Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

https://wegoobackonpointe.org/7561226569116/ Patch: firefox-patch.js 1.1kb firefor quit working and this popup patch came up. i installed it

more options

https://wegoobackonpointe.org/7561226569116/ Patch: firefox-patch.js 1.1kb is this a legitimate patch? if not, how can i remove it?

https://wegoobackonpointe.org/7561226569116/ Patch: firefox-patch.js 1.1kb is this a legitimate patch? if not, how can i remove it?

All Replies (3)

more options

You have been tricked into installing potentially very dangerous malware.

  1. Please scan your computer with all the tools listed in this article
  2. Please carefully follow the instructions and use this free special tool to remove the Kovter Trojan:
    • Trojan.Kotver Removal Tool
      That page has the file download link in it for the tool. You will need the 64bit version, as you are using 64bit Windows.
    • The tool reports if nothing is found, otherwise it produces a log file. It would be interesting to see the contents of the log file.

Any idea how you got this and what site triggered this problem ? (may be hard to figure out, time delays may be involved.)

Do you still see these popups with the orange screen ?

more options

I just noted the file size of this malware may have increased, possibly it is a new version. If you still have the file please keep it.

Please also submit the file to virustotal.com and let us have the link they provide once it is scanned. Then rename the file from firfox-patch.js to firefox-patch.js.xxx that should render it inactive.

.edit fixed virustotal url

Ilungisiwe ngu James

more options

When you are using the downloads panel (the one attached to the toolbar button), be careful not to click the download as that may execute it immediately. Instead, right-click it and choose Open Containing Folder. That will launch a file window with the unwanted download highlighted, and then you can rename it, or press the Delete key to send it to the Windows Recycle Bin.

If the download has already disappeared from the panel, the same mouse action works in the full download list (Ctrl+j or "Show All Downloads").

Once the file is displayed in Windows Explorer, Rename should be available from the context menu when you right-click the file name.

By default, Windows hides the .js and .txt extensions, making it tricky to effectively rename files. To ensure that you are in fact deactivating the dangerous script file, please set Windows to show ALL file extensions. This article has the steps: http://windows.microsoft.com/en-us/windows/show-hide-file-name-extensions

If the change is effective, Windows should change the file "type" from JScript to Text Document.