This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I keep getting a pop up window that says "Urgent Firefox Update"download now. The website address is https://ohchuk...81e4778b.html. Is this from Firefox?

  • 1 svar
  • 6 har dette problemet
  • 2 views
  • Siste svar av John99

more options

I am using a public library computer, so I can't check the security settings.

The website address that is sending this pop up window, is https://ohchuk...81e4778b.html

Is this an actual update from Firefox, or is this a phony?

I am using a public library computer, so I can't check the security settings. The website address that is sending this pop up window, is https://ohchuk...81e4778b.html Is this an actual update from Firefox, or is this a phony?

All Replies (1)

more options

As you say this is malware. Do not run or open the file.

We are trying to find our more about this. The trojan could be particularly dangerous and possibly able to reside in the memory and registry without using files, that makes it dificult to detect and remove.

There are two things you could do.

  1. First just in case you are infected with this malware use a specific removal tool. (Only necessary if the file may have run)
  2. Second if you would like to help us see if you can catch the actual advert and its details. (The orange splash screen in a full page of its own does not help as the malware keeps changing the site it uses for that)

Note the removal tool will tell you if you if it does not find anything. If it does find something it will generate a log file. It would be interesting to see the content of the log file if one is generated. It is probably safer and good policy not to use an Admin account for day to day computer work and ordinary Browsing, however note you do need to run the removal tool from an Admin account.

These are the instructions for catching the ad information

{#c16}If ... affected users) could tell us what the ad URLs are, that would be helpful.
They would need to right-click on the ad image, choose "This Frame -> View Frame Info", and copy/paste the following info:
General tab: Address (URL)
Media tab: Location (URL) of each item in the list of media in that frame.
This will help us isolate the affected ad networks so we can contact them and inform them of the malware.
Thanks!