Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

It's 12:30 EDT 7/18/16 -- did Firefox just send out a Patch to be downloaded and installed?

more options

I was just interrupted in my browsing by a "flash screen" which had the Firefox logo and a dialogue asking me to download a Patch. I've downloaded by not opened the patch to install it. This is the first time in decades of computer work that I've every seen anything like this. Is this a legit Firefox patch? Or some sort of hack?

All Replies (4)

more options

Probably malware do not open or run that.

I will post more details later.

more options

As you say this is malware. Do not run or open the file. What is the name of the file you received and is it a .js or .exe type: Bothe are executable and will run if you are not careful.

We are trying to find our more about this. The trojan could be particularly dangerous and possibly able to reside in the memory and registry without using files, that makes it dificult to detect and remove.

There are two things you could do.

  1. First just in case you are infected with this malware use a specific removal tool. (That's only necessary if the file may have run)
  2. Second if you would like to help us see if you can catch the actual advert and its details. (The orange splash screen in a full page of its own does not help as the malware keeps changing the site it uses for that)

Note the removal tool will tell you if you if it does not find anything. If it does find something it will generate a log file. It would be interesting to see the content of the log file if one is generated. It is probably safer and good policy not to use an Admin account for day to day computer work and ordinary Browsing, however note you do need to run the removal tool from an Admin account.

These are the instructions for catching the ad information

{#c16}If ... affected users) could tell us what the ad URLs are, that would be helpful.
They would need to right-click on the ad image, choose "This Frame -> View Frame Info", and copy/paste the following info:
General tab: Address (URL)
Media tab: Location (URL) of each item in the list of media in that frame.
This will help us isolate the affected ad networks so we can contact them and inform them of the malware.
Thanks!
more options

Did NOT run. It's a .js file. As soon as I saw the non-Firefox "logo" on the file it looked suspicious so I did not run. Will delete now.

more options

hope a solution is found soon.

Modified by cliffontheroad