Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I got a "Firefox security alert: Firefox has found critical process activity on your system" and a recommendation to download and install setup.exe from a website antispyware02.co.cc Is this legitimate or an attempt to corrupt my system?

  • 12 cavab
  • 685 have this problem
  • 2 views
  • Last reply by WhippetRun

more options

There was also a window showing various viruses (e.g., Trojan Horse IRC/Backdoor.SdBot4.FRV) and threat level medium/high. I have an Apple desktop running MAC OS X version 10.6.4 and have never seen a message of this type before. Any help would be much appreciated.

There was also a window showing various viruses (e.g., Trojan Horse IRC/Backdoor.SdBot4.FRV) and threat level medium/high. I have an Apple desktop running MAC OS X version 10.6.4 and have never seen a message of this type before. Any help would be much appreciated.

All Replies (12)

more options

You should never respond to such a pop-up alert. That is the way to get malware. That window that you see is an animation downloaded from the server.

Anyway that link will download a setup file for Windows and won't run on a Mac.

more options

Thanks for your prompt response. The message was in a new Firefox window, not a pop-up alert. Can I safely close the window and ignore it? I have not downloaded the file setup.exe because it looked like a windows file and I didn't trust it.

more options

I had this happen too. See uploaded screenshot. It seems not real so I didnt download the binary file that pops up.

Modified by nhaman

more options

Let's say a person does click this link, then realizes their mistake and deletes this file setup.exe before running it. Should that person be safe?

more options

If you do not run the setup file or your anti-virus software blocked it then you should be safe.

You can (should) still do an anti-virus check in case you have picked up other malware.
See "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked

more options

How does this window get through to us? I also had this happen and I was on a yahoo group page getting ready to reject a improperly listed post..suddenly my browser closed and a window pop up was on my desktop with the message above, I closed it and the browser came back up with that red page which appeared to be scanning...I just closed the browser completely and searched for help which brought me here.

more options

I had the same thing. DON'T CLICK ANYTHING. Just close the box.. TRUST your anti virus and never click on these random popups. If in doubt, scan your system with your own anti virus product.

more options

Whenever you find this kind of thing please use Help > Report Web Forgery.... See here for more information.

more options

I've just got a version of this pop-up. I can't close the box, nor quit firefox, and I cannot restart computer as it says I have to quit firefox first. Should I do a force quit? I'm using an ibook. From what you say above, do I not need to worry as it won't infect a mac? Thanks!

more options

You can do a force quit and delete the files sessionstore.js and possibly sessionstore.bak as well in the Firefox Profile Folder to prevent Session Restore from reopening that web page.

Mac: /Users/<user>/Library/Application Support/Firefox/Profiles/<profile>/

Modified by cor-el

more options

thank you! I'll give it a go now

more options

I have to admit, it is very clever. I just got it today trying to get a 9.11 photo I was like "hmm.. maybe it is something new with the newest version of Firefox" and clicked it to start scanning once I saw it "find stuff" I was like "wait.. I have norton running a scan everyday & monitoring it. I closed out the window. I am glad that you said that you had to click the "download" to get the malware. But again.. I have to admit this one was very clever I have to tip my hat to them.? I will report the site to mozilla. PS.. I am running a system scan now just in case so far- nothing it usually picks these up earlier in the scan so I think it is still the same - you have to click the "download the file".

Modified by WhippetRun