This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Mulongo oyo etiyamaki na archive. Tuna motuna mosusu soki osengeli na lisalisi

A new installation of Firefox is redirected to "Internet Explorer Emergency Mode" even after AV8 was removed by PCTools, How can I fix this redirection of home page.

  • 2 biyano
  • 62 eza na bankokoso oyo
  • 2 views
  • Eyano yasuka ya jhackg0d

more options

IBM ThinkPad running XPPro Internet Explorer 8 Installed with "IE8-WindowsXP=86-ENU" Firefox ver 3.6.12 Install ver 4.22.0.0

IBM ThinkPad running XPPro Internet Explorer 8 Installed with "IE8-WindowsXP=86-ENU" Firefox ver 3.6.12 Install ver 4.22.0.0

All Replies (2)

more options

Do a malware check with some malware scan programs.
You need to scan with all programs because each program detects different malware.
Make sure that you update each program to get the latest version of the database before doing a scan.

See also "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked and What to do when searches take you to the wrong search website

If you can't fix it with the above listed scanners then you need to ask advice on one of the forums that specialize in malware removal mentioned in the Popups_not_blocked article.

more options

Check Image File Execution Key...

The following instructions involve removing registry entries, which can severely bork your computer unless you know what you're doing. Please make sure you exercise caution and proceed at your own risk.

Regedit

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]

If you were/are currently infected with AV8... you'll see keys underneath the Image File Execution such as chrome.exe, firefox.exe, opera.exe., iexplore.exe

Do NOT delete DIINXOptions or IEInstal.exe under this branch in the registry.

Delete the full key for any browser name you see there. If you look inside any one of those keys, it will show you that it routes to iesafemode.exe which is a piece of malware in and of itself

IE - Remove Chrome.exe, which specifically references iesafemode.exe

After performing this, you'll probably want to remove the actual piece of malware known as "iesafemode.exe"

32 bit - C:\windows\system32\iesafemode.exe

64 bit - C:\windows\syswow64\iesafemode.exe