Short bio

This detection is for several potentially unwanted modifications (PUMs) on user.js, a Firefox browser configuration file, where the installation of any third-party add-on or extension to Firefox is allowed.

System modifications

The following string is modified in user.js:

user_pref("extensions.autoDisableScopes", 15);

user_pref("extensions.autoDisableScopes", 14);
user_pref("extensions.autoDisableScopes", 0);


Malwarebytes automatically deletes the user.js file that triggers the detection of PUM.Optional.FireFoxSearchOverride. Also, we advise users to do a full system scan as PUM.Optional.FireFoxSearchOverride could have been added to the system by malware or PUP.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language