
Trojan found by Windows Defender in Malwarebytes browsergaurd add on folder
Hello, Microsoft Defender apparently detected a trojan, located in the folders for the Firefox extension Malwarebytes Browserguard Trojan description: Trojan:Win32/Nibtse.c!tsk
Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\funknkwf.default-release\storage\default\moz-extension+++e79e5938-419b-4a5b-b39a-e884d7347fb1\idb\2325712684IbDdB-FBiDl-eesgSatro.files\15301 C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\funknkwf.default-release\storage\default\moz-extension+++e79e5938-419b-4a5b-b39a-e884d7347fb1\idb\2325712684IbDdB-FBiDl-eesgSatro.files\15301->(ZStandard)
Is this a false positive?
All Replies (8)
Then that is a Extension issue not a Firefox browser issue.
Defender has certainly done false positives with Firefox related things before.
What extension is it claiming to find a trojan with?
Also check for definition updates in the antivirus client in case it has been fixed.
James said
Defender has certainly done false positives with Firefox related things before. What extension is it claiming to find a trojan with? Also check for definition updates in the antivirus client in case it has been fixed.
It was Malwarebytes Browser Guard
The Malwarebytes Browser Guard has caused websites to break. One thread has a mention of not being able to install this extension in Firefox however this is the only thread I find in the last thirty days for a antivirus to claim the extension to have a trojan.
Hi all,
I'm having a similar problem, but not with Malwarebytes picking it up but Microsoft Defender on it's own picking it up.
Windows Defender found this on my computer today and cannot quarantine it. Is this a false positive? It keeps happening every few days. April 10, 24, 25, and today May 2, 2025.
Detected: Trojan:Win32/Nibtse.c!tsk Date: 5/2/2025 10:20 AM Details: This program is dangerous and executes commands from an attacker. Affected items: file: C:\Users\(User)\AppData\Roaming\Mozilla\Firefox\Profiles\bw9vh0zb.default-release-1695587126457\storage\default\moz-extension+++5848b6ef-91e1-4c34-9a65-151f6b2c30b4\idb\2325712684IbDdB-FBiDl-eesgSatro.files\86729 Thank you.
Modified
Hi all, I'm having the same problem, but not with Malwarebytes Browser Guard, but Microsoft Defender keeps picking it up.
Microsoft Defender found this on my computer today and cannot quarantine it. Is this a false positive? It keeps happening every few days. The first time on April 10, 24, 25 and again today, May 2, 2025.
Detected: Trojan:Win32/Nibtse.c!tsk Date: 5/2/2025 10:20 AM Details: This program is dangerous and executes commands from an attacker. Affected items: file: C:\Users\(User)\AppData\Roaming\Mozilla\Firefox\Profiles\bw9vh0zb.default-release-1695587126457\storage\default\moz-extension+++5848b6ef-91e1-4c34-9a65-151f6b2c30b4\idb\2325712684IbDdB-FBiDl-eesgSatro.files\86729
Jennifer said
Hi all, I'm having the same problem, but not with Malwarebytes Browser Guard, but Microsoft Defender keeps picking it up. Microsoft Defender found this on my computer today and cannot quarantine it. Is this a false positive? It keeps happening every few days. The first time on April 10, 24, 25 and again today, May 2, 2025. Detected: Trojan:Win32/Nibtse.c!tsk Date: 5/2/2025 10:20 AM Details: This program is dangerous and executes commands from an attacker. Affected items: file: C:\Users\(User)\AppData\Roaming\Mozilla\Firefox\Profiles\bw9vh0zb.default-release-1695587126457\storage\default\moz-extension+++5848b6ef-91e1-4c34-9a65-151f6b2c30b4\idb\2325712684IbDdB-FBiDl-eesgSatro.files\86729
Did you check which extension is causing the issue? My apologies if you already have/know how to. But, if you don't press crtl+shift+a, then click the settings gear icon when the manage extensions page opens, then click debug add-ons. Then find the Internal UUID that matches this number: 5848b6ef-91e1-4c34-9a65-151f6b2c30b4\idb\2325712684IbDdB
Thanks you for telling me how to do this. It is the Malware Browser Guard extension. So do you think it might be a false positive?