you discover all kinds of stuff that '''you do not even know what it is or what it does. ''' From now on, everyone needs to '''Use The Manual Option''' to put a stop to this. '''Note''' that these programs can also change browser/computer settings. ------------------ You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up. </blockquote> I habitually check every checkbox in every installer. But I've had a few occasions where these hidden programs slip through (usually not even mentioned on the download page either) And I never use recommended because I have two HDD, and I generally need to install to the secondary one. So if anything is hidden under the "advanced" installation option, I would see it. The "launchpage.org. " that I mentioned earlier directly edits the firefox.exe, so unfortunately it's not a file that can be deleted/uninstalled. I've tried Malbytes and Spy Hunter (so far), neither pick up launchpage.org. but at least they nailed whatever AdWare came with it. Thanks for the link to the troubleshooting site, see a few issues there I've had before. Would it be possible that a dev team exists that focuses on clamping down on Adware and hijackers? If so, this "launchpage.org. " seems to be an extremely common one. Dunno if they would be able to code any kind of blocker to specific programs and such.
FredMcD
  • Top 10 Contributor
4269 solutions 59840 answers

I called for more help on this.

Run your anti-virus and the mal scanners. They may find something.


Let’s do a full clean re-install; Download Firefox For All languages And Systems {web link}

Save the file. Then Close Firefox.

Using your file browser, open the Programs Folder on your computer.

Windows: C:\Program Files C:\Program Files (x86)

Mac: Open the "Applications" folder. https://support.mozilla.org/en-US/kb/how-download-and-install-firefox-mac

Linux: Check your user manual. If you installed Firefox with the distro-based package manager, you should use the same way to uninstall it. See Install Firefox on Linux; https://support.mozilla.org/en-US/kb/install-firefox-linux

If you downloaded and installed the binary package from the Firefox download page, simply remove the folder Firefox in your home directory. http://www.mozilla.org/firefox#desktop ++++++++++++++++++++++++++++ Do Not remove the profiles folder.

Look for, and rename any Mozilla or Firefox program folders by adding .old to them. Do not rename the Mozilla Thunderbird folder if there is one.

After rebooting the computer, run a registry scanner if you have one. Then run the installer. If all goes well, remove the OLD folders when you are done. +++++++++++++++++++++++++++ If there is a problem, start your Computer in safe mode and try again.

http://encyclopedia2.thefreedictionary.com/Linux+Safe+Mode This shows how to Start all Computers in Safe Mode; Free Online Encyclopedia

I called for more help on this. Run your anti-virus and the mal scanners. They may find something. --------------- Let’s do a full clean re-install; [http://www.mozilla.org/en-US/firefox/all/ Download Firefox For All languages And Systems] {web link} Save the file. Then '''Close Firefox. ''' Using your file browser, open the '''Programs Folder''' on your computer. '''Windows: ''' C:\Program Files C:\Program Files (x86) '''Mac: ''' Open the "Applications" folder. https://support.mozilla.org/en-US/kb/how-download-and-install-firefox-mac '''Linux: ''' Check your user manual. If you installed Firefox with the distro-based package manager, you should use the same way to uninstall it. See Install Firefox on Linux; https://support.mozilla.org/en-US/kb/install-firefox-linux If you downloaded and installed the binary package from the Firefox download page, simply remove the folder Firefox in your home directory. http://www.mozilla.org/firefox#desktop ++++++++++++++++++++++++++++ '''Do Not''' remove the profiles folder. Look for, and rename any '''Mozilla''' or '''Firefox''' program folders by adding .old to them. Do not rename the '''Mozilla Thunderbird''' folder if there is one. After rebooting the computer, run a registry scanner if you have one. Then run the installer. If all goes well, remove the OLD folders when you are done. +++++++++++++++++++++++++++ If there is a problem, start your '''Computer''' in safe mode and try again. http://encyclopedia2.thefreedictionary.com/Linux+Safe+Mode This shows how to Start all Computers in Safe Mode; Free Online Encyclopedia
guigs 1072 solutions 11697 answers

I am not entirely sure of the right path to report malware serving platforms, as it seem like this site is using changes to Firefox without permission?

So I reported the site to Google safe browsing since out badware site is not working for me at the moment from the referenced article Troubleshoot Firefox issues caused by malware (FredMcD added this one already, and he is awesome!)

To avoid this, start by changing any extensions to 'Always ask' and by disabling any add ons temporarily after a successful Firefox reinstall. Grab an official one from: [https://www.mozilla.org/firefox]

Ublock is an addon that is pretty good at blocking adware as well.

I am not entirely sure of the right path to report malware serving platforms, as it seem like this site is using changes to Firefox without permission? So I reported the site to [https://www.google.com/safebrowsing/ Google safe browsing] since out badware site is not working for me at the moment from the referenced article [[Troubleshoot Firefox issues caused by malware]] (FredMcD added this one already, and he is awesome!) To avoid this, start by changing any extensions to 'Always ask' and by disabling any add ons temporarily after a successful Firefox reinstall. Grab an official one from: [[https://www.mozilla.org/firefox]] Ublock is an addon that is pretty good at blocking adware as well.
jscher2000
  • Top 10 Contributor
8787 solutions 71865 answers

BrandonEllis said

The "launchpage.org. " that I mentioned earlier directly edits the firefox.exe, so unfortunately it's not a file that can be deleted/uninstalled.

That seems doubtful. Lately Firefox updates at least monthly and it would be very tricky to keep any malware that up-to-date. More likely the malware touches settings files or installs an extension. The easiest setting to change is the home page, since that is stored in clear text in the prefs.js file (and can be overridden at startup using a user.js file), and malware can pretty easily add itself to the target field of desktop shortcuts for browsers. Other settings are more challenging to change without an extension, and by default, Firefox requires your approval to run externally loaded extensions.

''BrandonEllis [[#answer-992715|said]]'' <blockquote>The "launchpage.org. " that I mentioned earlier directly edits the firefox.exe, so unfortunately it's not a file that can be deleted/uninstalled.</blockquote> That seems doubtful. Lately Firefox updates at least monthly and it would be very tricky to keep any malware that up-to-date. More likely the malware touches settings files or installs an extension. The easiest setting to change is the home page, since that is stored in clear text in the prefs.js file (and can be overridden at startup using a user.js file), and malware can pretty easily add itself to the target field of desktop shortcuts for browsers. Other settings are more challenging to change without an extension, and by default, Firefox requires your approval to run externally loaded extensions.
guigs 1072 solutions 11697 answers

@jscher2000 is that in the documentation for where to find the user.js file in a user profile? And do you know with the new web extensions in 57 if there is going to be anymore support for a user.js file?

@jscher2000 is that in the documentation for where to find the user.js file in a user profile? And do you know with the new web extensions in 57 if there is going to be anymore support for a user.js file?
jscher2000
  • Top 10 Contributor
8787 solutions 71865 answers

Investigating a possible user.js file is covered in this article: How to fix preferences that won't save. I have no idea whether legitimate extensions can add to that file.

Investigating a possible user.js file is covered in this article: [[How to fix preferences that won't save]]. I have no idea whether legitimate extensions can add to that file.
FredMcD
  • Top 10 Contributor
4269 solutions 59840 answers

Some store their settings in user.js

Some store their settings in user.js
cor-el
  • Top 10 Contributor
  • Moderator
17570 solutions 158915 answers

The "Help -> Troubleshooting Information" page also shows if there is a user.js file detected (raw JSON data: userJS: exists: true/false;).

The "Help -> Troubleshooting Information" page also shows if there is a user.js file detected (raw JSON data: userJS: exists: true/false;).