Re: AdwCleamer wants to delete my whole Firefox profile folder

Hello,

Thanks M-K-D-B, sorry for misunderstanding.

@Simplex: Can you zip me the folder "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1" and your profile: "4ui6vnjc.Simplex" ? I'll merge the two so that you'll find a clean profile, and you will be able to clean with AdwCleaner the malicious one.

Thanks,

Re: AdwCleamer wants to delete my whole Firefox profile folder

You're right, nice catch! But that really is my main firefox profile. Did malware hacked its name, or what?

I searech for this profile ID and found in int he following places:

c:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41a66e7e5ee1

c:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41a66e7e5ee1

 

I am certain that when I told adwcleaner to delete this folder, my firefox pro...

Re: AdwCleamer wants to delete my whole Firefox profile folder

This element seems to be a FP caused by a generic detection.  

Sorry, but I don't think so.

There are  - only at the german TB forum - at least 50 topics with this ff profilename "41A66E7E5EE1".

Usually, every ff profilename is almost unique, 41A66E7E5EE1 isn't unique.

It is related to Yondoo browser hijacker, I've seen multiple topics with this variant.

 

my suggestion:

Check profiles.i...

Firefox pref Found - what does this option do and why is it considered malicious?

Hi all.

I googled before asking but never found anything relevant... So AdwCleaner found 1 threat, this is what is says:

Firefox pref Found:  [E:\Profiles\Firefox\prefs.js] - "extensions.quick_start.sd.closeWindowWithLastTab_prev_state" -  false

Anyone knows what this config option does and why is it dangerous?

Thanks.

Re: AdwCleamer wants to delete my whole Firefox profile folder

Hello,

Sorry I was unclear. You can deselect the element "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1" from the "Folders", and do a clean.

This element seems to be a FP caused by a generic detection.

Best regards,

Re: Menace Persistante après nettoyage

Merci. Pouvez faire ce qui suit ?

  • Téléchargez Malwarebytes Anti-Malware.
  • Installez-le en laissant les options par défaut (décochez juste à l'installation "Activer l'essai gratuit de MBAM Premium"), une icône sera créée sur le bureau et Malwarebytes démarrera.
  • Onglet "Analyse" choisissez "Analyse des Menaces", puis cliquez sur "Lancer l'analyse".
  • Si un élément est détecté, choisissez de tout...

Re: AdwCleamer wants to delete my whole Firefox profile folder

You mean this?

http://pastebin.com/i8fdnHka

Thse issuses are in the log every time I do a scan. Either AdwCleaner does not remove them, or I still have some residual malware which puts it back.

Re: ADW claener ne supprime pas les virus

Bonjour,

Merci. Pouvez faire ce qui suit ?

  • Téléchargez Malwarebytes Anti-Malware.
  • Installez-le en laissant les options par défaut (décochez juste à l'installation "Activer l'essai gratuit de MBAM Premium"), une icône sera créée sur le bureau et Malwarebytes démarrera.
  • Onglet "Analyse" choisissez "Analyse des Menaces", puis cliquez sur "Lancer l'analyse".
  • Si un élément est détecté, choisiss...

Re: AdwCleamer wants to delete my whole Firefox profile folder

Hello,

This detection is triggered by the fake firefox profile generic, which is a FP in your case.. Please uncheck it before cleaning.

Can you share the whole logfile too?

Thanks,