Can't leave an infected site
I landed on hxxp://getsecure.cz.cc/firefox-updates
The page opens a dialog requesting to download an update. The dialog blocks all other interaction with ff.
I can kill ff from the Windows Task Manager, but when I restart, the offending page opens as one of the tabs. ff Safe Mode would allow me to delete bookmarks but I don't want to do that.
(disabled the link - TonyE)
Modified by TonyE
Chosen solution
Open your Firefox profile folder, for details to how to access it see http://kb.mozillazine.org/Profile_folder_-_Firefox
In the profile folder delete sessionstore.js and if it exists sessionstore.bak, when you next start Firefox it will not go back to the old session.
For info the NoScript add-on can be used to stop sites like that from causing problems. That site relies on JavaScript and NoScript will disable JavaScript unless you specifically allow it for a site.
Read this answer in context 👍 1All Replies (5)
Chosen Solution
Open your Firefox profile folder, for details to how to access it see http://kb.mozillazine.org/Profile_folder_-_Firefox
In the profile folder delete sessionstore.js and if it exists sessionstore.bak, when you next start Firefox it will not go back to the old session.
For info the NoScript add-on can be used to stop sites like that from causing problems. That site relies on JavaScript and NoScript will disable JavaScript unless you specifically allow it for a site.
Thank you for the fast reply.
I couldn't find a good way to report the site, though.
Set the pref browser.sessionstore.max_resumed_crashes to 0 on the about:config page to get the about:sessionrestore page immediately with the first restart after a crash has occurred or the Task Manager was used to close Firefox.
That will allow you to deselect the tab(s) that you do not want to reopen, but will allow to reopen the other tabs.
I consider the tabs reopening from a killed session serious user interface issue for times when a malware site is hit.
For example my wife calls me, with a "virus" message that I tell her to crash the computer to kill firefox. (yes I know, but she's not a technical person so this was the fastest method).
I'll implement the solution to adjust browser.sessionstore.max_resumed_crashes to 0, but folks lets face it for the average user... that is NO solution. The average FF user will not know how to do the solution and would not be able to have it explained.
i.e. enhancement idea: -Either expose that setting in the user interface directly under options -Or change the default so that by default it ASKS if you want tabs restored.
No it's not as friendly, but the users falling for the fake AV are probably the same ones who are NOT going to know how to run task manager or implment anything in the "about" section.
I find it unsafe ! and i read the want to integrate pdf reader :( and i expect no option to avoid the pdf to go to other places on the net. Sory to say FF become unsafe. Info to set it as the user want is hard to find , glad to find a solution for this problem. We need a Close and forget button that always work.