How do I report a security problem to Firefox?

Here's the problem: <br />
Wednesday morning my Mac at home got infected by malware which I believe is usually called the "Google redirect virus". My Mac at home has been upgraded to OSX 10.6.7 and I believe I was using Firefox 3.6.13 (it automatically upgraded tonight). I haven't been able to find any useful information on line about this malware. <br />
The behavior after infection was that every time I tried to use Google my request would get redirected. If I entered www.google.com in the address bar, the URL would get changed to www.google.com/FuneralHomes/<something> and the browser would try to go there and a "Under Construction" error message or a no-such-page message would be returned. This started happening after I did a Google search and was checking various links in Firefox, but once it started in Firefox I got the same behavior in Safari even without using Safari to look at any links. And it continued to happen in Safari even after I did a "Reset Safari..." <br />
When I got infected I was using a non-adminstrator account and I was not asked to download anything nor was I prompted for a password. <br />
I searched on "Google redirect Mac virus" using my (so far) untouched work computer and found several suggestions but no solutions. Apparently this is a PC problem that's been around a few years, but there were some Mac reports from last year. So last night I checked the DNS addresses in my
Network preferences, looked at /etc/hosts, and removed the only plug-in from the Library:Internet Plug-ins of the infected account, even though it was a Picasa plug-in that predated this infection. None of those seemed to be the problem. I also scanned my disk with an up-to-date "Norton AntiVirus" which
I got from work some time ago, but it found no viruses. <br />
What really puzzles me is that the problem gradually went away while I was checking it last night. At first, when I entered www.google.com the browser would still show the redirected address in the prompt that comes up and it had the Legacy.com logo on the left instead of the Google one but it would actually go to the Google website (unless I'm being spoofed). Then at a later attempt, only the wrong logo persisted. Then at an even later attempt the logo got fixed and everything looked fine and appeared to behave correctly. <br />
Frankly, that's a little scary. It's as if a really smart trojan got
installed and was covering its tracks while it set up a man-in-the-middle attack (please advise if I'm misusing the jargon). If I'm being too paranoid, great, but I'd still like to know how such behavior could be induced on my machine just by linking to a website. Can anyone help?
''moderator- fixed the leading space formatting errors in this posting''

Thanks, the-edmeister, but the only relevant post I found was from GB Colburn on bleepingcomputer.com, wherein he reported a similar problem about a year ago. I've found a few similar threads in the last year or so (by searching "Google redirect mac virus" in Google) but they are all about the same: someone reports the problem, responders have various random suggestions, the problem seems to go away by itself (at least sometimes), and there's nothing conclusive either good or bad.
Without myself being as knowledgeable as GB Colburn, it doesn't look to me like the problem is in the DNS system or the router. It acts more like some malware in the automatic completion in the address bar of the browser or maybe in the history system, but I can't figure out how an infection in one browser could affect another browser. And I *really* can't figure out how it could be self-healing.
It's really frustrating that none of the major parties involved in this—Firefox, Google, Safari (Apple), Verizon (my internet provider)—even have a process for reporting a security issue. At least not one that I, an ordinary semi-naive user, can find.

Similar Messages

  • How do I report a billing problem?

    I have had a transaction on my credit card that I have not purchased.

    Contact iTunes Customer support, report the issue via the iTunes Store purchase history, or contact the credit/debit card company.

  • How do I report an apparent virus to Firefox? I seem to have been infected when downloading Firefox

    I appear to have downloaded the JS/Agent.A and JS/Agent.B viruses when I downloaded Firefox. Is this possible? The evidence for this is that the virus arrived at the same time as the download, and appeared in the C:/Program files/Mozilla Firefox/chrome directory. It appears to have used Firefox to access some log-in details and reported them to a third party. I could find no way to report this directly to Firefox via the website, and would like to do so.
    == User Agent ==
    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.5; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

    Paul,
    A/V programs look for patterns in code that look suspicious to the A/V application, but the A/V program will not flag files that are known to contain that pattern if the internal A/V detection files know those specific files are part of a valid application. We usually see postings about problems like you are having immediately after a Firefox update, because the users A/V program vendor was slow adding the new Firefox files to their database and slow in sending those updates to their users. We have seen repeated problems from a few A/V vendors over the years, usually the suspected problem goes away when the user forces an update manually thru the offending A/V program.
    I can only guess that your A/V program flagged something in Firefox because it was a newly installed program, and it didn't expect it to be installed.
    As long as you are downloading Firefox from a Mozilla download mirror website, the chances are slim to none that you will get a true virus as a result of downloading and installing Firefox. Which is why you should only download Firefox from an official Mozilla web page, like this:
    http://www.mozilla.com/en-US/firefox/firefox.html
    Sorry, you had that problem.

  • How do I remove Comodo Secure DNS in Firefox? It keeps interferring with and stops me going to websites I want to see.

    I originally installed Comodo as a Firewall but then uninstalled it as I found it very annoying with the Comodo Secure DNS redirecting and stopping me going to websites I choose to go to ... the last time was for weebly.com. The firewall uninstalled OK but the Secure DNS is still active and I can't find where to disable it and remove the code.

