Windows defender detected a Trojan
Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.A (And also something related to gzip I’m sorry that I didn’t take a screenshot of the message but I completely freaked out and deleted it immediately after scanning with the other AVs). I installed malwarebytes and Avast and did a full scan they returned with a no malware has been detected. In the moment I panicked and immediately deleted the file (I should’ve uploaded to virustotal to see its behavior and what it can do and change to my PC if it is indeed malicious). Then I did a full rescan using Microsoft defender and it returned with a 0 threats found. However, I only went to a couple of websites recently which as far as I know are safe such as msi, cpuid, I don’t go to shady websites plus I have ublock origins as an Adblock. My question is as follows how much percentage wise this Trojan is a false positive and if it is a virus how much damage it did (the thing that got me freaked out is that it’s a meterpreter)
被選擇的解決方法
That is a file in the Firefox cache and that shouldn't be a problem. We regularly get reports that A/V software detect a Trojan in a cache file and there is usually no need to worry.
We had an article about this, but is was for old Firefox versions and the steps for clearing the cache are outdated.
"Clear the Cache":
- Settings -> Privacy & Security
Cookies and Site Data -> Clear Data -> [X] Cached Web Content -> Clear - https://support.mozilla.org/en-US/kb/how-clear-firefox-cache
所有回覆 (5)
選擇的解決方法
That is a file in the Firefox cache and that shouldn't be a problem. We regularly get reports that A/V software detect a Trojan in a cache file and there is usually no need to worry.
We had an article about this, but is was for old Firefox versions and the steps for clearing the cache are outdated.
"Clear the Cache":
- Settings -> Privacy & Security
Cookies and Site Data -> Clear Data -> [X] Cached Web Content -> Clear - https://support.mozilla.org/en-US/kb/how-clear-firefox-cache
wafeyo2691 said
Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.
You are not infected if this was only found in the Cache folder as it is harmless there if left there. It will either get overwritten over time as Cache gets used or deleted if you clear the Cache.
James said
wafeyo2691 said
Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.You are not infected if this was only found in the Cache folder as it is harmless there if left there. It will either get overwritten over time as Cache gets used or deleted if you clear the Cache.
Glad to hear this thank you very much!
Dropa said
When was the last time the software Defender was updated? By default the Browser has nothing of that in it. And then the question is where did you get that version of Firefox. And that detections seems to be from the site not from the Browser or O/S itself. Never install more then one Antivirus your asking for trouble and they will block each other allowing malware/virus to infect you computer. So pick on A/V only to use. The Detection is through the A/V program not Firefox so you need to contact Microsoft Defender support and ask them this question.
The antivirus is updated to I suppose its most recent database. Plus Firefox was downloaded from the official mozilla website (which is the same as this webpage). However not all are real time protection only one is and the other is just to have another point of view when scanning a file. Anyway, thanks man for the help.
cor-el said
That is a file in the Firefox cache and that shouldn't be a problem. We regularly get reports that A/V software detect a Trojan in a cache file and there is usually no need to worry. We had an article about this, but is was for old Firefox versions and the steps for clearing the cache are outdated. "Clear the Cache":
- Settings -> Privacy & Security
Cookies and Site Data -> Clear Data -> [X] Cached Web Content -> Clear- https://support.mozilla.org/en-US/kb/how-clear-firefox-cache
Glad to hear that it’s a false positive, it caught me off guard because It was very strange and I was ready to nuke the whole OS. However, I think everything is good now. Thank you very much, have a great day.