getcntr.ru hijacked firefox today
Hi - first time i got scared by malware today - opened FF and processor went crazy - so i exited it via taskman - but a second window had opened uncommanded - investigating via history clearly its a nefarious link.
i have ghostery and other protection so thankfully it seems no damage was done. but i dont know if this was phishing or what - perhaps more aggressive in fact??
posted to phishing reporting site just now - but thought i'd post here too in case other people have this problem, and to maybe learn more. going to install ublock addin after reading an earlier post.
wasn't doing anything remotely sketchy when this hit but investigating keyboard layouts at kbd-intl.narod.ru/english/layouts - which SEEMED innocent and useful enough.... but clearly that was the trigger - hibids10.com/ is also implicated - maybe i clicked on an image or something.
Additional System Details
- Shockwave Flash 29.0 r0
- User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
Let's make sure your system is clean.
You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no
Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.
It’s very sad, but many software downloaders/ installers will trick you into installing not only their program, but other programs as well.
You have heard of the fine print in shady contracts, right? Well, some installers you need to look at the itsy bitsy teeny weeny fine print.
You are thinking you are giving the installer permission to install the program you want by using the recommended option. But if you use the Manual Option Instead, you discover all kinds of stuff that you do not even know what it is or what it does.
From now on, everyone needs to Use The Manual Option to put a stop to this.
Note that these programs can also change browser/computer settings.