    Hello mirth27, seek if exist something from comodo in Start > Control Panel > Programs > Programs and Features, and remove it.
    then you can seek in [http://en.wikipedia.org/wiki/Windows_Registry registry] to delete everything related to comodo, Start > type '''regedit''' into the search area > hit enter > click Yes if prompted by UAC . You are now in registry editor, go to File > Export , to make a copy of your registry in a case something goes wrong, the go to Edit > Find > type '''comodo''' and you have all the keys the program created and not deleted by uninstalling the comodo firewall, now you have to delete every key related to comodo............'''not so easy''' i think !
    http://windows.microsoft.com/en-us/windows/back-up-registry#1TC=windows-7
    thanks again

  • How do i turn off secure browsing

    how do i turn off secure browsing in firefox 7?
    some sites give me an error and wont show the full content because its on.

    Do you mean that you get an untrusted error page because of a certificate problem?
    * https://support.mozilla.com/kb/Secure+Connection+Failed
    Which particular error do you get?
    Can you attach a screenshot?
    *http://en.wikipedia.org/wiki/Screenshot
    Use a compressed image type like PNG or JPG to save the screenshot and make sure that you do not exceed the maximum file size (1 MB).

  • Security problem on below left side screen dont exist

    How can I remove the "security problem"on the below left side screen my phone lenovo A806
    PLSE HELP ME

    hannahhfoskett wrote:
     I would gladly upgrade to the next model if my contract was due!
    This has no impact on the ability to purchase a new iPhone... it simply means that the newer one will not be at a fully subsidized price.
    You could always take it to Apple and do an Out of Warranty exchange (I'm assuming the device is out of warranty) for $149 US.

  • How to create a crystal report using secured web service as a datasource?

    Hi All Expert,
    I having some challenges on how to create a report using secured web service as a datasource in crystal report designer (CR11 R3).
    Secured Web Service including the certificate trusting, token authentication, header and/or body encryption. All web services running on https protocal.
    Could you please suggest me on the solution?
    Thank you and Best Regards,
    Cherr

    Please re-post if this is still an issue or purchase a case and have a dedicated support engineer work with you directly:
    http://store.businessobjects.com/store/bobjamer/DisplayProductByTypePage&parentCategoryID=&categoryID=11522300?resid=-Z5tUwoHAiwAAA8@NLgAAAAS&rests=1254701640551

  • I got a crash report that said the Flash plug in had crashed, but when the incident actually happened, the report said that "Silverlight" had crashed; how do I know where the problem is?

    Sorry. The crash report actually said that Quick Time had crashed, not Flash, but at the time the crash actually happened, the message said that "Silverlight" had crashed. I just want to know how I can tell where the problem is so that I can try to fix it.

    That is a legitimate Mozilla newsletter. As it says in the email:
    You're receiving this email because you subscribed to receive email newsletters and information from Mozilla. If you do not wish to receive these newsletters, please click the Unsubscribe link below.
    Unsubscribe https://www.mozilla.org/en-US/newsletter/existing/ad9febcf-65ac-41fd-810b-798945f448f3/
    Modify your preferences https://www.mozilla.org/en-US/newsletter/existing/ad9febcf-65ac-41fd-810b-798945f448f3/ "

  • Need to solve serious security problem with Oracle Reports URL

    As mentioned repeatedly on this forum, Oracle Reports allows serious security breaches that allow users to see reports that they did not generate -- it's easy to guess a legal URL by changing the getjobid parameter.
    I've reviewed the JavaDocs to part of the rwrun.jar file and reviewed some of the example report plugins. This shows promise in helping to solve this security problem but critical pieces are missing.
    1) The javadocs are accurate for only 10g (9.0.4) but not correct for 10g (10.1.2+), which we are currently using. I need access to the updated version of this javadoc.
    2) Even with the updated version of the JavaDoc, I haven't found a class from which to inherit that would give me the opportunity to generate random jobid values, which then would effectively prevent users from guessing other jobid values, and thereby gaining access to other's reports (which in our cases, may contain sensitive information.
    3) We have found that we can send the parameter=value of EXPIRATION=1 which helps protect such information, but this requires that every program which invokes a report be modified to add this parameter. It would be far better for the report server to be configured to use a java class we write that inherits from some rwrun.jar class that would by default, add the EXPIRATION=1 parameter.

    Hi,
    Thanks for our replies. I will ask to an administrator about this security problem, now I know it depends of a security parameter.
    But I would know if it could be possible to hide the technical name of the query in the url. It could improve the security level of our reports in a first time in this way.
    Thanks a lot,
    JW.

  • HT4009 How do I report a problem of unauthorized in-app purchases ?!!!

    How do I report a problem with in-app purchases that I haven't authorized? It wouldn't let me through the iTunes store! Thank you.

    http://apple.com/support/itunes/contact/

  • How to report Apple a problem in software by e-mail?

