Jump to content

Trojan in Mozzila extension


Fablo
 Share

Recommended Posts

Hello, I am protected by Kaspersky Internet Security again since a few days. A year I was with Bitdefender and I must say no thanks never again with it.

Yesterday I did a system scan and it found 2 "trojans" in the mozzila folder.

True;injection.js;injection.js; C:\Users\Fablo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}. xpi/;HEUR:Trojan.Script.Generic;HEUR:Trojan.Script.Generic;11.04.2021 11:30;Deleted

and

True;{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi;{DB981CCA-088E-4731-A4A2-2FE218703C0E}. xpi; C:\Users\Fablo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\;HEUR:Trojan.Script.Generic;11.04.2021 11:30;Deleted

Should I be worried that passwords and logins have been stolen?
What exactly did I catch?

Translated with www.DeepL.com/Translator (free version)

Link to comment
Share on other sites

During the scan, some downloads from Chip were reported and deleted.

 

True;camstudio_CB-DL-Manager.exe;camstudio_CB-DL-Manager.exe;C:\Users\Fablo\Downloads\;not-a-virus:HEUR:Downloader.Win32.DownloaderGuide.gen;not-a-virus:HEUR:Downloader.Win32.DownloaderGuide.gen;04/11/2021 03:18;Deleted

True;Recuva - CHIP installer from 03/29/2021 f7e7685f9aede6553d132b6bb44faef3.exe;Recuva - CHIP installer from 03/29/2021 f7e7685f9aede6553d132b6bb44faef3. exe;C:\Users\Fablo\Downloads\;not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen;not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen;04/11/2021 03:18;Deleted

True;TestDisk PhotoRec - CHIP installer dated 29/03/2021 680a65724068da6259225e291a937f30.exe;TestDisk PhotoRec - CHIP installer dated 29/03/2021 680a65724068da6259225e291a937f30. exe;C:\Users\Fablo\Downloads\;not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen;not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen;04/11/2021 03:18;Deleted

True;R Studio - CHIP installer dated 29/03/2021 b82b1509d693c877d7cc954cf0add94f.exe;R Studio - CHIP installer dated 29/03/2021 b82b1509d693c877d7cc954cf0add94f. exe;C:\Users\Fablo\Downloads\;not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen;not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen;04/11/2021 11:32;Deleted

True;DuplicateMediaFinder_FREE_x32_v8.001_Setup_CB-DL-Manager.exe;DuplicateMediaFinder_FREE_x32_v8.001_Setup_CB-DL-Manager. exe;C:\Users\Fablo\Downloads\;not-a-virus:HEUR:Downloader.Win32.DownloaderGuide.gen;not-a-virus:HEUR:Downloader.Win32.DownloaderGuide.gen;11.04.2021 11:32;Deleted

 

I have Malwarebyte scanning right now, then I will scan again with Kaspersky.

Should I worry that my passwords have been stolen?

Translated with www.DeepL.com/Translator (free version)

Link to comment
Share on other sites

Hello if you can tell me where I can see this?
Kaspersky has moved everything to quarantine


Regards


Hello,

Let’s search the extensions related to {ec8030f7-c20a-464f-9b0e-13a3a9e97384}

C:\Users\Fablo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{DB981CCA-088E-4731-A4A2-2FE218703C0E}. xpi/ .

For example,

Tell us what addone is involved in this problem.

Or, tell us what addone has broken after KIS delete its js file. Thanks.

Regards.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.