Anyone know how to PERMANENTLY get rid of SweetIm and Blecko hijackers? Have trolled the web for answers, with no success. Guess the problem lies in the registry somewhere.

- apart from 'trolling', have you tried all the solutions Google offers? What are these problems you have? Site re-direct/toolbar/spamming - what? What do you mean by 'hijacker'?

On the firefox homepage you have a google main bar and a google in top right hand corner provided you have set google as your main search engine. When the firefox page is hijacked only the search in the top right hand corner finds google searches. The main centre page google defaults to a blecko or sweetIm search engine. Appears to be a known problem just search for "get rid of blecko". Malwarebytes, Norton, Spybot and Superantispyware do not get rid of it.

I have SweetIM on my firefox browser but i cannot remove it. it doesn't appear under Extensions or Appearances in Tools. Please help | Firefox Support Forum | Mozilla Support

Thanks for that GG. Have done all they say but its still there. Im pretty sure its not a trojan but only malware. Like I said before I think its in the registry.

I think you are saying that your 'home page'; has been hijacked by sweet1m - there is also a search engine hijack it can do but you have not described that since you say the search box is still 'Google'. It appears to be associated with 'smilies' on instant messaging like MSN and yahoo and is thought to be harmless (but annoying!). I understand from your reply that 'blecko' is also coming up as a browser page and not just a search box item?

You have done this?

1) Use Add/Remove Programs from Control Panel in Windows to remove sweet1m and blecko (if they are there)
2) In Firefox go to Tools/Add-Ons/Extensions and uninstall the SweetIM and blecko extensions (if they are there)
3) Go to your search engines and find Manage Search Engines then delete the SweetIm search engine from the list. (JUST IN CASE!)
4) In Firefox go to Tools/Options and look at the Main tab. Be sure that your home page URL has not been hijacked.

If that does not fix it, run malwarebytes in Windows Safe mode and see.

Can you report back then?

I've removed this pest from a colleagues laptop and the link in post #4 has the relevant tips that I used then:
I only had to search for 'SweetIM' and reset those values.

Thanks BOAC, have done all items 1 to 4 many times. Time to try it in safe mode as you say with malwarebytes. I think there is a program called IKILL which supposedly destroys this nuisance but am reluctant to go charging into the registry.

I'm worried now.

W7 Pro and FF 17 0 1


I like nothing on the main screen except Goo search box. Yes, the top one is there but I never use it.



The second I start typing, the box jumps to the top left. It's marked with a colourful Goo logo and over to the right is my e-mail address.

I just don't remember a new box appearing, but then my memory is somewhat suspect these days. Oh, BTW, it started doing it while I was still on FF 13

Loose rivets: That's Google's latest interface, nothing to do with Firefox or hijackers. You're seeing normal behaviour.

Phew! Thanks for that.

gemma - it sounds as if post #7 may have your answer.

Nice routine Jhieminga I've NEVER even heard of that stuff



one to store away.

Very easy answer:

(1) Delete Firefox.

(2) Use IE.

Problem sorted.

For next time, the rule to apply is:

(3) Do not download, and install, and run, any malware.

SORTED. Thanks to all and especially post No.7. Ive seen something similar to that before but not in that detail..Up yours sweetim and blecko

Gemma 10 had you followed all the stuff in the link in post #4 you would have done the about:config bit.

GG You`re right, didnt follow it right through, but thanks anyway