Fake Firefox Update Virus

October 24, 2010 at 19:06:52
Specs: Windows Vista
Yesterday I was tricked into downloading and installing a fake update for Firefox. As soon as the deed was done my computer was rendered useless. The internet is completely blocked out, WMP won't play, anti-virus programs and anti-malware programs cannot be run. Restore my PC from a checkpoint didn't work and I tried deleting some evil files (which I found in the temp folder) with safe mode on but they just respawned themselves.

I have no copy of Windows in order to reformat and I have a lot of important data that I risk losing.

Please help me

See More: Fake Firefox Update Virus

Report •

October 25, 2010 at 15:04:16
Remove the drive & slave it to another comp.

Run Malwarebytes' Anti-Malware
Error codes
Common Issues, Questions, and their Solutions, Frequently Asked Questions.
VIPRE Rescue Program
Try it in Safe mode.
If it won't run, rename the downloaded mbam-setup.exe file to mb.exe to help work around certain malware that will block it from being run.
If it still will not run.
1: Go to Control Panel > Programs and Features and uninstall Malwarebytes.
Next redownload Malwarebytes but rename it before you download it to your desktop. As you are in the process of downloading when you get to the point that the "enter name of file to save to" box appears, in the "filename" slot, rename mbam-setup.exe to something.exe, then click Save.
If it installed but will not run, navigate to this folder:
2: C:\Programs Files\Malwarebytes' AntiMalware
At the top of the page, Tools > Folder Options > View, click > Show hidden files and folders and untick > Hide extensions for known file types.
How to see hidden files in Windows
Rename all the .exe files in the Malwarebytes' Anti-Malware folder and try to run it again.
When it opens, update 1st.
If it won't update after installing, update manually.
Download & install.

Report •

October 25, 2010 at 21:55:04
I have a similar situation to PurpleMonkey. I saw the same screen (I think) on Saturday about a flash update I believe. Avira and Ad-Aware both detected something on their own and took action. I downloaded Malwarebytes and installed it without incident. I ran it, took action, but it said some infections could not be removed. I have the log file. My computer is not necessarily rendered useless, but I get an error message every time that I attempt to open Firefox. It reads, "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." and a file path in the bar at the top of the window which is too long for it even to fully appear, but starts out with "C:\Program Files\Java\jre6\lib\deploy\jqs\ff\..."

Report •

October 25, 2010 at 22:42:28
I also just found out that I get an error message when opening Adobe Acrobat which has the same "Windows cannot open..." error message and "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe".

Now, just to be clear, both Firefox and Acrobat will open. But, these error messages appear as well and they did not before the fake update incident.

Report •

Related Solutions

October 26, 2010 at 21:09:01
I have exactly the same symptoms as PM, caused in exactly the same way. MalwareBytes was also recommended to me. I couldn't open it, but eventually worked out John's tip above, and changed the programme name. This allowed me to open it. I ran it, it found some infected registry keys (HKEY), deleted them, and all the problems remained!
Any tips?

Report •

October 26, 2010 at 21:18:40
solipsist3, the badies are always ahead, putting the exact error/infection message into google is the trick.

Try this as your next move.


Report •

December 23, 2010 at 17:13:27
I had the same problem last night - I downloaded the alleged Firefox upgrade and my computer went crazy. I could run only half the programs and I could only get on the "AntiVirus Scan, Inc" website - whether I tried to get online or not. I tried Ccleaner and removed two registry entries. Booted up in safe mode and tried Malwarebyte and removed some entries and tried spybot but spybot crashed. But still had the same problems.

Finally, my last hope, was to restore the registry. You could do it with Ccleaner but I did it with Windows Restore. And it worked perfectly!!!!!

I have to thank everyone on this post for your information and helping me. And don't forget... computers make your life easier and fun. LOL.

Report •

Ask Question