Hijacked by extcorp.com.xpi

[Brummelchen]

i remember that firefox will ask if some extension should added - either manually or by external calls. but i also remember that already installed adware extensions can add other extensions silently.

[Ling Ling]

@ Ling Ling :

You posted this question on McAfee support forum as well, and have been giving the same answers so far.
You seem to be convinced that Firefox ALLOWS malware to slip through the cracks, but rest assured :
Firefox will do no such thing !
(Hence the link James gave you)
In a perfect world there wouldn't be any malware, but as long as there are 'some people' ......

I use McAfee of which they cannot detect/ block/ clean this malware, so I asked them, too.
I just wonder why Firefox is so easy to be hacked and added an extension without the user approval/notice.

[Ling Ling]

i remember that firefox will ask if some extension should added - either manually or by external calls. but i also remember that already installed adware extensions can add other extensions silently.

I have ticked all security setting (e.g. warn me when sites try to install add-on,......) but still cannot prevent this malware.

[Happy112]

I just wonder why Firefox is so easy to be hacked and added an extension without the user approval/notice.

It is NOT Firefox that has been 'hacked' - it is your computer.
And it was NOT Firefox that added that extension without your approval / notice.
This so-called 'extension' is malware, that 'slipped in', maybe even with some software that you installed.
Please, stop blaming Firefox, for really : Firefox is not the culprit - blame those so-and-so's that are trying to infect your computer with malware.

[Ling Ling]

I just wonder why Firefox is so easy to be hacked and added an extension without the user approval/notice.

It is NOT Firefox that has been 'hacked' - it is your computer.
And it was NOT Firefox that added that extension without your approval / notice.
This so-called 'extension' is malware, that 'slipped in', maybe even with some software that you installed.
Please, stop blaming Firefox, for really : Firefox is not the culprit - blame those so-and-so's that are trying to infect your computer with malware.

It just affected Firefox. When I was infected, I changed to use Edge to search the remedies, Edge was working normal.

[LIMPET235]

Hi,
Just an idea...
Is Firefox set as your "default" browser?
If so, then that is why only Firefox was affected.

[Happy112]

Hi,
Just an idea...
Is Firefox set as your "default" browser?
If so, then that is why only Firefox was affected.

Hear ! Hear !
Excellent brainwave !

[the-edmeister]

i remember that firefox will ask if some extension should added - either manually or by external calls. but i also remember that already installed adware extensions can add other extensions silently.

I have ticked all security setting (e.g. warn me when sites try to install add-on,......) but still cannot prevent this malware.

Those protections are set by default when Firefox is installed, so if they were turned off "someone" changed the default setting for those preferences. The user does have control over them, so you need to be careful when tinkering with settings.

And once that garbage is installed it's gonna stay there until you get rid of it or pay someone else to find it and remove it it's sitting and hidden somewhere in your operating system like a herpes virus until you least what it to appear and rear its ugly head.

-------------------------------------------------------

One thing that I don't recall reading in this thread this far ...

Any program that the user installs on the Windows Operating System can do anything it wants to do to your computer once the user allows the installer to run to install an application that the user wants. Be very careful with any "free" programs that you install; the "cost" is usually borne by the user by way of unwanted advertising, stolen personal data, and at the worst identity theft if the stolen personal data is sold and utilized.

Stay off the internet with that device until you get it fixed! Best of all - disconnect the network cable for that device until it's fixed, to keep it from "phoning home" in the background!

If your Anti-Virus application and / or Malware protection doesn't alert you about a Virus or Malware trying to install itself or actually stop malicious software "cold, in its tracks" from getting installed; you are stuck with a big clean up process. And web browsers like Firefox have the lowest level of permissions for all types of software, that crap can't get in that way without direct user approval; IOW that type of garbage can't be unknowingly be installed thru the front door of a web browser directly from the internet. Either the Operating System is letting it "in via the back door" or a security program (AV or Anti-Malware) isn't watching the side door or basement good enough and it gets in there.

Mac users had no problems like this until Apple started using the same CPU processor types as Windows use, and since then a very few types of Malware do affect Mac systems; the Mac operating systems are that much more secure than Windows is. And Linux users aren't affected least of all to not ever. But part of that is "most bang for the buck" - why waste time developing Malware for 5% of the computer users (Mac and Linux) combined) around the globe when Windows is "such easy pickings".

[Happy112]

One thing that I don't recall reading in this thread this far ...

Any program that the user installs on the Windows Operating System can do anything it wants to do to your computer once the user allows the installer to run to install an application that the user wants.

I recall reading something to that effect in this thread .........
Where was it - let me think - oh yeah, I remember : only a few posts before yours a certain 'Happy112' wrote : "This so-called 'extension' is malware, that 'slipped in', maybe even with some software that you installed " .........

[Ling Ling]

Hi,
Just an idea...
Is Firefox set as your "default" browser?
If so, then that is why only Firefox was affected.

Yes, I set Firefox as default browser.
I love Firefox very much before, but now I am very disappointed.

[Ling Ling]

Also, I found that Firefox installed some extensions "silently" without any notice to user???!!!

Firefox Screenshots 6.6.0 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi

Follow-on Search Telemetry 0.8.0 default Firefox 54.0 C:\Users\Ling\AppData\Roaming\Mozilla\Firefox\Profiles\yioiinl1.default\features\{52bc39e0-9155-411b-ab22-3ac7f38293ec}\followonsearch@mozilla.com.xpi

Multi-process staged rollout 1.50 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi

Pocket 1.0.5 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi

Application Update Service Helper 2.0 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi

[James]

Those are not malware. Instead of being a built in feature they may come as an Extension and some may depend on OS.

[RobertJ]

I love Firefox very much before, but now I am very disappointed.

We don't really care.

As noted earlier:

We folks are not part of Mozilla.
Established in 1998, MozillaZine is an independent Mozilla news, community and support site.
MozillaZine is not run by the Mozilla Foundation and is not an official part of the Mozilla project.

Use any browser you want!


.

[Happy112]

Also, I found that Firefox installed some extensions "silently" without any notice to user???!!!

Firefox Screenshots 6.6.0 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi

Follow-on Search Telemetry 0.8.0 default Firefox 54.0 C:\Users\Ling\AppData\Roaming\Mozilla\Firefox\Profiles\yioiinl1.default\features\{52bc39e0-9155-411b-ab22-3ac7f38293ec}\followonsearch@mozilla.com.xpi

Multi-process staged rollout 1.50 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi

Pocket 1.0.5 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi

Application Update Service Helper 2.0 default Firefox 54.0 C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi

It took a bit of digging (especially the first one as it's being worked on as a bug right now), but all five of them are built-in features.
No malware, no extensions that have been installed without your permission.

Now, would you please relax and trust the answers you have been giving here ?

[RobertJ]

.
Ling Ling, Happy112 is correct.

• aushelper@mozilla.org.xpi
• e10srollout@mozilla.org.xpi
• firefox@getpocket.com.xpi
• screenshots@mozilla.org.xpi
• webcompat@mozilla.org.xpi

ARE NOT INSTALLED EXTENSIONS. They are all part of the code THAT COMES WITH THE FIREFOX APPLICATION. As noted they are in the directory

Firefox.app/Contents/Resources/browser/features/

The fact that they use the suffix "xpi" means nothing other than how they get loaded when Firefox is launched.

Your concerns have been clearly addressed. I'm locking this thread.

.