Canon EOS 40D, Canon 17-40mm ƒ4, tripod
If you like it, there’s a whole set on Flickr 😉
In the last few weeks, starting from the end of March, we noticed a strange spike in requests on the Italian support forum. The symptoms described were always the same:
Since Firefox stopped working at the same time of the Firefox 3.0.8 release, a lot of people thought that the problem was caused by the last update, so they were searching the best way to go back to a previous version.
The usual solutions were not effective: safe-mode, disable plug-ins, temporarily disable antivirus and firewall, reinstall the last version in a different folder, create a new profile.
From the beginning we were able to restrict the problem to the Windows platform, so we thought of some sort of malware. By the evidences we’ve collected so far, the problem seems to be caused by a variant of the Navipromo Adware, not identified by most of the antivirus softwares (see this virus total’s analysis).
Users found suspect files in the local %Appdata% folder (C:\Documents and Settings\%User%\Local Settings\Application Data on Windows XP, C:\Users\%user%\AppData on Windows Vista):
After killing the .exe process in Task Manager, Firefox returns to its normal behavior.
There are still two unanswered questions: