Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Windows defender detected a Trojan

  • 5 uphendule
  • 0 zinale nkinga
  • 1390 views
  • Igcine ukuphendulwa ngu wafeyo2691

wafeyo2691
wafeyo2691
more options

Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.A (And also something related to gzip I’m sorry that I didn’t take a screenshot of the message but I completely freaked out and deleted it immediately after scanning with the other AVs). I installed malwarebytes and Avast and did a full scan they returned with a no malware has been detected. In the moment I panicked and immediately deleted the file (I should’ve uploaded to virustotal to see its behavior and what it can do and change to my PC if it is indeed malicious). Then I did a full rescan using Microsoft defender and it returned with a 0 threats found. However, I only went to a couple of websites recently which as far as I know are safe such as msi, cpuid, I don’t go to shady websites plus I have ublock origins as an Adblock. My question is as follows how much percentage wise this Trojan is a false positive and if it is a virus how much damage it did (the thing that got me freaked out is that it’s a meterpreter)

Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.A (And also something related to gzip I’m sorry that I didn’t take a screenshot of the message but I completely freaked out and deleted it immediately after scanning with the other AVs). I installed malwarebytes and Avast and did a full scan they returned with a no malware has been detected. In the moment I panicked and immediately deleted the file (I should’ve uploaded to virustotal to see its behavior and what it can do and change to my PC if it is indeed malicious). Then I did a full rescan using Microsoft defender and it returned with a 0 threats found. However, I only went to a couple of websites recently which as far as I know are safe such as msi, cpuid, I don’t go to shady websites plus I have ublock origins as an Adblock. My question is as follows how much percentage wise this Trojan is a false positive and if it is a virus how much damage it did (the thing that got me freaked out is that it’s a meterpreter)

Isisombululo esikhethiwe

That is a file in the Firefox cache and that shouldn't be a problem. We regularly get reports that A/V software detect a Trojan in a cache file and there is usually no need to worry.

We had an article about this, but is was for old Firefox versions and the steps for clearing the cache are outdated.

"Clear the Cache":

Funda le mpendulo ngokuhambisana nalesi sihloko 👍 2

All Replies (5)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Isisombululo Esikhethiwe

That is a file in the Firefox cache and that shouldn't be a problem. We regularly get reports that A/V software detect a Trojan in a cache file and there is usually no need to worry.

We had an article about this, but is was for old Firefox versions and the steps for clearing the cache are outdated.

"Clear the Cache":

James
James
  • Top 25 Contributor
  • Moderator
more options

wafeyo2691 said
Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.

You are not infected if this was only found in the Cache folder as it is harmless there if left there. It will either get overwritten over time as Cache gets used or deleted if you clear the Cache.

wafeyo2691
wafeyo2691 Umnikazi wombuzo
more options

James said

wafeyo2691 said
Recently I did a full scan with Microsoft defender and it detected a file in the “firefox/profiles../cache2/entries” as a trojan:PowerShell/Meterpreter.

You are not infected if this was only found in the Cache folder as it is harmless there if left there. It will either get overwritten over time as Cache gets used or deleted if you clear the Cache.

Glad to hear this thank you very much!

wafeyo2691
wafeyo2691 Umnikazi wombuzo
more options

Dropa said
When was the last time the software Defender was updated? By default the Browser has nothing of that in it. And then the question is where did you get that version of Firefox. And that detections seems to be from the site not from the Browser or O/S itself. Never install more then one Antivirus your asking for trouble and they will block each other allowing malware/virus to infect you computer. So pick on A/V only to use. The Detection is through the A/V program not Firefox so you need to contact Microsoft Defender support and ask them this question.

The antivirus is updated to I suppose its most recent database. Plus Firefox was downloaded from the official mozilla website (which is the same as this webpage). However not all are real time protection only one is and the other is just to have another point of view when scanning a file. Anyway, thanks man for the help.

wafeyo2691
wafeyo2691 Umnikazi wombuzo
more options

cor-el said
That is a file in the Firefox cache and that shouldn't be a problem. We regularly get reports that A/V software detect a Trojan in a cache file and there is usually no need to worry. We had an article about this, but is was for old Firefox versions and the steps for clearing the cache are outdated. "Clear the Cache":

Glad to hear that it’s a false positive, it caught me off guard because It was very strange and I was ready to nuke the whole OS. However, I think everything is good now. Thank you very much, have a great day.