Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How do I get rid of "Urgent FireFox Update" scam. McAfee doesn't stop it. Superantispyware will not get rid of it. Comes from https://aijohintaste.net/677393491

  • 2 replies
  • 3 have this problem
  • 9 views
  • Last reply by sherryar

more options

I run virus scans from McAfee and Superantispyware and it still pops up as a window in FireFox

I run virus scans from McAfee and Superantispyware and it still pops up as a window in FireFox

Chosen solution

Sorry for the annoyance. This seems to be related to "malvertisements" on certain websites -- ads designed to spread malware. Your external security software should intercept the EXE and quarantine or delete it, but that won't help with the pages displaying in the first place.

Blocking (more) ads might help, for example, using an ad blocking add-on. Do you use one now? These are popular:

Another thing you might try, if these are originating from "rich media" ads, is disabling Flash from starting automatically on sites (and leaving it disabled when there isn't any Flash media you want to play).

To change Flash to "Ask to Activate" permission, open the Add-ons page using either:

  • Ctrl+Shift+a
  • "3-bar" menu button (or Tools menu) > Add-ons

In the left column, click Plugins. On the right side, find "Shockwave Flash" and change "Always Activate" to "Ask to Activate".

With this setting, when you visit a site that wants to use Flash, you should see a notification icon in the address bar and usually (but not always) one of the following: a link in a black rectangle in the page or an infobar sliding down between the toolbar area and the page.

The plugin notification icon in the address bar typically looks like a small, dark gray Lego block. When the page wants to use a blocked plugin, the icon turns red to alert you to the concern.

If you see a good reason to use Flash, and the site looks trustworthy, you can go ahead and click the notification icon in the address bar to allow Flash. You can trust the site for the time being or permanently.

But some pages use Flash only for tracking or playing ads, so if you don't see an immediate need for Flash, feel free to ignore the notification! It will just sit there in case you want to use it later.


If you want to report particular sites where you got this popup (i.e., the site with the bad ads, not the site du jour distributing the fake patch), feel free to name names, or more specifically, to paste the addresses of those pages.

Read this answer in context 👍 4

All Replies (2)

more options

Chosen Solution

Sorry for the annoyance. This seems to be related to "malvertisements" on certain websites -- ads designed to spread malware. Your external security software should intercept the EXE and quarantine or delete it, but that won't help with the pages displaying in the first place.

Blocking (more) ads might help, for example, using an ad blocking add-on. Do you use one now? These are popular:

Another thing you might try, if these are originating from "rich media" ads, is disabling Flash from starting automatically on sites (and leaving it disabled when there isn't any Flash media you want to play).

To change Flash to "Ask to Activate" permission, open the Add-ons page using either:

  • Ctrl+Shift+a
  • "3-bar" menu button (or Tools menu) > Add-ons

In the left column, click Plugins. On the right side, find "Shockwave Flash" and change "Always Activate" to "Ask to Activate".

With this setting, when you visit a site that wants to use Flash, you should see a notification icon in the address bar and usually (but not always) one of the following: a link in a black rectangle in the page or an infobar sliding down between the toolbar area and the page.

The plugin notification icon in the address bar typically looks like a small, dark gray Lego block. When the page wants to use a blocked plugin, the icon turns red to alert you to the concern.

If you see a good reason to use Flash, and the site looks trustworthy, you can go ahead and click the notification icon in the address bar to allow Flash. You can trust the site for the time being or permanently.

But some pages use Flash only for tracking or playing ads, so if you don't see an immediate need for Flash, feel free to ignore the notification! It will just sit there in case you want to use it later.


If you want to report particular sites where you got this popup (i.e., the site with the bad ads, not the site du jour distributing the fake patch), feel free to name names, or more specifically, to paste the addresses of those pages.

more options

I have Flash set to "ask." The fake update appeared when I was reading this page on the LA Times site: http://tinyurl.com/z6u6wtk.