Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Trojan found in Firefox outbound

  • 3 답장
  • 0 이 문제를 만남
  • 1 보기
  • 최종 답변자: moot

more options

Malwarebytes www.malwarebytes.com

-Log Details- Protection Event Date: 9/17/23 Protection Event Time: 10:05 PM Log File: e55f632c-55c7-11ee-9964-c0335ec686ce.json

-Software Information- Version: 4.6.2.281 Components Version: 1.0.2131 Update Package Version: 1.0.75413 License: Premium

-System Information- OS: Windows 10 (Build 19045.3448) CPU: x64 File System: NTFS User: System

-Blocked Website Details- Malicious Website: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data- Category: Trojan Domain: IP Address: 64.190.63.111 Port: 80 Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe

Is Mozilla Firefox using SEDO GmbH, sedo.com?


-- You can lead a horse to water, but you can't make 'em think!

Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/17/23 Protection Event Time: 10:05 PM Log File: e55f632c-55c7-11ee-9964-c0335ec686ce.json -Software Information- Version: 4.6.2.281 Components Version: 1.0.2131 Update Package Version: 1.0.75413 License: Premium -System Information- OS: Windows 10 (Build 19045.3448) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: IP Address: 64.190.63.111 Port: 80 Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe Is Mozilla Firefox using SEDO GmbH, sedo.com? ---------------------------------------------------- -- You can lead a horse to water, but you can't make 'em think!

모든 댓글 (3)

more options

Dropa said

You should provide the actual log report so others can view it not cut and paste log errors.

Maybe you should provide some direction as to what log you want to see... and how I should prepare it. This the only information I have. I have reached out to Malwarebytes and opened a ticket...


-- You can lead a horse to water, but you can't make 'em think!

more options

You can use the about:networking tool to see whether that gives information about this IP. You can open "about:" pages via the location/address bar. The "about:" protocol is used to access special pages. You can find all available about pages listed on the about:about page.

See also:

more options

Thank you cor-el for the info... I'm looking through that now. I have also found other post with the similar issues. Most are from older versions of FF... I am updated and running newest ver... Now, I am on another workstation and found this history: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/13/23 Protection Event Time: 4:18 PM Log File: a601d514-5272-11ee-a924-1866da125437.json -Software Information- Version: 4.6.2.281 Components Version: 1.0.2131 Update Package Version: 1.0.75227 License: Premium -System Information- OS: Windows 10 (Build 19045.3324) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: IP Address: 2620:1ec:bdf::41 Port: 443 Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe

The above threat was blocked four days before the blocked site reported above... and this is when I logged into my FF Account on this workstation.

Using the suggestions from your (cor-el) post, I looked at the about:networking and have not found the IP's... The address from this one is on an encrypted port, the other blocked IP was on an unencrypted port...

What I find in common is that the threat is Outbound... and was initiated by FF on it's own...

I've been doing this for ~50 years... retired MIS/IT administrator... background as programmer, Software Development Manager, etc, etc... Things have changed quite a bit and I'm am struggling to keep up...

I appreciate any and all help I can get... I'm sure there is someone out there that knows much more about this issue...


-- You can lead a horse to water, but you can't make 'em think!