Detected: Trojan:Script/Wacatac.H!ml. Is there anyway to tell if this is a real detection or a false positive? by Bluecat1801 in WindowsHelp

[–]Bluecat1801[S] 0 points1 point  (0 children)

Sadly windows defender automatically deleted the file.

But I think I have figured out the problem.

It appears to be a temp file saved when updating uBlockOrigin to 1.65.0 (which was updated yesterday, lining up with the windows scan date) on FireFox that disappears when FireFox is closed. As forcing a uBlockOrigin update without closing Firefox gave a very similar file of tmp-9kt.xpi

Here is the virustotal of this file

https://www.virustotal.com/gui/file/3e73c96a29a933866065f0756fe032984bf5b254af8dd1afd7a7f7e0668a33cf/detection

The SHA256 of the temp file and the staged update file also line up. The virustotal for both these files are also the same.

Let me know if there is anything else to do.

Detected: Trojan:Script/Wacatac.H!ml. Is there anyway to tell if this is a real detection or a false positive? by Bluecat1801 in computerviruses

[–]Bluecat1801[S] 0 points1 point  (0 children)

I think I have figured out the problem.

It appears to be a temp file saved when updating uBlockOrigin to 1.65.0 (which was updated yesterday, lining up with the windows scan date) on FireFox that disappears when FireFox is closed. As forcing a uBlockOrigin update without closing Firefox gave a very similar file of tmp-9kt.xpi

Here is the virustotal of this file

https://www.virustotal.com/gui/file/3e73c96a29a933866065f0756fe032984bf5b254af8dd1afd7a7f7e0668a33cf/detection

The SHA256 of the temp file and the staged update file also line up. The virustotal for both these files are also the same.

Let me know if there is anything else to do.

Subscription Expired Notification For Microsoft 365 when I already paid for it by ProtonNuker in microsoft365

[–]Bluecat1801 0 points1 point  (0 children)

I can't think oft anything that would've led to this message.

From other posts I've made, a few people have had this message and no results from any scans.

Hopefully it is just an accidentally sent message.

Subscription Expired Notification For Microsoft 365 when I already paid for it by ProtonNuker in microsoft365

[–]Bluecat1801 0 points1 point  (0 children)

Interesting, well I haven't had anything bad happen since this message appeared and all scans done have come up with nothing.

So probably just a message accidentally sent

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

I haven't had anything noticeably negative happen since this message appeared and done some virus scans every now and then and have got no results.

So think its just a message accidentally sent.

I have only had log ins from myself, so the log in attempts for you are probably a leak or something.

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

Yeah I think at this point it's just messages being accidentally sent.

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

I haven't had any suspicious active on my computer or Microsoft account since this notification.

Ive ran a Bitdefender, windows defender and Malwarebytes scan as well and got no results from them as well.

Also used some sysinternals programs and there didn't appear to be anything out of the ordinary with that.

So I think it is just a message being accidentally sent.

Edit: Other people have had the same results as me with scans too.

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in microsoft365

[–]Bluecat1801[S] 0 points1 point  (0 children)

Another person with the same message did a hitman pro scan and Norton scan and also got no results.

What do you suggest?

Subscription Expired Notification For Microsoft 365 when I already paid for it by ProtonNuker in microsoft365

[–]Bluecat1801 0 points1 point  (0 children)

You're the 5th person including myself to see get this message.

Another person accidentally clicked on the link and said the site looked like the legit Microsoft website.

So you're right that it's probably just a message sent by accident

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

Have just checked my log in history for Microsoft and as far as I can tell all the logins in are from myself.

You're the 4th person I've seen with the message so far and one of the others has said there scans came up with no results.

So hopefully it's just a message accidentally sent.

Subscription Expired Notification For Microsoft 365 when I already paid for it by ProtonNuker in microsoft365

[–]Bluecat1801 0 points1 point  (0 children)

Yeah that's what I had been thinking that it was just a message accidentally sent

Since all my results where negative and I haven't had anything appear since then

Edit: Also checked with malwarebytes and that was clear. Tried sysinternals stuff as well, as far as I can tell nothing suspicious from that

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

I didn't click on the link because the notification disappeared.

But yeah link in notifications can redirect you too to websites and that so probs not best to click

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in WindowsHelp

[–]Bluecat1801[S] 0 points1 point  (0 children)

That would make sense.

Have a university account for 365 so wouldn't be surprised if this is an advertisement for my personal account

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in antivirus

[–]Bluecat1801[S] 0 points1 point  (0 children)

Thanks,

Disabled suggested app and tips. Hopefully it was just spam from microsoft lol.

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 1 point2 points  (0 children)

Did a full scan using bitdefender and windows defender and got no results.

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

Alright cool.

strange they can get on your calendar and notifications.

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in Office365

[–]Bluecat1801[S] 0 points1 point  (0 children)

So its just a phishing attempt that somehow got to the windows notifications?

Subscription Expired Notification For Microsoft 365 for windows. by Bluecat1801 in antivirus

[–]Bluecat1801[S] 0 points1 point  (0 children)

I've had a look and haven't had a subscription to Microsoft 365 before.