Security issue with .xul overlay that redirects google results to malicious websites
There's a security issue that needs fixing: it's quite easy to be infected by an .xul overlay that redirects google results to malicious websites. Closing Firefox and deleting the corresponding folders (order by date and select the one created when you noticed the problem for the first time) and it's fixed. Those folders are located in C:\Program Files\Mozilla Firefox\extensions
This happened
Every time Firefox opened
== Some .xul overlay got installed by something
כל התגובות (3)
Hello J.F.
I believe this support article is what you need:
http://support.mozilla.com/en-US/kb/Searches+are+redirected+to+another+site
Thanks, but manually deleting the extension folder that got installed solved the problem for me.
I was just trying to let the dev know about that security issue.
I had run several anti malware / virus scans but none detected this.
Firefox doesn't allow direct installation of extensions to the C:\Program Files\Mozilla Firefox\extensions\ folder and the only extension in that folder when Firefox is installed is part of the defaut theme. Another program on your PC must have installed an extension "globally" so it would be installed in all Profiles, by dropping the "extension" into that folder - which Firefox will install on the next startup.
Do you have any more information about what was installed? Inspecting the contents of the install.rdf file usually reveals information about the source of that extensions and the .xul overlay file you are calling malicious.
One suggestion is to "lock" that C:\Program Files\Mozilla Firefox\extensions \ folder so other programs being installed on your PC can't just "drop" files into that folder. It won't affect you being able to install extensions, because every extension I have ever seen has installed to the Profile - the user has to do a command line installation to make the extension "global" - for all users.