Шукати в статтях підтримки

Остерігайтеся нападів зловмисників. Mozilla ніколи не просить вас зателефонувати, надіслати номер телефону у повідомленні або поділитися з кимось особистими даними. Будь ласка, повідомте про підозрілі дії за допомогою меню “Повідомити про зловживання”

Докладніше

Ця тема перенесена в архів. Якщо вам потрібна допомога, запитайте.

Trojan script detected in Firefox folder

  • 1 відповідь
  • 5 мають цю проблему
  • 1 перегляд
  • Остання відповідь від James

more options

Hello, Microsoft Defender did a scan tonight and apparently detected a trojan script, located in the folders for Firefox extensions for both profiles I use on my computer

Trojan description: Trojan:Script/Wacatac.B!ml

Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[default profile]\extensions\[email protected] C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[second profile]\extensions\[email protected]

This scan happened at 9pm, and a previous scan at 6pm didn't show anything. When it detected the script, MS Defender contained it and apparently deleted it when it asked me to restart the computer, I then did a full offline scan and nothing else showed up, same with a full scan with the free version of Malwarebytes. I didn't do anything unusual between 6pm and 9pm, so I'd like to know if there's a way to determine whether that script was an actual threat (instead of a false alarm)? If so, any way to know how long it has been on my computer? Any further risks to take into consideration? Other steps to follow? Thanks for the help

Hello, Microsoft Defender did a scan tonight and apparently detected a trojan script, located in the folders for Firefox extensions for both profiles I use on my computer Trojan description: Trojan:Script/Wacatac.B!ml Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[default profile]\extensions\[email protected] C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[second profile]\extensions\[email protected] This scan happened at 9pm, and a previous scan at 6pm didn't show anything. When it detected the script, MS Defender contained it and apparently deleted it when it asked me to restart the computer, I then did a full offline scan and nothing else showed up, same with a full scan with the free version of Malwarebytes. I didn't do anything unusual between 6pm and 9pm, so I'd like to know if there's a way to determine whether that script was an actual threat (instead of a false alarm)? If so, any way to know how long it has been on my computer? Any further risks to take into consideration? Other steps to follow? Thanks for the help

Обране рішення

This is very likely a false positive as only Windows Defender has been reported here to find language packs to be infected.

Language packs are simply used for the language of the user interface in Firefox like the menus and such and does not have active code. Language packs are also another way to have one Firefox install but be able to switch the UI to other languages.

This page lists the Language Packs and Dictionaries (used with spell checker) you can add to Firefox. https://addons.mozilla.org/firefox/language-tools/

Читати цю відповідь у контексті 👍 0

Усі відповіді (1)

more options

Вибране рішення

This is very likely a false positive as only Windows Defender has been reported here to find language packs to be infected.

Language packs are simply used for the language of the user interface in Firefox like the menus and such and does not have active code. Language packs are also another way to have one Firefox install but be able to switch the UI to other languages.

This page lists the Language Packs and Dictionaries (used with spell checker) you can add to Firefox. https://addons.mozilla.org/firefox/language-tools/

Змінено James