Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.
prefs.js keeps popping up as a malware threat
Hello, My Avast Free Antivirus keeps alerting me of the following file that it declares as an Advanced persistent threat. Please see the attached screenshot.
All Replies (3)
I was having the same issue except I have a different path in which pref.js files are created.
From few minutes I'm not getting any popup anymore but Firefox is not redirecting me in any site I wanna. It's not working at all. What is happening?
Okulungisiwe ngu notSoYoung
Hi, this seems to be affecting numerous Avast/AVG users. For background:
(1) prefs.js is a file that stores customized settings
- Add-on IDs -- connects an add-on installed in your Firefox with its local storage files
- URLs -- including any custom home page, pinned shortcuts on the new tab page, and numerous URLs used for background updates
At this point, I haven't seen a post identifying exactly what setting is causing the detection. If someone is very comfortable reading a quarantined file in a text editor -- don't double-click prefs.js because your OS may execute it as a system script -- we could learn more by searching for "vbs" or any other know indications of this attack.
Related Reddit thread: https://www.reddit.com/r/firefox/comments/tk9w7l/corrupt_prefsjs_files_virus_related/
(2) Try running in Firefox's Troubleshoot Mode
In Troubleshoot Mode, Firefox disables all add-ons temporarily, which provides breathing room to take a closer look at those.
If Firefox is running:
You can restart Firefox in Safe/Troubleshoot Mode using either:
- "3-bar" menu button > Help > Troubleshoot Mode... (before Fx88: Restart with Add-ons Disabled)
- (menu bar) Help menu > Troubleshoot Mode... (before Fx88: Restart with Add-ons Disabled)
and OK the restart. A small dialog should appear. Click the Open button (before Fx88: "Start in Safe Mode" button).
If Firefox is not running:
Hold down the Shift key when starting Firefox. (On Mac, hold down the option/alt key instead of the Shift key.) A small dialog should appear. Click the Open button (before Fx88: "Start in Safe Mode" button).
You can view, disable, and often remove unwanted or unknown extensions on the Add-ons page. Either:
- Ctrl+Shift+a (Mac: Command+Shift+a)
- "3-bar" menu button (or Tools menu) > Add-ons
- type or paste about:addons in the address bar and press Enter/Return
In the left column of the Add-ons page, click Extensions. On the right side, find the "Manage Your Extensions" heading.
If there is at least one extension before the next heading -- "Recommended Extensions" -- please continue:
Then cast a critical eye over the list below that heading. Any extensions Firefox installs for built-in features are hidden from this page, so everything listed here is your choice (and your responsibility) to manage. Anything suspicious or that you just do not remember installing or why? If in doubt, disable (or remove). For your privacy and security, don't let mystery programs linger here.
Anything unexpected there?
This was a False Positive according to Avast.
Okulungisiwe ngu James