Closed Bug 1615925 Opened 4 years ago Closed 4 years ago

Unknown add-on injecting srchoperatetool.info into any search engine page

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Version:
73 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1616217

People

(Reporter: sem276, Unassigned)

Details

Attachments

(1 file)

Firefox_support.txt
24.95 KB, text/plain
Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36

Steps to reproduce:

In any search engine (google, bing, ...), look for a web site

Actual results:

Search fails with a web page entitled: Did Not Connect: Potential Security Issue

The message also includes the following paragraphs:

"Firefox detected an issue and did not continue to srchoperatetool.info. The website is either misconfigured or your computer clock is set to the wrong time.

It’s likely the website’s certificate is expired, which prevents Firefox from connecting securely."

Expected results:

The site should have been found.

Bookmarks work okay. But, I have to use Chrome to look for web pages.

The certificate expired last week, shortly after upgrading to version 73. There is no updated certificate to be found. And I cannot delete it.

(In reply to sem276 from comment #0)

srchoperatetool.info

The only search results for that domain point to a malware infestation. Please do the following:

  1. Enter about:support into the address bar.
  2. Click the Copy text to clipboard button.
  3. Paste the clipboard contents into a text editor like Notepad and save the file.
  4. Click the Attach New File button above the description here to upload it.

This may reveal a malicious add-on that you have installed, which can then be added to the blocklist. After having done the above, see the following article to clean your system: Troubleshoot Firefox issues caused by malware | Mozilla Support

Flags: needinfo?(sem276)
Attached file Firefox_support.txt
Flags: needinfo?(sem276)

Name: Bookmark this Page
Version: 1.1
Enabled: true
ID: bookmark-this@page.xpi

I can't find any trace of this on AMO or anywhere.

Name: YouTube Download Helper
Version: 3.3
Enabled: false
ID: download.helper@youtube.com

The only add-on on AMO by that name has a different version (5.1) and ID (ydh-addon@youtube.com).

Component: Untriaged → Blocklist Policy Requests
Product: Firefox → Toolkit
Summary: srchoperatetool.info certificate expiration → Unknown add-on injecting srchoperatetool.info into any search engine page

Thank you for the report!

Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE

Before I had even submitted this report I had run Malwarebytes, spybot and an antivrus program - none of them found any errors.

No software has been downloaded or installed on my computer since I upgraded to Firefox v 3.0. It was only after the upgrade that I noticed the problem. The previous version did not have this problem.

All Firefox add-ons and plugins work fine on other browsers - I checked these, too, before submitting the report.

Any ideas? How can I downgrade to a previous version of Firefox?

Also - how is my report a "duplicate"? of what? No one has submitted a solution!

of what?

Duplicate of bug 1616217

Discussions re: add-ons can be posted to Mozilla Discourse e.g. https://discourse.mozilla.org/c/add-ons

HTH

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: