And just to be sure, old news but scan for the DNSChanger.
I never see an ad and have never encountered the MacKeeper sleaze.
Message was edited by: WZZZ
Hi WZZZ Thank you for your kind support, it is a great help. I tried DNS changer a few days ago and it showed no issues existed.
I have downloaded the extensions you mentioned for Firefox and will use that and see if the issue continues.
You are quite lucky to have stayed out of the MacKeeper Sleaze net, it is definately a night mare.
How do you activate the redirection warning setting noondaywitch?
Firefox > preferences > Advanced > general. tick (check) the box for "warn me when web sites try to redirect or reload the page"
This will effectively block the redirect, with FF showing a warning banner at the top with a button to allow.
Be aware that this setting can prevent some sites working; Verified by Visa is a total pain in this regard.
Hi - thank you I found and set the redirection warning. It even warned after sign into Apple and I had to accept a page redirect. Looks good for now. There was no MacKeeper embedded adverts yet.
I am quite curious what was planted into my system to allow Zoebit to redirect http: URLs to have their Mackeeper advert. All very stange.
The setting in "Tools > Options > Advanced > General" is meant as an accessibility feature, as you can see by the label of that section, so that people with disabilities or people who use screen readers do not get confused and is not meant as a safety protection to stop redirecting.
I think simply using NoScript to allow the minimum JS, or none at all, for a site to function is the way to go.
See the Quick Start Guide for Beginners.
Message was edited by: WZZZ
Thank you so much for all your kind and accurate support WZZZ, I have all the bits and pieces you recommended installed into Firefox and the MacKeeper embedded adverts are no longer present, even with http: URLs; so that is magic, thank you.
I stll wonder what was causing that issue of the embedded MacKeeper adverts, whether it was something external or or internal; perhaps I will never know.
All in all I seem to be back to normal with the website log on pages etc. Seems to be all right.
Correction: I think I've just found out that the Firefox "Warn me when..." feature may, after all, prevent redirects to other URLs, not just refreshes or redirects within a site. I'm learning the meta refresh tag, which Firefox flags, can be coded to redirect to other domains. Therefore, I think it is a useful safety feature.
Meta refresh is a legacy method of instructing a web browser to automatically refresh the current web page or frame after a given time interval, using an HTML meta element with the http-equiv parameter set to "refresh" and a content parameter giving the time interval in seconds. It is also possible to instruct the browser to fetch a different URL when the page is refreshed, by including the alternative URL in the content parameter. By setting the refresh time interval to zero (or a very low value), this allows meta refresh to be used as a method of URL redirection.
Yes I am finding the features you advise very interesting; they are quite active with Facebook, I never dreamt so many things were going on while FB was open. Also not over-riding them doesn't really interfer much with the practical use of FB in this example.
I think the meta refresh has the original function to over-ride the webpages stored by web-browsers, so rather than seeing the last visited page it forces the page to look for the latest version. I am unsure how it works for frames as I have never used that programing on my webpages: I usually use the less intrusive:
<meta http-equiv="Pragma" content="no-cache">
so that the new content is always accessable.
Usually the redirect is used for when you change the location of a page on the server for example, or update the page, the redirect sends the user to the new page. Well that's how it used to be. I haven't kept up with the latest developments; so as you point out these initially inocent functions are now being used for less desirable purposes.
I am still curious how Zoebit managed to embed their advert for MacKeeper into http://mail.com and http://cnet.com - just two examples. I was particularly concerned that because they could hack their advert into cnet.com people would think the software was supported by cnet; as usual using https://cnet.com or a proxy server and the MacKeeper advert was no longer there. I will try to ask on a website programing forum to see if I can get any feedback. When I do I will let you know.
> I am still curious how Zoebit managed to embed their advert for MacKeeper into
Here is one possibility:
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to the
disclosure of video data from another site
Description: A cross-origin issue existed in QuickTime plug-in's
handling of cross-site redirects. Visiting a maliciously crafted
website may lead to the disclosure of video data from another site.
This issue is addressed by preventing QuickTime from following cross-
site redirects. For Mac OS X v10.6 systems, this issue is addressed
in Mac OS X v10.6.7. This issue does not affect Mac OS X v10.7
CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability
Update to QT 7.7.