How To Remove "Update For Firefox 57.0" Fake Alerts (Firefox Scam)

The “Update for Firefox 57.0” page is a social engineering attack that uses JavaScript to display a fake alert stating that you need to manually update Firefox. If you click on the “Install Now” button, rather than downloading an update for your browser, you will be forced to install a malicious Firefox extension.

The “Update for Firefox 57.0” alert is displayed by malicious or hacked websites to force the users into installing malicious Firefox add-ons. The alerts generated by the malicious sites will display the following message:

Update for Firefox 57.0

Firefox requires a manual update

This update is required to ensure that you are protected on the Internet
Install now

* This update is required * Protect yourself immediately on the internet
* Internet pages are automatically examined and possibly blocked
* Increased protection against malware and viruses

These malicious sites run a JavaScript code producing a dialog box, telling you that “Authentication Required” and asking for a username and password. Clicking “Cancel” once changes it to add a tick box marked “To display this page, Firefox must send information that will repeat any action (such as a search or order confirmation) that was performed earlier” Thinking that this is the ticket out of the page, you will tick that box and click “Resend”. At this point, your tab will go into “Full Screen” mode, and you will be prompted to install a malicious extension.

If you are tricked into installing one of these malicious Firefox add-ons, your browser search engine will be hijacked or pop-up ads and unwanted advertisements will be displayed on web pages that you visit.
A typical behavior for malicious extensions installed by the “Update for Firefox 57.0” pop-up is:

Advertising banners are injected with the web pages that you are visiting.
Random web page text is turned into hyperlinks.
Browser popups appear which recommend fake updates or other software.
Your browser homepage and default search may be changed
Your browser search queries are being redirected or tracked

The below instructions are for Windows users, however we also have an Android guide and a Mac OS guide which should help clean up your device.

How to remove “Update for Firefox 57.0” Fake Alerts (Removal Guide)

This malware removal guide may appear overwhelming due to the amount of the steps and numerous programs that are being used. We have only written it this way to provide clear, detailed, and easy to understand instructions that anyone can use to remove malware for free.
Please perform all the steps in the correct order. If you have any questions or doubt at any point, STOP and ask for our assistance.

To remove the “Update for Firefox 57.0” adware, follow these steps:

STEP 1: Uninstall the malicious programs from Windows
STEP 2: Use Zemana AntiMalware Free to remove “Update for Firefox 57.0” Pop-ups
STEP 3: Use Malwarebytes to scan for Adware and Browser Hijackers
STEP 4: Double-check for malicious programs with HitmanPro
(OPTIONAL) STEP 5: Reset Mozilla Firefox to the default settings

This step is needed if the “Update for Firefox 57.0” pop-up will not allow you to close your browser or page.

Open the Task Manager by right-clicking the taskbar and then clicking Start Task Manager. Alternatively to start the Windows Task Manager, you can press Ctrl+Alt+Del and click on Task Manager or simply press on Ctrl+Shift+Esc.
Scroll through the list till you see your web browser’s process and left-click on it once so it becomes highlighted. Once you have selected the browser’s process, click on the End Task button as show in the picture below.
Your browser window should now be closed. The next time you open your browser, do not allow the browser to open the last opened page.

STEP 1: Uninstall the malicious programs from Windows

In this first step, we will try to identify and remove any malicious program that might be installed on your PC.

Go to the uninstall menu.
Windows 10 or Windows 8.1
1. To uninstall a program on Windows 10 or Windows 8, right-click on the Windows Start button and choose “Control Panel” from the pop-up menu.
2. When the “Control Panel” window opens click on the “Uninstall a program” option under “Programs” category.
Windows 7
1. If you are using Windows XP, Windows Vista or Windows 7, click the “Start” button, then click on the “Control Panel” menu option.
2. When the “Control Panel” window opens click on the “Uninstall a program” option under “Programs” category.
When the “Programs and Features” screen is displayed, scroll through the list of currently installed programs and uninstall any unwanted programs.
Known malicious programs: Browse Privately, Alpha Shoppers, Searchsbay_uninstaller, SafeFinder, Search Protect, Protected Search, TakeSave, DNS Unlocker, Cinema Plus, Price Minus, SalesPlus, New Player, MediaVideosPlayers, Browsers_Apps_Pro, PriceLEess, Pic Enhance, Sm23mS, Salus, Network System Driver, SS8, Save Daily Deals, Word Proser, Desktop Temperature Monitor, CloudScout Parental Control, Savefier, Savepass, HostSecurePlugin, CheckMeUp or HD-V2.2.

The malicious program may have a different name on your computer. To view the most recently installed programs, you can click on the “Installed On” column to sort your program by the installation date. Scroll through the list, and uninstall any unwanted or unknown programs.

If you cannot find any unwanted programs on your computer, you can proceed with the next step.

If you are having issues while trying to uninstall a program, you can use Revo Uninstaller to completely remove this unwanted program from Windows.

STEP 2: Use Zemana AntiMalware Free to remove “Update for Firefox 57.0” Pop-ups

Zemana AntiMalware is a free malware scanner which can detect malicious programs that your antivirus has failed to find.

You can download Zemana AntiMalware Free from the below link:
ZEMANA ANTIMALWARE FREE DOWNLOAD LINK (This link open a new webpage from where you can download “Zemana AntiMalware Free”)
Double-click on the file named “Zemana.AntiMalware.Setup.exe” to start the installation of Zemana AntiMalware.

