jthodgson
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Urgent Firefox Update Scam
in Resolved Malware Removal Logs
Posted · Edited by celee
disable potentially malicious URLs
I have just fallen for the "Urgent Firefox Update" scam, and not only downloaded the JavaScript but run it! It was when this opened a terminal window and started running something that I realised it was some sort of malware. At this point, I disconnected my computer from the Internet and ran Malwarebytes. This detected three suspicious files which I quarantined. The corresponding Malwarebytes log is attached.
I then, following the advice at:
https://malwaretips.com/blogs/remove-fake-urgent-firefox-update-virus/
ran AdwCleaner and HitmanPro (see HitmanPro_20170705_1523.log) which deleted a whole bunch of cookies and an executable which I believe to be, in fact, benign (it has been on my system without causing problems for a year or more). I then updated and reran Malwarebytes, which then found no threats.
My concern is whether I can safely continue to use the machine, or if there is anything I can do to ensure that there is no residual threat lurking somewhere. I'm running the latest version of Windows 10 on a Microsoft surface pro 3.
In case this is relevant the source of the rogue software (retrieved from my browsing history) appears to be
https://odahxvisitezmonsite.com/2051415340379/1499254195619138/firefox-update.js
and
https://odahxvisitezmonsite.com/2051415340379/1499254195619138/firefox-patch.js
Immediately prior to receiving the "Urgent Firefox Update" message the webpage I was on was
https://www.thoughtco.com/photoshop-clone-stamp-tool-tutorial-1697534
Any advice would be welcome!
malware.txt
HitmanPro_20170705_1523.log