Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

Learn More

이 쓰레드는 보존되었습니다. 만약 도움이 필요하시면 새로운 질문을 올려주세요.

Trojan script detected in Firefox folder

  • 1 답장
  • 5 이 문제를 만남
  • 1 보기
  • 최종 답변자: James

kiw17
kiw17
more options

Hello, Microsoft Defender did a scan tonight and apparently detected a trojan script, located in the folders for Firefox extensions for both profiles I use on my computer

Trojan description: Trojan:Script/Wacatac.B!ml

Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[default profile]\extensions\langpack-fr@firefox.mozilla.org.xpi C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[second profile]\extensions\langpack-fr@firefox.mozilla.org.xpi

This scan happened at 9pm, and a previous scan at 6pm didn't show anything. When it detected the script, MS Defender contained it and apparently deleted it when it asked me to restart the computer, I then did a full offline scan and nothing else showed up, same with a full scan with the free version of Malwarebytes. I didn't do anything unusual between 6pm and 9pm, so I'd like to know if there's a way to determine whether that script was an actual threat (instead of a false alarm)? If so, any way to know how long it has been on my computer? Any further risks to take into consideration? Other steps to follow? Thanks for the help

Hello, Microsoft Defender did a scan tonight and apparently detected a trojan script, located in the folders for Firefox extensions for both profiles I use on my computer Trojan description: Trojan:Script/Wacatac.B!ml Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[default profile]\extensions\langpack-fr@firefox.mozilla.org.xpi C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[second profile]\extensions\langpack-fr@firefox.mozilla.org.xpi This scan happened at 9pm, and a previous scan at 6pm didn't show anything. When it detected the script, MS Defender contained it and apparently deleted it when it asked me to restart the computer, I then did a full offline scan and nothing else showed up, same with a full scan with the free version of Malwarebytes. I didn't do anything unusual between 6pm and 9pm, so I'd like to know if there's a way to determine whether that script was an actual threat (instead of a false alarm)? If so, any way to know how long it has been on my computer? Any further risks to take into consideration? Other steps to follow? Thanks for the help

선택된 해결법

This is very likely a false positive as only Windows Defender has been reported here to find language packs to be infected.

Language packs are simply used for the language of the user interface in Firefox like the menus and such and does not have active code. Language packs are also another way to have one Firefox install but be able to switch the UI to other languages.

This page lists the Language Packs and Dictionaries (used with spell checker) you can add to Firefox. https://addons.mozilla.org/firefox/language-tools/

문맥에 따라 이 답변을 읽어주세요 👍 0

모든 댓글 (1)

James
James
  • Top 25 Contributor
  • Moderator
more options

선택된 해결법

This is very likely a false positive as only Windows Defender has been reported here to find language packs to be infected.

Language packs are simply used for the language of the user interface in Firefox like the menus and such and does not have active code. Language packs are also another way to have one Firefox install but be able to switch the UI to other languages.

This page lists the Language Packs and Dictionaries (used with spell checker) you can add to Firefox. https://addons.mozilla.org/firefox/language-tools/

글쓴이 James 수정일시