You may be presented with a User Account Control dialog asking you if you want to run this file. If this happens, you should click “Yes” to continue with the installation.
Click on the “Next” button, to install Zemana AntiMalware on your computer.

When you reach the “Select Additional Tasks” screen, you can opt-out the “Enable Real Time Protection” option, then click on the “Next” button.
When Zemana AntiMalware will start, click on the “Scan” button.
Zemana AntiMalware will now scan computer for malicious files. This process can take up to 10 minutes.
When Zemana AntiMalware has finished it will display a list of all the malware that the program found. Click on the “Next” button, to remove the malicious files from your computer.

Zemana AntiMalware will now start to remove all the malicious programs from your computer. When the process is complete, you may need to restart your computer.

STEP 3: Use Malwarebytes to scan for Adware and Browser Hijackers

Malwarebytes is a powerful on-demand scanner which will remove the Update for Firefox 57.0 redirect from your PC. It is important to note that Malwarebytes will run alongside antivirus software without conflicts.

You can download download Malwarebytes from the below link.
MALWAREBYTES DOWNLOAD LINK (This link open a new page from where you can download “Malwarebytes”)
When Malwarebytes has finished downloading, double-click on the “mb3-setup-consumer” file to install Malwarebytes on your computer.

You may be presented with an User Account Control pop-up asking if you want to allow Malwarebytes to make changes to your device. If this happens, you should click “Yes” to continue with the installation.
When the Malwarebytes installation begins, you will see the Malwarebytes Setup Wizard which will guide you through the installation process.

To install Malwarebytes on your machine, keep following the prompts by clicking the “Next” button.
Once installed, Malwarebytes will automatically start and update the antivirus database. To start a system scan you can click on the “Scan Now” button.
Malwarebytes will now start scanning your computer for malicious programs.
This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
When the scan has completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected.
To remove the malicious programs that Malwarebytes has found, click on the “Quarantine Selected” button.
Malwarebytes will now quarantine all the malicious files and registry keys that it has found.
To complete the malware removal process, Malwarebytes may ask you to restart your computer.

When the malware removal process is complete, you can close Malwarebytes and continue with the rest of the instructions.

STEP 4: Double-check for malicious programs with HitmanPro

HitmanPro finds and removes malware, adware, bots, and other threats that even the best antivirus suite can oftentimes miss. It’s designed to run alongside your antivirus suite, firewall, and other security tools.

You can download HitmanPro from the below link:
HITMANPRO DOWNLOAD LINK (This link will open a new web page from where you can download “HitmanPro”)
When HitmanPro has finished downloading, double-click on the “hitmanpro” file to install this program on your computer.

You may be presented with an User Account Control pop-up asking if you want to allow HitmanPro to make changes to your device. If this happens, you should click “Yes” to continue with the installation.
When the program starts you will be presented with the start screen as shown below. Now click on the Next button to continue with the scan process.
HitmanPro will now begin to scan your computer for malware.
When it has finished it will display a list of all the malware that the program found as shown in the image below. Click on the “Next” button, to remove malware.
Click on the “Activate free license” button to begin the free 30 days trial, and remove all the malicious files from your computer.

When the process is complete, you can close HitmanPro and continue with the rest of the instructions.

(OPTIONAL) STEP 5: Reset Mozilla Firefox to the default settings

If you are still experiencing issues with the “Update for Firefox 57.0” redirect we will need to reset your browser to its default settings.
This step needs to be performed only if your issues have not been solved by the previous steps.

The reset feature fixes many issues by restoring Firefox to its factory default state while saving your essential information like bookmarks, passwords, web form auto-fill information, browsing history and open tabs.

In the upper-right corner of the Firefox window, click the Firefox menu button (), then click on the “Help” () button.
From the Help menu, choose Troubleshooting Information.
If you’re unable to access the Help menu, type about:support in your address bar to bring up the Troubleshooting information page.
Click the “Refresh Firefox” button in the upper-right corner of the “Troubleshooting Information” page.
To continue, click on the “Refresh Firefox” button in the new confirmation window that opens.
Firefox will close itself and will revert to its default settings. When it’s done, a window will list the information that was imported. Click on the “Finish“.

Your old Firefox profile will be placed on your desktop in a folder named “Old Firefox Data“. If the reset didn’t fix your problem you can restore some of the information not saved by copying files to the new profile that was created. If you don’t need this folder any longer, you should delete it as it contains sensitive information.

Your web browser should now be free of the “Update for Firefox 57.0” adware.
If you are still experiencing problems while trying to remove “Update for Firefox 57.0” redirect from your PC, please do one of the following:

Run a system scan with Emsisoft Emergency Kit
Ask for help in our Malware Removal Assistance for Windows forum.

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

Stop and verify before you click, log in, download, or pay.

Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.

Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.

Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.

Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.

Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.

Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.

Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).

Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.

Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.

Move quickly. Speed matters for disputes, account recovery, and limiting damage.
- Stop payments and contact: do not send more money or respond to the scammer.
- Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
- Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
- Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
- Scan your device: remove suspicious apps or extensions, then run a full malware scan.
- Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
- Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.

How to remove “Update for Firefox 57.0” Fake Alerts (Firefox Scam)