ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Is Firefox "ProfDta" patch 6.3.0.2 by DadarGaruda bonafide?

more options

I received notification of this patch and it appeared to be bonafide. My Norton 360 said it was safe, so I downloaded it. Now I wonder if I should have. If not, what should I do now?

I received notification of this patch and it appeared to be bonafide. My Norton 360 said it was safe, so I downloaded it. Now I wonder if I should have. If not, what should I do now?

All Replies (12)

more options

It sounds fake to me, but did you actually run it?

What other information do you have about it?

Try uploading it to this site to see whether they've scanned it: http://www.virustotal.com/

more options

I guess I ran it. I downloaded it. I really don't understand how all this works. I don't have any other information, other that the message looked authentic and Norton 360 said it was safe. How do I upload it to the virustotal site?

more options

If you get a pop-up message asking to update Firefox or plugins or scanning for malware then such a message is likely a scam and you should never respond to such an alert to avoid getting infected with malware.

  • Only update Firefox via "Help > About" or by downloading and installing Firefox from the Mozilla server and never via a pop-up or link on a web page.
  • Plugins should only be updated via the plugin itself or by visiting the home page of the plugin.
more options

I moved the download to the Recycle Bin, but I can't find the bin to get the file into the virustotal site. What do I do Now?

more options

Usually Windows 7 places an icon for the Recycle Bin on the desktop.

As another means of investigation, can you find the download URL? You can open Firefox's downloads list by pressing Ctrl+j. Then you can right-click the file and Copy Download Link, and paste that back here into a reply. Please "break" the link by putting a space in before the top level domain (e.g., before .com, .net, .org, etc.).

more options

The file isn't in the downloads list. I sent it to the recycle bin. When I right click on the file and select "Properties", the only information I get is when I downloaded it and when I sent it to the recycle bin. Can I get the URL somewhere else safely? I didn't run the file from download like I usually do. Does that mean that I'm safe, or could it have run itself when I downloaded it?

more options

I moved the file from the recycle bin to my documents folder, but I can't get it to move to the virustotal page. I'm afraid to hit the "OPEN" button when I select the file in my documents folder. Am I getting closer?

more options

If you did not run the file, then you avoided the most dangerous step.

If the file is not in the downloads list, it may have been delivered through a plugin to bypass normal methods.

If you're not comfortable using VirusTotal, that's fine.

If you check Properties for the file now that it's back in a normal location, is there any additional information available?

more options

The file came in as a download. I then moved it to the recycle bin by deleting it. Here's all the information I could find: File size: 304 KB; Type file: .exe; Language: Danish; File name: ProfDta.exe; Product version: 6.03.0002; File version: 6.3.0.2; Type: application; File description: ProfDta I couldn't find a URL, nor could I find "CopyDownloadLink" when I right-clicked the file. Do you think it will be safe to turn on the computer tomorrow, or should I get a local computer "geru" to handle that? Thanks for the help. It's past midnight here, so I have to quit for now. Should we try to connect again tomorrow? Concerning checking the file - I just can't figure out how to get it into the "enter file" line.

Modified by Dakal

more options

Oh, the URL would have come from Firefox's downloads list, but I think you said it wasn't on the list.

I have no idea what that file is.

more options

Good morning! After a few hours of sleep, I finally thought to check Firefox “History” and found the URL. It’s https://ahteetgv-europe.org/145143716472224/FirefoxPatch.exe. VirusTotal analysis said the file was “Probably harmless”, although the first two URL scanners identified the site as a “Malware site”.

more options

Thanks for that. Other threads have reported that FirefoxPatch.exe installs a ransomware virus, so please do not run it. I'm not sure why the name is different from the file you found.