HelpSites

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Wednesday, January 14, 2009

Settings won't save in Firefox

Posted on 6:57 AM by Unknown


This is another common problem I see in forums lately. This especially since more and more malware targets firefox as well.
An example we see in forums lately is "Yoog Search". This is a searchengine Hijacker - comes with a variant of AdRotator/IconAds Adware.
The Firefox startpage + searchengine / Searchsettings get hijacked and even though the malware (responsible for changing startpage+searchengine) is gone/deleted already, if people want to change it back to default again, or change it back to their own startpage / searchengine, firefox won't save the settings.
So after a next Firefox session, the Hijacked startpage / searchengine etc is back again.

The cause is a user.js file present inside the Firefox profile folder. So, in this case the %APPDATA%\Mozilla\Firefox\Profiles\"identity" folder.
The user.js file does not exist by default and was in this case added/modified by malware.
This file is used to set or reset preferences to a default value. For example whenever the browser is loaded, the values present in the user.js file will supersede the stored values in the prefs.js file.
The prefs.js file contains the values you can access/modify via about:config or via the preferences in Tools > Options Menu in Firefox.
See here for more info about the user.js file.

I've also seen the same where malware changed the Proxysettings and created a user.js file to store the Proxysettings there. Result > once the malware was removed, the user would get the error: "The Proxy Server is Refusing Connections" since the user.js file is still in use.
Some versions of the Ask Toolbar also create a user.js file in the Firefox userprofile, so after uninstalling the Ask Toolbar, the homepage + searches are still set to Ask.com because the user.js file is still present.

That's why, if you're ever having problems with Firefox that won't save settings like startpage, searchengine, proxysettings etc.., then look if a user.js file is present in the Firefox profile folder and delete or modify it.
The presence of user.js in the Firefox profile folder doesn't necessarily mean that it's a bad file. Many people create their own user.js to supersede the stored values in the prefs.js file. So if you didn't create the user.js file yourself, you may delete it (since it's not present by default anyway).
If you're not sure, just rename it to user.js.bak, or open the file with notepad to see what values are present there.
Email ThisBlogThis!Share to XShare to Facebook
Posted in Firefox | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • 3 stubborn PC problems you can fix
    Copy from retired Microsoft at Work website (retired June 30, 2013), Copyright Microsoft.  3 stubborn PC problems you can fix Ever notice h...
  • Reminder for Forum owners
    This post is actually a reminder to my previous blog post http://miekiemoes.blogspot.com/2008/04/forum-owners-take-your-responsability.html ...
  • Forum owners - Take your responsibility!!
    After we had this , with a little update here , I'm still amazed how many website owners don't take responsibility. I was researchin...
  • Email-Worm.Win32.Locksky - new stubborn variant
    I was helping a user the other day where his computer was crippled with malware. We could successfully delete all other files, registry keys...
  • Beware Telenet.be users - Telenet.be phishing scam going around
    First of all - WOW! It has been ages I have blogged here ! I really should start to blog more often again. Work & life has kept me real ...
  • Miekiemoes rules ?? Yeah right...
    This is about the Searchengine Hijack I blogged about a couple of months ago. Files responsible for this hijack are sysaudio.sys or wdmaud...
  • Friendship
    The source of these images is unknown. They were in one of those forwarded emails -- you know, the type your friends are sure you will love...
  • Fake sysaudio.sys causes Searchengine Hijack
    What is this infection about... It actually loads a script, so searchengine results are loaded within a script. For example, when you resear...
  • 10 tips to help improve your wireless network
    Copy from the retired "Microsoft at Home" website (retired 30June2013), copyright Microsoft. 10 tips to help improve your wireless...
  • Joomla! Password Reset/Remind Functionality vulnerability - update asap!
    There was a serious security vulnerability found in the popular CMS-software Joomla! (1.5.x, including 1.5.5). The vulnerability/bug resides...

Categories

  • BlogTools
  • Compromised
  • databases
  • dogs
  • email
  • Exploits
  • Firefox
  • forums
  • Funny
  • hacks
  • Internet Explorer
  • Malware
  • Me
  • Mobile
  • Online Tools
  • Other
  • phish
  • Popups
  • Prevention
  • Rant
  • Recipe
  • Registry
  • Rogue
  • scam
  • Security Products
  • Slow computer
  • Software
  • spam
  • websites
  • Windows
  • Windows Update
  • Windows Vista

Blog Archive

  • ►  2013 (11)
    • ►  June (9)
    • ►  April (1)
    • ►  February (1)
  • ►  2012 (4)
    • ►  December (1)
    • ►  November (1)
    • ►  August (1)
    • ►  January (1)
  • ►  2011 (2)
    • ►  November (2)
  • ►  2010 (3)
    • ►  November (1)
    • ►  October (1)
    • ►  April (1)
  • ▼  2009 (13)
    • ►  November (2)
    • ►  July (1)
    • ►  June (1)
    • ►  May (2)
    • ►  March (2)
    • ►  February (2)
    • ▼  January (3)
      • IX Web Hosting - Reliable?
      • Miekiemoes rules ?? Yeah right...
      • Settings won't save in Firefox
  • ►  2008 (71)
    • ►  December (1)
    • ►  November (8)
    • ►  October (5)
    • ►  September (5)
    • ►  August (7)
    • ►  July (5)
    • ►  June (12)
    • ►  May (8)
    • ►  April (6)
    • ►  March (5)
    • ►  February (9)
Powered by Blogger.

About Me

Unknown
View my complete profile