I got a "Firefox security alert: Firefox has found critical process activity on your system" and a recommendation to download and install setup.exe from a website antispyware02.co.cc Is this legitimate or an attempt to corrupt my system?
There was also a window showing various viruses (e.g., Trojan Horse IRC/Backdoor.SdBot4.FRV) and threat level medium/high. I have an Apple desktop running MAC OS X version 10.6.4 and have never seen a message of this type before. Any help would be much appreciated.
All Replies (12)
You should never respond to such a pop-up alert. That is the way to get malware. That window that you see is an animation downloaded from the server.
Anyway that link will download a setup file for Windows and won't run on a Mac.
Thanks for your prompt response. The message was in a new Firefox window, not a pop-up alert. Can I safely close the window and ignore it? I have not downloaded the file setup.exe because it looked like a windows file and I didn't trust it.
I had this happen too. See uploaded screenshot. It seems not real so I didnt download the binary file that pops up.
Athraithe ag nhaman ar
Let's say a person does click this link, then realizes their mistake and deletes this file setup.exe before running it. Should that person be safe?
If you do not run the setup file or your anti-virus software blocked it then you should be safe.
You can (should) still do an anti-virus check in case you have picked up other malware.
See "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked
How does this window get through to us? I also had this happen and I was on a yahoo group page getting ready to reject a improperly listed post..suddenly my browser closed and a window pop up was on my desktop with the message above, I closed it and the browser came back up with that red page which appeared to be scanning...I just closed the browser completely and searched for help which brought me here.
I had the same thing. DON'T CLICK ANYTHING. Just close the box.. TRUST your anti virus and never click on these random popups. If in doubt, scan your system with your own anti virus product.
Whenever you find this kind of thing please use Help > Report Web Forgery.... See here for more information.
I've just got a version of this pop-up. I can't close the box, nor quit firefox, and I cannot restart computer as it says I have to quit firefox first. Should I do a force quit? I'm using an ibook. From what you say above, do I not need to worry as it won't infect a mac? Thanks!
You can do a force quit and delete the files sessionstore.js and possibly sessionstore.bak as well in the Firefox Profile Folder to prevent Session Restore from reopening that web page.
Mac: /Users/<user>/Library/Application Support/Firefox/Profiles/<profile>/
Athraithe ag cor-el ar
thank you! I'll give it a go now
I have to admit, it is very clever. I just got it today trying to get a 9.11 photo I was like "hmm.. maybe it is something new with the newest version of Firefox" and clicked it to start scanning once I saw it "find stuff" I was like "wait.. I have norton running a scan everyday & monitoring it. I closed out the window. I am glad that you said that you had to click the "download" to get the malware. But again.. I have to admit this one was very clever I have to tip my hat to them.? I will report the site to mozilla. PS.. I am running a system scan now just in case so far- nothing it usually picks these up earlier in the scan so I think it is still the same - you have to click the "download the file".
Athraithe ag WhippetRun ar