Browser Hijacker cleanup
I was infected by a couple of browser hijackers, "Conduit" and "Iminent", and I found that while the available info for disabling them worked fine, it did not clean up all the mess they left behind. Maybe some of this info can find its way into the support docs.
Conduit and Iminent hijackers:
These install one or more programs and one or more add-ins to the browser, so use add/remove and disable the add-ins. The names used are not always obvious, so search for how to remove that particular malware. If it is convenient, use a restore point to set the registry back to a time before the infection.
Even after uninstalling, and removing the plugin, and restoring the home page, I found two Conduit created folders still existed in my profile. Delete them.
For both Conduit and Iminent, they had created entries in the user.js and/or pref.js files, also visible in 'about:config'. I found I needed to: Shut down Firefox, Open both files in a text editor, Delete entries related to Conduit and/or Iminent, Only restart Firefox after editing both files, and check 'about:config' to make sure the entries are gone.
Having a "session manager" or "restore point" type feature for Firefox settings and preferences might help here.
All Replies (1)
Thank you for posting your notes on your cleanup.
The user.js file is not a standard part of Firefox and exists only to override your settings. You can usually just remove it, unless you are using it for your own purposes, in which case editing makes sense.
The prefs.js file generally contains settings you can also modify using the about:config screen. It's probably safer for most people to use about:config because it's hard to mess up a lot of things at once that way. After user.js is gone, and any extension which was modifying settings has been removed, your edits in about:config should stick.