பயர்பாக்ஸ் ஆதரவு மன்றம்

I found some infos but I do not trust myself just deleting the files in question since they ared all over my system. The following I found per malwarebytes which found the pups every day up to now:

PUP.Optional.DefaultSearch is Malwarebytes’ detection name for a family of browser hijackers targeting Chrome, Firefox and Internet Explorer. Symptoms The browsers’ default search engine was changed to one that belonged to the threat-actors. I am german so probably I need your patience in helping me to clean my system resp. Mozilla.

Looking forward Ingrid

Each morning, when I first cold boot my computer, the moment I open my Firefox browser, I receive numerous (10+) identical error messages from Bitdefender:

Suspicious connection blocked: Feature: Online Threat Prevention

firefox.exe attempted to establish a connection relying on an unmatching security certificate to content-signature-2.cdn.mozilla.net. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one.

Question: Is this ACTUALLY coming from Firefox? If so, please match your security certificates! If that's impossible due to a technical issue, then please email me your confirmation so that I can add an exception to Bitdefender.

Question: If it's not coming from Firefox, please email me, letting me know what additional system information you require so that we can get to the bottom of who/what is masquerading as Firefox while attempting to establish an unauthorized Internet connection from my computer.

HP Envy laptop, Windows 10 OS, latest update.

This has been occurring for several months.

Thank you for your time.

I'm running 96.0.3 on a fully patched Win 10 Pro system - both O/S and programs. When Firefox is running I'm getting these pop-up error messages randomly with changing content. They stay on screen for some seconds and then go away. Message states it's from (via) 5.back2yard.biz. I put that in my hosts file and I'm still getting them. My network is a cable modem hooked to Xfinity and then cable connected to another fully newer patched router. All addresses are 10. range. I ran both a Malwarebytes scan and a Windows Security scan - both are clean.

I'm unable to upload a small image after a hour so I'll give up on that right now.

Last night my Firefox 94.0.2 was hacked. When running Firefox, it would lock up my desktop. It disabled Norton Security, it disable other installed security software, and it disabled Windows System Restore. The hacker put up a message claiming to be Microsoft Support, with a phone number to call for help. This was a scam. I ran Firefox refresh, and that removed the hacker's program from Firefox, but then I had to do a full repair of my Window's installation. To protect my system, and prevent this from happening again, I added "xpinstall.enabled = false" into about.config. Please let me know if this will prevent a web site from installing a dangerous hack into Firefox, or if there is something else that I need to do. I have used Firefox for years, and have never encountered this problem before. Firefox is my favorite browser, but I am now afraid to use it. Please advise me what to do. Thanks, Jim

I can't find anything about a compromised Firefox update while using the browser when you go to help and let the browser update itself. It seems you've been hacked because I can't otherwise explain the firefox background update 308046BoAF4A39CB, which is been detected by my systems. I obviously have more information about this if you like, but I see nowhere how to report this properly. This is the first time this has happened to me, at least as far as I know and so far I've only detected the Tr.Gen threat on my Windows computers. I would like an adequate response from Mozilla on how this could happen and what the repercussions are plus how to avoid this in the future. I've been using the Firefox browser on all my systems with various operating systems and would prefer to keep using it, but not if your own updating process is comprimised. I also think it's idiotic that I can't upload a bigger screenshot than 1024 kb because my very relevant picture is 3084 kb in size.

Sincerely,

J.L

Following site is immediately hijacked to a scam site asking for login apparently to access private info. It happens with Firefox (only) whenever security setups are set "not to track", "not to prompt for passwords", "not to prompt for credit cards" "no history" "reset of cookies at logout" etc.. then the site below: http://thaimassage-herborn.de/ is redirected to SCAM SITE: https://xb7.serverdomain.org/admin/index.php appearing as "Adminpanel" asking for Login etc..

At the same time following site is partially blocked on the news banner pictures, with a white sheet over them, whenever down scroll is hit. https://www.tgrthaber.com.tr/

Only by resetting firefox deals with the issues. But ofcourse with the reason, above security settings removed.

Virusscanner was not able to detect this hijacking or the reason behind.

Is this a firefox software issue? Is there a way to resolve this? Thank you already for any support or suggestions to resolve.

Firefox updated yesterday to ver 90.0.1 (64-bit). Today when I open Firefox browser, Malwarebytes blocks an exploit with thiis message: Malwarebytes www.malwarebytes.com

-Log Details- Protection Event Date: 7/21/21 Protection Event Time: 1:37 PM Log File: 577494dc-ea4a-11eb-a649-54bf641896a0.json

-Software Information- Version: 4.4.2.123 Components Version: 1.0.1358 Update Package Version: 1.0.43331 License: Premium

-System Information- OS: Windows 10 (Build 19043.1110) CPU: x64 File System: NTFS User: System

-Exploit Details- File: 0 (No malicious items detected)

Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0, ,

-Exploit Data- Affected Application: Mozilla Firefox (and add-ons) Protection Layer: Protection Against OS Security Bypass Protection Technique: Exploit ROP gadget attack blocked File Name: URL:

(end)

When I open in safe mode, no problem. I can not find the extension causing the problem

Hello Mozilla community! Merry Christmas!

