Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Ransomware in Firefox

This is a discussion on Ransomware in Firefox within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. I think I just got hit with ransomware in my browser this morning. I use Firefox in a five-months-old laptop

Closed Thread
Thread Tools Search this Thread
Old 11-26-2016, 10:55 AM   #1
Registered Member
Join Date: Jul 2010
Location: Edinburgh, UK
Posts: 16
OS: Windows 10

I think I just got hit with ransomware in my browser this morning.

I use Firefox in a five-months-old laptop running Windows 10. I clicked on a link in a Google search (and I honestly can't remember what it was now but it was to do with Excel VBA coding) and I get a new tab in my browser which was headed 'Microsoft Security Essentials'. Almost immediately a computer-voice starts up telling me I have a virus and to phone the number on the screen to 'help' me remove it. The number was a toll-free 0800 number in the USA. I live in the UK. The sneaky thing is that they also placed a dialog box on the window asking for a username and password (for what purpose it did not say) with OK and Cancel buttons. Hitting the Cancel (or the Escape key) just caused the dialog box to reappear. This obviously locked my entire Firefox session and other tabs were inaccessible. None of the normal Close Window options would work so the session was stuck.

In the main page there was what looked (as I subsequently found) to all the world like a real Security Essentials screen with all the right layout and colours etc. I had never actually heard of Security Essentials before and I discovered through using another browser (Chrome, which was not affected) that it doesn't actually run under Windows 10. On further looking at the page it became apparent that the message - much the same as the voiceover - was written by someone whose first language was not English. The implications of the text were that any banking apps on my computer had been compromised.

I'm guessing that if I did call the number from across the Atlantic they would demand money and may or may not 'fix' my computer.

I closed Firefox with Task Manger but on re-starting it the rogue page obviously reappeared as I have it set to re-open the tabs that were open when it was closed. I managed to get rid of it though. From Chrome I started something that required a new tab to be opened in my default browser, which is Firefox. Since FF was closed at the time it got fired up and it opened the requested page. Fortunately FF went into it's 'Well, this is embarrassing' routine and failed to open any of the old tabs, giving the list it thought it had before. I unticked the rogue page, clicked go and everything opened as normal.

What this long-winded introduction is coming to is this: Am I really infected with anything and are my bank and card accounts really compromised? I have run full scans using IOBit's Malware Fighter, AVG and Malwarebytes Anti-Malware and they did not report anything that looked remotely connected (basically just a few cookies and something to do with an Amazon button). I try to keep a clean machine and run Malware Fighter regularly. I downloaded the Malwarebytes specially for this. I am up to date with Windows and other Microsoft updates (e.g. Office). Should I change all my financially-connected passwords? I haven't been into any of them since this episode yet.

I'm sorry I should have thought to take a screen-grab of the dodgy page as it might have been useful for others to see but it didn't occur to me at the time in my panic to get rid of it. However, I took a note of the URL and it is (preceded by https://) z13xx03-virus.com/en/?id=MDgwMCAwODYgOTgyOA. I provide this just in case anyone recognises it - ON NO ACCOUNT OPEN IT!!

I hope someone can advise.

BillHamilton is offline  
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Proxy Server Problem
Many times when a program checks for updates, I will get the message "Unable to connect to Proxy Server. Very annoying to say the least. Can someone give me a clue as to how to fix this problem?
maynuh65 Windows 8, 8.1 Support 24 01-14-2015 11:13 AM
[SOLVED] Malicious Code Has Targeted Firefox - Please Help!
I have been experiencing abnormalities with Firefox, pages not loading correctly, erratic navigation, as well as other problems, since about 2013-04-25. It was on that day that COMODO Internet Security alerted me to several threats (I have attached those logfiles to this post), of which several...
Its Complicated Mozilla/Firefox Browsers 4 05-25-2013 10:57 AM
Mozilla re-releases Firefox 9, backs out fix causing crashes
A day after it shipped Firefox 9, Mozilla quickly released an update after backing out a bug fix that was causing some Mac, Linux and Windows browsers to crash. Mozilla issued Firefox 9.0.1 Wednesday, making one user wondering if it was bogus because it appeared hard on the heels of version 9. ...
Glaswegian Computer Security News 0 12-22-2011 12:41 PM
[SOLVED] firefox running too slow
hi from a few days ago now i have been having issues with firefox running to slow. every time i go away from the computer the screen save comes on. when i move the mouse or touch a key the screen save would go away straight away but now firefox just freezes and starts runnig too slow so i...
pezzer Mozilla/Firefox Browsers 11 02-23-2011 02:00 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Post a Question

» Site Navigation
 > FAQ
Powered by vBadvanced CMPS v3.2.3

All times are GMT -7. The time now is 12:24 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts