Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hidden windows opened in firefix by website

more options

After running firefox a long time, i close it. But it appeared that it was still opened using a large part of memory.

I kill firefox, then reopen it, and 4 windows open with blank pages on the website

It appears these pages were opened before, but in an hidden way, and they don't show in history.

It happened to me 5 or 6 times since 1 week before i wa able to reproduce some symptoms in a systematic way.

I think this problem is also related to some interceptions of google results.

URL of affected sites

All Replies (1)

more options

Hi All, I was called to help a friend who had this problem after a download related to a keygen exe. The pop ups [in Firefox AND IE] relate to predominantly nrg.exe, nrf.exe & nrh.exe. I used Zonealarm Extreme Security to find the source of the outgoing traffic. A program called Onex autoconnects to an IP address [] which in turn executes the three .exe's above. Bottom Line - get ZA or your Firewall to "Kill" Onex and a program called hbppro - these also recruit the Windows Command Processor. Interestingly nrg.exe lives here..... C:\Users\YourName\AppData\Local\Temp. Sure as eggs are eggs though, Zonealarm logs it and until I killed the exes manually and set up a Firewall rule, the pop ups continued!!! The .exe's were NOT seen as malicious by ANY of my anti-virus programs so I had to manually set the rules to block [kill] the auto-connections. This is the end destination for the executable...... - it seems to be a "Product Brand Protection" company on reverse IP/WHOIS lookup. Hope that helps, NIN

  1. 1
  2. 2