Hijack or Phishing? tnctrx.com com-7gb-s6a0nru4heq.tech or rainbow-networks.com

I just had a phishing scam in my Firefox browser that tried to get me to click on a link… by saying I had a virus that needed fixed.

That’s not a big deal, but what has me concerned is that this phishing page seemed to open up in the current tab while I was typing something in the address bar!

Another thing that had me concerned is that the fake pop-up was placed over a fake web page that was designed to resemble the Microsoft.com forums. Since I was participating in the Microsoft.com forums just this week, this strikes me as either a pretty sinister attack… or just a lucky guess?

I think the attack was related to one or all of the following domains:


I was concerned that my browser had been hijacked, or that some malware had somehow been loaded on my computer (even though the only thing I installed lately was PDF Reader and Flash Player from Adobe.com).

Immediately I performed a full hard drive scan with Comodo. I also manually examined Windows Installed Programs, Windows task Scheduler, the Windows Registry, the Windows Task Monitor, Firefox/IE Browser plugins and extensions. However, I could find no trace of infection by this or any other virus/malware.

I can only concluded that some name server along the way had been compromised, or that somehow I entered the wrong address or accidentally switch tabs to a Phishing site (even though I was pasting in the address, which was to my own website).

Since there’s nothing else I can do, I wanted to see if anyone else has had this experience or if anyone knows what might be going on?

I’m running Windows 7 with updates, and Firefox 52 with Adblock Plus. (I have the full URLs I think I was redirected to, if anyone’s interested.)

Since I cannot detect any problems, I can only carry on. I might do a backup and clean reinstall. However, since I do a lot of different kinds of work on my computer, it’s as important to me to know whether or not I ever had an infection.



I’m replaying to myself since I figured it out.

I had a link in a web page I was designing with an accidental double extension: YardSaleAdventure.com.com …so when I used the link in the browser location bar it actually took me to the domain: com.com …which displays random advertisements/malware.

Really had me going, especially by happening to display a fake of the Microsoft forum I had recently visited.

Glad I figured it out though, (should’ve figured it out sooner).