Thanks to a fake “protection” virus installed automatically by Firefox, I’m on my laptop while trying to save my regular computer.
I not only did not install this virus, I didn’t install anything. Firefox did the dirty work of the virus authors — ostensibly a site called wips.com.
I’m not alone. Other Firefox users are furious about this:
I never manually updated this addon. The original addon that I installed a couple years ago didn’t have spyware. Is there a way that I can check to see when this addon was updated? I was just thinking “Phew, I never updated it till it magically updated on its own today, so I would have had the old non-spyware one for all this time and been fine”, but then I thought, crap, what about those times when firefox updates, and it says it will search for updates for your plugins so they work with this new version of firefox. Perhaps one of those times it updated the plugin to the bad one.
Is there a way that I can see a history of firefox update/plugin updates? If I could know the times it got updated (if any), and the versions etc, then I would know if I had the spyware one for a year or not.
I trusted firefox, and I never thought of the idea of a plugin going rogue, because I’ve never heard of that happening till now.
I have now turned off automatic updates in firefox and set it to manual. This is usually a level of distrust I reserve for Microsoft, but since firefox is allowing addons to turn into spyware, automatic updates are a security risk imo.
Grrr.
UPDATE: As Firefox would open nothing, before doing anything else (I did not click the “NO THANKS,” which is what the virus writers want you to do) I restarted my computer, I ran Malwarebytes Anti-Malware, which found the following viruses:
Everything seems to work, so I’m hoping I got lucky. I also turned off Firefox’s automatic update feature and switched it to manual.
MORE: What’s really discouraging about this is the realization that your browser can be infected by its own updates. I mean, those guys are supposed to be experts, right?
How can they possibly allow their own browser to be disabled by updates coming from them?
(OTOH, since these companies are already compromising their users’ privacy by letting in the government snoops, it would seem that they’ve already abandoned the idea of security, so why should they care?)
Comments
8 responses to “Is it time to get rid of Firefox?”
When some pop-up I don’t want won’t let me close it with the “x” at the upper right, I go into task manager and “stop process”.
I never click “Are you sure you want to close this windo?” buttons.
If it reopens when I restart Firefox, I stop the process again, turn off the wifi, restart Firefox, “reload” the window if it pops up again and then, when it comes up without any data, close it.
I’m a very paranoid person.
Good advice. This was no mere popup, though. My Firefox browser was completely disabled by it. So I switched to Chrome to Google the problem, and right after I visited a site supposedly telling me how to get rid of it, Google no longer worked in Chrome. That put the fear of God in me, and I took immediate action.
Actually, even clicking on the X can install some of these viruses. Best thing to do is shut down and immediately run Malwarebytes.
I have Firefox, and to the best of my knowledge I do not have this problem- yet? However, I have seen the Babylon software before. It got installed when I downloaded software for viewing sports TV online. I got rid of Babylon,but it took some doing.
I have McAfee for anti-virus etc. Perhaps it took care of the issue.
I will take Veeshir’s and your experiences into account: shut down the computer when there is a problem, and click on nothing.
From the Forum discussion, it appears this got automatically added with other extensions. Ad-Block is the only extension I am currently using.
Comcast provides Norton. I have Malware and Spybot. And Avast for more incoming protection. So far I have not had any serious intrusion problems and Malware rarely picks up anything these days – same for Spybot.
They used to turn up at least one a week. And sometimes 3 or 4. I do use Spybot’s vaccination program which supposedly puts anti virus locks on the most critical files – browsers.
I haven’t seen this one yet. I just turned off automatic updates just in case. Possibly Zone Alarm caught it? There seems to be a new generation of spam out there. I received a legitimate-looking email purportedly from Wells Fargo. It contained a zip file which contained what claimed to be a .pdf document. Which was a .exe file. Which Zone Alarm caught before it could run. We’ve come a long way from the lost Nigerian V1agrO fortune.
Malwarebytes and Spybot S&D are my go to weapons; they usually work. However, when someone hacked my router last year (don’t ask), I burned ComboFix onto write-proof digital media. It finally got the rootkit’s fingernails to let go so that the above mentioned software could scrub it. I highly recommend it.
It’s also worthwhile to create a multi-book pendrive containing a buttload of antivirus/antimalware software, such as the ones found here:
Acronis Antimalware CD
AOSS (Malware Scanner) system\stage1
AVG Rescue CD (Antivirus Scanner)
AVIRA AntiVir Rescue CD (Virus Scanner) ; does install to root of drive
Bitdefender Rescue Disk (Antivirus Scanner)
Comodo Rescue Disk (Antivirus Scanner)
Dr.Web Live CD boot\module\drweb_bases.dwm
F-Secure Rescue CD
GDATA Rescue CD
Kaspersky Rescue Disk (Antivirus Scanner)
Panda SafeCD
Windows Defender Offline
==================
What can I say? I’ve gotten extra paranoid about malware.