Firefox-patch.js virus removal: block ‘Urgent Firefox update’ popup

Learn how to get rid of a browser virus redirecting to rogue Firefox update pages and displaying firefox-patch.js popups that distribute malicious software.

In pursuit of new malware proliferation vectors, cybercriminals have come to employ a mix of social engineering and adware-backed techniques. This compound tactic has a high infection rate, because victims end up on a legit-looking page that pushes a presumable “urgent Firefox update“. The fake website is designed quite professionally, featuring the right logo and background color. The brainwashing continues with a misleading popup dialog that appears out of the blue. It recommends the user to save a file named firefox-patch.js and then run this JavaScript object to start the purported update process. This routine, however, promotes anything but the genuine patch. It can be a piece of ransomware that will hold all personal files hostage until the prey pays up. The JS-based workflow can also be a springboard for the intrusion of spyware, banking Trojans and other harmful cyber artifacts.

So much for the human manipulation part of this breach. This phase is preceded by purely technical interference that exploits software rather than one’s gullibility. The targeted computer starts misbehaving because of a browser hijacker that meddles with DNS values and custom Internet navigation settings. The goal is to redirect web traffic to predefined pages that host the bogus “urgent Firefox update” scam. The crooks behind this scheme are smart enough to leverage a fast flux technique, where the URLs of the fraudulent sites keep changing at short intervals. Some of the latest domains include aayeiiclub.com, iegeeagrupemonos.com, pohkawpvideomaster.org, and teiniwahmo.org. These are all SSL-protected pages signed with valid certificates, so the browser won’t blacklist and block them.

The browser hijacker involved in this intricate stratagem infects computers through software bundling or drive-by downloads. The former method presupposes the inclusion of potentially unwanted apps in installation clients for regular applications. The latter engages inconspicuous scripts that trigger the trespass chain behind the scenes while a user is on a compromised website. Regardless of the malware deployment route, the upshot is the same – the victim will be encountering browser diverts that recurrently return the fake Firefox update page. In summary, it’s recommended to abstain from saving and launching the phony firefox-patch.js file. Keep in mind that the browser vendor does not use this kind of tactic to roll out its real updates. When confronted with these annoying redirects and popups, users should focus on removing the perpetrating code from their systems.

Automated removal of firefox-patch.js virus

Owing to an up-to-date database of malware signatures and intelligent behavioral detection, the recommended software can quickly locate the infection, eradicate it and remediate all harmful changes. So go ahead and do the following:

1. Download and install the antimalware tool. Open the solution and have it check your PC for PUPs and other types of malicious software by clicking the Start Computer Scan button

Download firefox-patch.js virus remover

2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.

Use Control Panel to get rid of firefox-patch.js popup virus

• Open up the Control Panel from your Start menu in Windows and select Uninstall a program

• To facilitate the process of locating the threat, sort the programs list by date to get the latest ones displayed at the very top. Look for unfamiliar entries under the Name column. When the likely crapware is found, click Uninstall and follow further directions to get the removal done.
<

Restore web browser settings to their original defaults

In the circumstances of a complex browser hijack like this, executing a reset makes the most sense despite a few obvious downsides. Customizations such as saved passwords, bookmarked pages etc. will be gone, but so will all the changes made by the potentially unwanted program. The instructions below address the workflow for the web browsers most targeted by firefox-patch.js virus.

Reset Mozilla Firefox

• Open Firefox, type about:support in the URL area and press Enter. Alternatively, you can click on the Open menu icon in the top right-hand part of the browser window, then select the Help option and proceed to Troubleshooting Information

• On the Troubleshooting Information screen, spot the Refresh Firefox button and click on it

• Follow subsequent directions to reset Firefox to its original settings

• Restart the browser.

Reset Google Chrome

• Open Chrome, expand the Customize and control Google Chrome menu and choose Settings

• Scroll down the settings screen and click Advanced down at the bottom

• Move on to the Reset and clean up sub-section and select the option that says Restore settings to their original defaults

• Finally, confirm the restoration by clicking Reset settings on the warning message

• Restart Chrome.

Reset Internet Explorer

• Select Internet options under IE’s Tools (Alt+X)

• Proceed by clicking on Advanced tab, then select Reset

• To confirm the intended changes, click Reset on the Reset Internet Explorer Settings screen after ascertaining that the Delete personal settings checkbox is enabled

• Reboot the machine to fully implement the fix.

Reset Safari

• Go to the Safari menu and select Preferences

• When on the Preferences screen, select the Privacy tab and hit the Remove All Website Data button if you are up to erasing all website data stored on your Mac. Otherwise, you can use a site-specific removal option described below

• A dialog will appear, asking you to validate your choice. Click the Remove Now button if you are sure. Be advised this will log you out of online services and undo personalized web browser settings such as saved passwords, etc.

• Safari also allows deleting data for specific sites rather than all sites in general. To use this option, click the Details button under Privacy tab

• Select the websites for which you would like to erase data and click the Remove button

• Click the Done button to confirm and exit. You can also select the Remove All option to remove all data stored by the listed websites.

Revise your security status

Post-factum assessment of the accuracy component in malware removal scenarios is a great habit that prevents the comeback of harmful code or replication of its unattended fractions. Make sure you are good to go by running an additional safety checkup.

Download Urgent Firefox update popup removal tool