Computers Internet problem: Firefox Web Browsers to route users to one of a several different bizarre sounding search engines rather than to the destination typed into the address bar.
Malicious search engines
Among the malicious search destinations Firefox sends users to are:
- meta.7search.com
- clinkingclicks.com
- searchkismet.com
There isn’t much information available online about these sites, but Trend Micro says that these are malicious pages based on “Web reputation.” These sites could steal passwords and other personal information, hijack clicks and present other uncertain dangers.
Introducing z 4.6.7.7
CPG’s Windows support team suggests that users avoid clicking on any pages that result from a surreptitious redirect to these and similar Web sites, especially when using Mozilla Firefox.
The problem with these redirected links seems to be a rogue Firefox extension (or add-on) called z 4.6.7.7 which apparently installs itself from cracks and keygen programs downloaded from the Internet. Like many computers Internet problems, this particular issues seems to be directly associated with misconduct online.
According to Mozilla, the first reports of this extension have come just this week, so there is not much known about its origins at the time.
Because z 4.6.7.7 is a legitimate add-on to Firefox, Microsoft Security Essentials and other anti-virus programs do not detect it as a problem, although Windows users with third party Internet security software may block the rogue redirection pages from loading inside Firefox.
Take action now
The first step in dealing with z 4.6.7.7 is to disable it in Firefox.
In Firefox 4.0.1, click on the Firefox tab at the top left corner and then click the “Add-ons” option from the menu (you can also click CTRL + SHIFT + A).
Click “Extensions” on the menu on the left side of the screen and then scroll down to the bottom until you find z 4.6.7.7. When you have found this entry on the list, click the “Disable” button and then choose the option to restart Firefox.
Removing z 4.6.7.7
Now that the add-on is disabled, the Firefox Windows 7 problem is basically solved; you will no longer be redirected through a malicious search engine. However, as long as the add-on remains on your system, it is a threat because it could become re-enabled.
Uninstalling z 4.6.7.7 is challenging because it does not offer an “uninstall” option. To get this done, follow these steps:
1. Close Firefox
2. Open Windows Explorer and browse to your Firefox installation directory in the Windows 7 Program Files folder (Usually C:Program FilesMozilla Firefoxextensions)
3. Locate and remove the z 4.6.7.7 extension folder. This sounds easier than it is because the extension folders have long names with letters and numbers. Look for a folder named {2e597055-9f17-6e46-b54d-c8f21ee2e48e}. This is the rogue extension’s file repository.
In the case where the extension has installed with a different folder name, look for a folder with a recent date. If you have added several extensions lately, you may have to cut these out and paste them to your desktop one at a time, starting Firefox each time until you remove the z 4.6.7.7 folder through a trial and error process.
Extra protection
I advocate the use of the hosts file as a layer of protection. By routing malicious Web destinations to your localhost (127.0.0.1), you can make sure that your system will not load any of these malicious search sites. For example, a hosts entry to neutralize meta7 would look like this:
127.0.0.1 meta.7search.com
If you are interested, you can try one of the many host file management programs and subscription services that are currently available online.
Learn more about Firefox with Firefox For Dummies
Thanks a lot for the info and the suggestion.
I found out the z 4677 problem when firefox crashed for no specific reason after installing several add ons. the problem existed after I disabled all of the add ons. I think I didn’t see the z 4677 until I ran fox in safe mode.
Thank you so much…although the folder name was different from the one you suggested here, I looked for a folder with a recent date and deleted it Voila….issue resolved. Mozilla should take steps to prevent such add-on entries (z 4.6.7.7)
Steve,
I’m glad this worked out for you!
Carl
I too was dealing with the z problem, and your instructions helped me weed out the proper folder and remove it as well. Thanks so much!
I found it named {4906996c-9d3d-a455-8c1c-2b4314772a71}
Thank very much for the kind help !
I, too, had issues with Z. I’m an IT Manager for my office and do *not* practice illegal activities online, so I have no idea where this came from… (But not from using cracking programs, etc.!)
It’s easy to disable Z — but more difficult to get rid of it. I used this method:
I typed:
about:support
…in the Address line (and hit enter). I located Z under extensions and copied the full name in the ID area. Then I went to Program Files > Mozilla Firefox > extensions and DELETED the file.
When I restarted Firefox, the extension was *gone*! (woo hoo)
I got this tonight with a version 4.6.8.5 or something. Firefox asked me if I wanted to install it. I have been connecting a lot of games with my iPhone to my Facebook so I can’t pinpoint which one it might be. I usually only use apps with good ratings but some of them didn’t have ratings yet. Firefox at least asked me first and I decided to look it up. Kind of bummed, I don’t know what “thing” it is but it does seem to be Java related and I installed the Reel Deal Slots on FB recently and that’s the only thing I remember that used Java and requested to install something. Reel Deal, I thought was a big name software that was safe so it might be something else. Malware in the past has always come from some fake demo that into my Java. I am not looking forward to going back to a cleaner install of Windows and getting rid of apps/changing passwords, but I think that’s what you should do. There are sites like Majorgeeks that will help you get a log file they can inspect for Malware. I might do that, they were very helpful before when Malware installed and I thought it was too late to fix.
OH…there was a Windows theme I got and didn’t like that it had an installer. I backed out of it, but it kept asking me if I still wanted to change my home page, etc. I unchecked everything and eventually it said “are you sure you don’t want to install” and that was most definitely the culprit. That was the last thing I did, I remember now. It was like Windows 7 themes . com or something. I didn’t trust the site, but Web of Trust said it was ok but a few ratings were because of the adware and I thought that’s fine you can just NOT install it but unfortunately this was malicious or it wouldn’t still have installed something. The theme I think was X-Games or something and was very small…But I ran the stupid exe file, which seemed to explain well that you could opt out but by then it’s too late. Ugh.