virus: fake firefox update

[FrankJ01]

Just now, when I opened firefox, a dialog appears indicating my firefox browser is out of date and ask me to click ACCEPT to update. I clicked and then a file 'Updater_Setup.exe' is downloaded and saved. I run the file trying to update. The what happens is completely different from my previous firefox updates.
when I run the downloaded file, a dialog appears indicating a program 'Premium Installer' by TINY INSTALLER is going to run; I click run, then a dialog saying " thank you for choosing our software" I click get started, it comes out another dialog indicating "Express Install 'you are less than 30 seconds away!". I continued, the SW seems trying to install a serial of tools such as Mixi Dj. Definitely, this is not a firefox update. I am wondering whether this Updater_Setup.exe is a virus, malware? Thanks

[James]

I am wondering whether this Updater_Setup.exe is a virus, malware?

Yes it is. They are exploiting the popularity of Firefox in tricking (inexperienced) users into installing malware.

Firefox updates are never done by way of .exe especially since Firefox is not just for Windows but for Mac OSX and Linux also, from Mozilla. Is is done as a update in Firefox (say Help->About Firefox) or by download from mozilla.org

You may want uninstall whatever you just installed and clean your computer.

Malwarebytes, > http://www.malwarebytes.org/mbam.php
Super AntiSpyware > http://www.superantispyware.com/
Ad-Aware > http://www.lavasoftusa.com/software/adaware/
Spybot, Search & Destroy > http://www.safer-networking.org/en/index.html
Avast, > http://www.avast.com/eng/download-avast-home.html

If these don't find it or can't clear it,
post in one of these forums for specialized malware removal help:
http://forums.tomcoyote.org/index.php?showforum=27
http://bleepingcomputer.com/
http://www.spywareinfoforum.com/
http://forum.aumha.org/
_________________
Thanks to Daifne for the original list.

[tombetz]

Definitely malware. My wife downloaded it during a Chrome session the other day, a drive-by download from a pwned patch.com server, near as I can make out. Fortunately, both Chrome and her antivirus raised a stink, and she came and got me before damage could be done.

[vpwvpw]

yep. I downloaded it too. I saw the tiny installer and stopped right there. Norton said it was safe though!

[malliz]

Norton is a pile of compost the fact it didn't detect anything is no surprise

[James]

Well to be fair I have upload a few variants of these so called Updater_Setup.exe to virustotal and often only a small number gave any indications.

[Miragnon]

Yeah, I got this exact same thing just yesterday or so. It just popped up on my screen in a way that didn't look quite like the way my actual Firefox has always notified me of new updates, so I held back and didn't accept it right away.

I took a look at the URL and it looked only slightly fishy, but eerily close to what looked like a proper firefox address. But the clincher for me was when I moused up to "Help" and then "About Firefox", where it always notifies me of an actual Firefox update, and it said there was nothing new.

So I closed down the pop-up and ignored the whole thing. The moral of the story seems to me: Get to know the proper channels of how legitimate things are done, and then refer back to those when in doubt. Follow the yellow brick road.

[snazzmaster64]

i keep getting tabs popping open about firefox updates that clearly are not firefox updates. i know not to open anything from them of course, but i dont know what to do to make them stop popping up.

ive looked up different things to do, but nothing's really made any difference. ive run scans on my computer with microsoft security essentials, and its not picking anything up. the only program that i can think of that may have put something on my computer i uninstalled as one article suggested and i reset my the advanced settings in my firefox browser as another suggested.
still getting these pages popping open around.

suggestions?

[yo-dt]

I have tried many "scan for virus" products and finally determined it was a Firefox virus that was causing all the unwanted pop-ups. I had its current version and cleared any malicious Add-ons to no avail
Here is how I solved it:
I downloaded CHROME. Then I deleted Folder = Mozilla Firefox in Drive C in Folder = Program Files. This delete did not remove any passwords or bookmarks. Then using CHROME I downloaded and installed Mozilla Firefox.
Magically, the pop-up viruses disappeared.

[LIMPET235]

FWIW...
There are no virii or malware included in the "official versions" of Firefox which are D/L'd from the mozilla.org/.com site.

Locking this due to the age of the original post.