Cannot remove browser hijack / Firefox vulnerability
This website: get-answers-fast.com
hijacked ALL of my google results, everything that I click on results in a page Re-direct!!
My 404 "Page Not Found" have been hijacked by the same.
Worse Still, it COMPLETELY DISABLES firefox's ability TO submit or REPORT A "WEB-FORGERY"!!!!
This implies that they are up to no-Good
I cannot block them.
This is an enormous Security Risk, and...I'm sure if it's happening to me, I'm probably not the Only one...
Additional System Details
Every time Firefox opened
This started when...
- Shockwave Flash 11.2 r202
- Adobe Shockwave for Director Netscape plug-in, version 188.8.131.525
- NPRuntime Script Plug-in Library for Java(TM) Deploy
- Next Generation Java Plug-in 10.4.1 for Mozilla browsers
- Adobe PDF Plug-In For Firefox and Netscape 10.1.3
- The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
- DivX Web Player version 184.108.40.206
- Npdsplay dll
- User Agent: Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1
-cannot report web forgeries, at all. Never happened before the get-answers-fast.com hijacking
First, could you try Firefox's Safe Mode, which is a standard diagnostic for interference by add-ons?
First, I recommend backing up your Firefox settings in case something goes wrong. See Back up and restore information in Firefox profiles. (You can copy your entire Firefox profile folder somewhere outside of the Mozilla folder.)
Next, restart Firefox in Firefox's Safe Mode (Troubleshoot Firefox issues using Safe Mode) using
Help > Restart with Add-ons Disabled
In the Safe Mode dialog, do not check any boxes, just click "Continue in Safe Mode."
If searches work correctly, this points to one of your add-ons or custom settings as the problem.
Do a malware check with some malware scanning programs on the Windows computer.
You need to scan with all programs because each program detects different malware.
Make sure that you update each program to get the latest version of their databases before doing a scan.
- http://www.malwarebytes.org/mbam.php - Malwarebytes' Anti-Malware
- http://www.superantispyware.com/ - SuperAntispyware
- http://www.microsoft.com/security/scanner/en-us/default.aspx - Microsoft Safety Scanner
- http://www.microsoft.com/windows/products/winfamily/defender/default.mspx - Windows Defender: Home Page
- http://www.safer-networking.org/en/index.html - Spybot Search & Destroy
You can also do a check for a rootkit infection with TDSSKiller.
- "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked
I'm afraid I did not realize the magnitude of this Problem.
This is actually a virus/malware/ROOTKIT!!! that is currently beginning to infect Mozilla Firefox and Windows users...it is not currently detected by ANY of the virus/malware removers mentioned at this time. However, you can look all over the Internet & see people who are just starting to be infected by the Rootkit. It will randomly divert webpages & google searches to various websites...and gradually deteriorate your system performance until it will not run any more. You can read about it on any of the major Antivirus companies websites. I am a "paranoid" user that runs ALL of the major, well-established Antispyware/Malware programs completely on all my systems every couple of weeks, have a Pro Firewall, and do not do any things I should not be doing on the Internet. This is a really nasty virus, and I guarantee some of you will get it at some point in the future. Look out, and do your research before it strikes, cause it is difficult, if not Totally Impossible even for an "Expert" to remove
did I mention it completely disables report a web forgery, in firefox?
Did you try TDSSkiller?
If you want to post some links to security company pages, that would be great. Otherwise, it will be hard to find the right malware.
Check you system with Oshi Unhooker (http://www.oshiunhooker.com), it is free. If after you scanned and cleared all founding problem disappear - it means you had some spyware.