Jump to content

Trojan.JS.Agent.exz found inside Firefox Cache folder

Tech Reprise
By Tech Reprise
in Windows
 Share
Posted
Kaspersky just found this hidden in the Firefox cache folder and the funny part is that I don't even use Firefox that much. I didn't visit any sites on this particular Firefox except Facebook.
So, what sort of malware is this? A Trojan stealer or a dropper of some sort? I am running a Full Scan for now and I have uninstalled all the browsers incl Firefox, Chrome. 
Detection name: Trojan.JS.Agent.exz
 
Do note that
  • I don't visit any piracy websites for Games/Movies.
  • Firefox is my second browser that is used for browsing my secondary FB account.
  • I have Kaspersky extension and U Block origin on the browser.
  • No once else can touch my PC as there is a Bios password on it.

Folder where it was found: C:\Users\XXXXX\AppData\Local\Mozilla\Firefox\Profiles\i2607jtb.default-release-1739822052193\cache2\entries

 

Virustotal link: https://www(dot)virustotal(dot)com/gui/file/2cee43e2e59ade158bfe5b124c07e9e45b7a378e379a8be8bb3272b10cf344e2/detection

CPU: Ryzen 7 5700X Undervolted  Motherboard: B550 Aorus Elite V2 Rev1.2 RAM: G.Skill TridentZ Neo 3600Mhz CL16 32gb 

GPU: MSI Mech 2X RX6600 8GB Cooler: ProLab Design AI360 LC AIO Storage: WD SN770 500gb + Sn550 1Tb + MX500 1Tb + 1TB HDD

PSU: Antec EAG Pro 750 80+G Case: Deepcool CG580 WH Monitor: Benq Mobiuz EX2510 144Hz 

Mouse: G Pro Wireless Keyboard: Corsair K68 RGB Cherry MX Red Speakers: Creative Pebble V2

Link to post
Share on other sites
Posted

It might have been installed with some other extension. If it's written in Javscript, then it needed to run on some host program (browser) and it might be a keylogger.

Just remove everything created by the Firefox user profile (extensions, caches, directories) and reinstall the browser without any shady add-ons. 

Careful which uBlock you install, some of them are not the original one.

Also not sure if I trust Kaspersky, they're linked to a Russian guy who had connections with Russian intelligence.

Link to post
Share on other sites
Posted
  • Author
43 minutes ago, TudorFinalBosz said:

It might have been installed with some other extension. If it's written in Javscript, then it needed to run on some host program (browser) and it might be a keylogger.

Just remove everything created by the Firefox user profile (extensions, caches, directories) and reinstall the browser without any shady add-ons. 

Careful which uBlock you install, some of them are not the original one.

Also not sure if I trust Kaspersky, they're linked to a Russian guy who had connections with Russian intelligence.

Only extensions like I said were UBlock origin (The Original) and Kaspersky. 
I already cleared all of Firefox's files from the app and uninstalled it. 
I choose antiviruses based on rating and not popularity between masses. I had two options between Kaspersky and Bitdefender and chose the former because of overall lower system resource consumption. 

CPU: Ryzen 7 5700X Undervolted  Motherboard: B550 Aorus Elite V2 Rev1.2 RAM: G.Skill TridentZ Neo 3600Mhz CL16 32gb 

GPU: MSI Mech 2X RX6600 8GB Cooler: ProLab Design AI360 LC AIO Storage: WD SN770 500gb + Sn550 1Tb + MX500 1Tb + 1TB HDD

PSU: Antec EAG Pro 750 80+G Case: Deepcool CG580 WH Monitor: Benq Mobiuz EX2510 144Hz 

Mouse: G Pro Wireless Keyboard: Corsair K68 RGB Cherry MX Red Speakers: Creative Pebble V2

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Windows

×