为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

firefox upgrade triggers AVG malware detection

  • 5 个回答
  • 11 人有此问题
  • 5 次查看
  • 最后回复者为 dewood

more options

A firefox upgrade screen appeared indicating an upgrade was needed for both firefox and flash.

The notice is from "http:// firefox .perl.sh/" and requests the download of the file "firefox-update.exe"

My virus detection program detected a malware file as the firefox-update program was run.

I then stopped the program and put all the detected files into AVGs virus vault.

I've never had anything like this come up on updating firefox.

I could not find a revision history to double check on line.

I have the update executable saved and the page this came from is still open in a tab.

Hairs went up on the back of my neck, so I looked a bit further.

Any help you could give me would be appreciated

edited by a moderator to make that address not clickable

A firefox upgrade screen appeared indicating an upgrade was needed for both firefox and flash. The notice is from "http:// firefox .perl.sh/" and requests the download of the file "firefox-update.exe" My virus detection program detected a malware file as the firefox-update program was run. I then stopped the program and put all the detected files into AVGs virus vault. I've never had anything like this come up on updating firefox. I could not find a revision history to double check on line. I have the update executable saved and the page this came from is still open in a tab. Hairs went up on the back of my neck, so I looked a bit further. Any help you could give me would be appreciated ''edited by a moderator to make that address not clickable''

由the-edmeister于修改

所有回复 (5)

more options

That is a fake update web page, not a legitimate Mozilla URL. I just reported it as a Web Forgery.

When you come across a page like that, you can report it yourself using Help > Report Web Forgery

more options

Ok, in the past I only remember seeing a page resembling this after the update has been completed. Having one come up to prompt an update was new to me. But things change, and it did look good.

I was hooked and reeled in.

I figure I'll get more of these; at the very least I figure they have my IP address.

Thanks for your help, I gotta go and blow away some stuff before any accidents happen.

Cheers, Dave W.

more options

Don't assume a web page is legitimate just because Firefox or Mozilla appear somewhere in the address bar, especially when it isn't a secure HTTPS connection. There's a lot of fakes out there, and as soon as SafeBrowsing "flags" as URL as a fake, another appears to replace it. IMO, that URL won't last 24 to 48 hours before it becomes useless for that type of exploit, and they replace it with another that either Google has to find on its' own or it gets reported by an alert user and that one is then blocked.

I doubt if they are targeting users by IP address. They're probably targeting Firefox users by reading the UserAgent and then doing re-direct to fake pages like that via JavaScript.

My advice is to install NoScript, at least for the redirect alert bar.
https://addons.mozilla.org/en-US/firefox/addon/722
http://noscript.net/

Another thing I forgot to mention, Firefox updates aren't packaged in an .exe file, Mozilla delivers them via a .mar file that installs automatically only from an "authorized" mirror website. There's no external "file handling" for the user with a Firefox update.

由the-edmeister于修改

more options

Always use "Help > Check for Updates" to update Firefox and never via a link on a web page, unless you install a full version from the official Mozilla website.

more options

Thanks Everybody!