ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

yahoo is hijacking my broswer with malware

  • 13 ردًا
  • 10 have this problem
  • 4 views
  • آخر ردّ كتبه Shadow110

more options

I setup a new pc and never went to any websites except yahoo main page. 3 times now it has been seen to hijack the session with an ad replacement? and it has a fake firefox update with save/cancel. The 1st hijack was the one with the voice and the page with the false info and a number to call...

Here is a list of the websites that are now down but were used in the hijacking attempt.

I setup a new pc and never went to any websites except yahoo main page. 3 times now it has been seen to hijack the session with an ad replacement? and it has a fake firefox update with save/cancel. The 1st hijack was the one with the voice and the page with the false info and a number to call... Here is a list of the websites that are now down but were used in the hijacking attempt.

All Replies (13)

more options

Let's make sure your system is clean.

You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.


Go to the Mozilla Add-ons Web Page {web Link} (There’s a lot of good stuff here) and search for a good ad / pop-up blocker.

more options
Here is a list of the websites that are now down but were used in the hijacking attempt.
more options

thanks Fred but im no regular luser. this pc was virgin as the driven snow. It just sat on yahoo.com and was hijacked. not I added the sites it used.

win 7 pro, updated and firewalled. defender, avast paid version. the downloads were from a thumbdrive. It never seen the internet until yahoo and yahoo ads. Nothing clicked, it just hijacked it. It happened to chrome on identical pc. So much for real time protection...

more options

If you get a pop-up message asking to update Firefox or plugins or scanning for malware then such a message is likely a scam and you should NEVER respond to such an alert to avoid getting infected with malware.

  • only update Firefox via "Help -> About" or by downloading and installing Firefox from the Mozilla server and never via a pop-up or link on a web page.
  • plugins should only be updated via the plugin itself or by visiting the home page of the plugin.

See also:

more options

thanks cor-el. I always <alt>F4 the offending popovers. my main complaint is that yahoo ads is behind the drive by hijacks. Note I never do anything but leave the browser open to the yahoo main page. Eventually it will get the popover that has the save/cancel but now save is ghosted out.

shame on yahoo is what im getting at. How does one make yahoo stop this behavior without getting a real time protection (hah) or sandboxing your visits to yahoo?

this behavior only happens to chrome and firefox. IE and edge aren't prone...

I finally was able to get more screen shots of the offending domains.

more options

I suggest you scan those thumb drives for infection or all you will do is reinfect yourself each time you use them.

I also strongly suggest using https://www.malwarebytes.com/adwcleaner/ Then taking the scan results to their forum as they have other scanning tools which they will ask you to download and to post back info. Is a Process but will know you are clean. https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

Please let us know if this solved your issue or if need further assistance.

more options

Warning ! ! firefox.patch.js is MALWARE!

Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.


. Whenever you get a message / popup that software / files need to be updated;

DO NOT USE ANY OF THE PROVIDED LINKS

While this may be a legitimate message, it could also be Malware or a Virus. Anytime you want or need to check for upgrades, go to the website of the True Owner of the program in question. For example, to check out Firefox, go to https://www.mozilla.org {web link}

You can report such a site at; Google Report Phishing Page {web link} which is the same when done while on site by going to Help > Report Web Forgery

Help us safeguard Mozilla’s trademarks by reporting misuse {web link}

For almost a year, an epidemic of Fake Update Notices have been popping up all over the place. https://support.mozilla.org/en-US/kb/forum-response-i-found-fake-firefox-update

more options

yahoo ads are generating the hijacks. if it was internal it would have triggered before I went online. only after I went to yahoo did the activity, which I have reproduced on other pcs, start and continue.

https://safebrowsing.google.com/safebrowsing/report_phish/?tpl=mozilla&hl=en-US&url=https%3A%2F%2Fwww.google.com%2F was the ad that trigger the phishing report? but then the hijack began. the pics I included clearly show the culprits date descending. equohmagi-mania.com is the Trojan/viri domain that still is active last I checked... wtf?

Lesson learned? stay away from yahoo and it's ads. Educate users about leaving a browsing session open for to long. clear out cookies.

p.s I always format my thumb drive before I start a new pc, easier that way. I then include it with tools that a customer can use if so inclined. That and I have a backup for that pc...

more options

Ok.... This has gone as far as we are able to help you. For continued help with malware you are directed to go to here : https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/ Create a account and ask for help.

We can no longer help with your issue as you state it is malware/hijacks therefore it is not a Firefox Support Issue any longer. Please follow directions as instructed. Thank You

more options

the blow off.. that's ok I have seen it before. 1. IE or Edge don't have this problem, only firefox and chrome. 2. it is a Mozilla issue as it is being exploited via yahoo ads. 3. I have been a sys admin at an ISP for 20 years, I have more evidence but no one wants to pursue the fact yahoo ads and Mozilla/chrome are p0wned. 4. contacting yahoo they state they have no control over their ads, they suggested I use a DNS service to block such activity, like Norton Connectsafe which uses their DNS servers to block traffic like that I describe...

thanks for the help...

more options

No blow off, just a friendly request to follow the directons you've been given .......

To prevent this from happening again in the future, would you consider installing uBlock Origin  ?

https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

more options

Happy112 said

To prevent this from happening again in the future, would you consider installing uBlock Origin  ? https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

Now that was productive, thanks...

more options

Hello,

I am glad to hear that your problem has been resolved. If you haven't already, please select the answer that solves the problem. This will help other users with similar problems find the solution more easily. Thank you for contacting Mozilla Support.