I have noticed since yesterday (but maybe it is related to the 95.0.2 Firefox update) that Firefox tries to access some weird websites each time it starts.

The websites Firefox tries to access are various (non-exhaustive list):

• itchytidying.com
• jollytestpartying.com
• dateddeed.com
• censusmiles.com
• unpleasantconcrete.com
• pacifyrespirator.com
• (...)

Kaspersky Internet Security blocks all those access attempts and notifies me with a "Download denied" event and a "Probability of unauthorized software download" message (see uploaded image).

I immediately suspected one of my Firefox extensions, so I disabled them all... But the issue kept on occurring. Could Firefox be infected? (I ran Kaspersky Internet Security through my whole PC, and it found nothing ; I did the same with the free version of MalwareBytes ; nothing again).

I find it hard to believe that this behavior is normal and that these alerts are false positives from Kaspersky Internet Security... What do you think guys?

Regards, Jerome.

Hello. Im new to the Mozilla Support community

I am running a Japanese Windows XP SP3 on VMWare Workstation 16, i have downloaded a old version of firefox, due to newer versions not working on xp

And heres the issue: Firefox keeps opening tabs randomly which are related to pornographic websites like xxnx, pornhub, evilangel n' etc..

Heres things ive tried, but didnt work: -Install tdsskiller & scan -Scan with Avast Antivirus -Uninstalling Firefox and delete registry entries -Getting IE8 or G**gle Chr*me for Windows XP SP3

Any way to resolve this problem? i can't watch these things!

I want to opt out of the new (slower than molasses) "trusted partner redirect" Firefox gave me ONE chance for 3 seconds before closing the option window.

This has resulted in slowing down an already too slow event in Firefox. This is why users are going to chrome.

It's a great idea as an option. Not a great idea to force it on users.

Thanks for your help,

How can I remove ChunkApp from my browser? It is not showing in my extensions, but i know its there because the internet service I use at a customers site wont allow me to utilize my browser because of the redirect to Chunk App host/server.

Please help I do not want to switch to Google Chrome because of this legal search engine redirect virus.

Mac Operating System

Hi, My repaired computer came back today. Under https://accounts.firefox.com/settings/ Connected Services I found an entry <Firefox Mobile 95, Android 10> that signed into my account while the machine was under repair at the Lenovo repair centre. Not trusting it I immediately removed that account. Now I realize that that intruder might have had access to my passwords in Firefox (the machine was completely dead, so no precautions were possible). And therefore to have proof in the future of illegal access I should have made a screendump of the accounts overview. My question: is there a way to retrieve the history of old, but deleted, connected services to my Firefox account? Thx in advance! Ruurd

DEAR SIRS, PLEASE HELP How to remove Brower hijacked by 'a.horsered.com' on my blog:https://rightwaystechnologies.blogspot.com/

THANKS

RICHARD rightwayspro@gmail.com

Dear Supportteam,

Today I browsed true the add-on list of Mozilla Firefox I was searching for Safepal wallet extension to use my cryptocurrency wallet also in the webbrowser. So my searching ended on the following page: https://addons.mozilla.org/nl/firefox/addon/safepal-wallet/ After I installed this extension and logged in with my credentials it was not working. 8 hours later I checked if my funds were still save on my phone software wallet also from Safepal I saw nothing $0,- balance I was deep in shock I saw my last transactions and saw that my funs ($4000,-) were transferred to another wallet. I could not believe it an add-on that is deployed in the add-on list of Mozilla Firefox. Is there no any audit department that is checking every add-on and test it before it get listed on the official add-on store of Mozilla Firefox. Can you please have a look into this add-on before there will be a massive amount of people getting scammed. And also have a look into the developer identity I have found the IP-address of the developer by tracing the mail address. Please have a look into it and maybe their is a solution to help me out.

That ugly man in the browser won't let me enter websites or pages within the website ,like sweepstakes entries on Cabela's website for example. My numbers are [phone number]. Michael Lodsin When I open Firefox, there are 3 or 4 blue screens pop up to make excutible orders to my computer, I always click them off. but they we not always there. Is someone using my computer from afar, or worse tracking my keystrokes or monitoring me ?

Hi.I would like to know how i can stop this site from constantley trying to connect with my P.C.luckeley my firewall stops it but eventully they will succeed.Iplayed it a long time ago.I stopt,deleted my account but they keep attacing several times a day.I,ll be gratefull with any help\advise about this.i tryed acsessing the page sourse and i think i,ve only made it worse.

I have a series of bookmark that are usable/contactable internally from my work WAN network. These bookmarks are unreachable when using my PC from my home network. No problem with that, it's the correct FF behavior.

However, recently selecting one of the unreachable bookmarks results in a re-direct to a third party (malicious) webpage.

How do I change the re-direct address on an unreachable URL? Or default it back to "normal behavior"?

bp-186b028e-4571-4ea8-8dd6-e13c40211120

bp-b9a18a59-0808-43e2-a103-0c4580211120

bp-88a97ccf-6ac8-4669-9265-a1e3b0211120

bp-1c47ef47-258a-4ad6-92ee-97aee0211120

bp-8652fdde-3903-4415-8dc8-10cf20211120

bp-13ade298-bb74-45ca-8912-af80c0211120