    How to report Apple a problem in software by e-mail?  For example I got a problem: new version of iTunes 11.1.1 is not running at all! (uninstalled old one first) When I try to launch itunes from my laptop desktop I get this box Win7 64. I don't want to open any system files, just wish that Apple will make a program which work. Apple please!
    "The file itunes Library.itl cannot be read because it was created by a newer version of itunes" and it not run at all!!

    Hi Nick.
    If you open a free Apple Developer account you can use the bug reporter tool. However if you want to file a bug report you need to tightly identify a reproducible fault, detail the conditions in which it arises and ideally supply any workaround you have discovered.
    In other circumstances iTunes Feedback is probably the appropriate channel. Common problems should gain attention.
    Apple don't provide free technical support for iTunes. The inital point of entry for online assistance is iTunes Support. If none of the online resources help then depending on the nature of the problem, or whether you qualify through a recent purchase, or you are prepared to pay, you may be able to make use of the Contact iTunes Support service. Failing that Apple Support Communities (here) is where users share solutions with each other.
    tt2

  • TS1702 How do I report a "bad" app product to Apple? The App developer has failed to address the problem and keeps on selling a product which does not work. Surely Apple has some liability in this case or at the very least some responsibility.

    How do I report an App that is not working and the seller has not fixed the problem yet is continuing to sell it? People are being ripped off and Apple does not seem to care.

    sophiesheu wrote:
    I recently purchased a scam app (GPS map Virgin Islands) by the Kaart Data LLC.  I first emailed the developers and got a quick response: "we are sorry that you don't like the app, but we don't do refund".  I went to the "Report a Problem" link from Apple like King_Penguinsuggested, and got a response from Apple saying they will refund the whole amount and start an investigation on that app.  So it definitely worthes a try.
    Glad you got some resolution on that. I'm not familier with the app you had issues with, but the one the OP was questioning is very highly regarded and widely sold. Odds are the issue was with his iPad and he never responed to inquiries about troubleshooting (I suspect he had not tried much of anything).

  • I have received an email receipt charging me $109.99 for an app I've never heard of and definitely never downloaded. How do I report the problem and get a refund?

    I have received an email receipt charging me $109.99 for an app I've never heard of and definitely never downloaded. How do I report the problem and get a refund?

    Log into your iTunes account, then click on previous purchases then select the purchased app and then click report a problem.  Then write and explain your problem and I am sure it will be considered. 
    Also change your iTunes password as soon as possible.

  • Does anyone know how to actually report a problem to apple?

    I can't find anywhere on the support site how to report a MobileMe problem to them. They lost all of my calendars and I have no course to be made whole again. They say there is email support, but that 1 Infinite Loop thing is more than just a street address. I'm very frustrated that I can't find a way to get support for a product I pay for on a subscription basis as well as having several devices that work with it that are now handicapped by its failure. I tried calling the number and they hung up on me. I went to the store and they sent me to the website...
    I found this too:
    Email Support Currently Unavailable
    Email support is currently unavailable on the MobileMe support website. Please visit our U.S. Chat support for assistance. Chat support is available 8 a.m. to 7 p.m. central, 7 days a week.
    Message was edited by: Bill T.

    No, there's a live-chat option for MobileMe members at the bottom of this page:
    http://www.apple.com/support/mobileme/
    under this:
    *Customer Service and Technical Support*
    Get answers to your MobileMe questions and exclusive access to chat support for MobileMe members below.
    The problem is that the live-chat feature doesn't appear on page load. First you need to choose a category from the column on the left, then a topic, then the chat option comes up, although it is unavailable from 7 PM to 8 AM CST.

  • How do you update iPhone 4s for security problem without updating to iOS 7

    how do you update iphone4s for security problem without updating to ios7

    You can't.
    It is either iOS 7 or live with security error.
    Allan

Maybe you are looking for

  • HP Laserjet pro 300 ME sided printing

    Hi! I have tried everything that I can to print 2-sided on this printer.  Once in a while it works, but mostly I fail.  Today trying to print my 84 pages of Tax forms, it would send to the printer and then it would just disappear! I have tried callin

  • Displaying PDF files (stored as BLOBs in Database) using Forms 6i

    Hi, We have PDF and Word documents stored in Database (Version 8.1.7). We are using Oracle Forms 6i as User Interface. Through Forms we could view word documents which are stored in database, using OLE container. But we could not view PDF files. It w

  • Scom 2007 R2 error 31553-31552-31551

    We need help with SCOM 2007 R2 We start having a lot problems with our DW database lately, Each night between Midnight and eight in the morning, the SCOM 2007 R2 RMS server try to write and read a lots data to the SQL Server DW database. It's same we

  • Read infotype metadata

    Hello, We're building a custom (portal) view for editing PA infotypes. We configured IT metadata through transaction PM01 -> Edit Field Characteristics (Cust. Table). Now we would like to read this metadata for dynamically detmermine which fields are

  • Passivation in entity bean

    statement In an entity bean, passivation includes releasing resources as well as pushing back the data it is holding to the underlying database prior to the passivation process. Hi, when i read stateful session bean the author mentioned about passiva