hi Several weeks ago a had an issue with malware in Firefox and CHROME.
I opened a thread in this german Firefox forum: http://www.camp-firefox.de/forum/viewtopic.php?f=1&t=114723
We tried several times to remove the malware with some tools (ADW cleaner and tools like MBAM and JRT).
It didnt work so the moderators told me to refresh firefox (see https://support.mozilla.org/en-US/kb/refresh-f...
Hello, can you please check if the following Firefox extensions are really Ad/Malware.
More Tools Menu 1.2.4.1-signed see also http://www.systemlookup.com/FF_Extensions/2151-9a7a67d3_3048_47fb_acde_d0f7ae51f86a_xpi.html
and
Super Drag 0.15.1-signed see also http://www.systemlookup.com/FF_Extensions/3197-superdrag_enjoyfreeware_org_xpi.html
Part of AdwCleaner Log
# AdwCleaner v5.023 - Beri...If reading the privously/lastly submitted ZHPFix report correctly, the Adobe Shockvawe 12.0 was removed according to the quote below:
"Recycle Bin emptied (07mn AMs)
========== Software ==========
REMOVES: Adobe Shockwave Player 12.0"I was reffering to removal of ZHPFix itself in my Question while it was running the first time and generating report to desktop.
I have NO issues left anyway...
Hello,
I will help you to clean your computer.
First thing you need to know is that to do that, we won't use every tools existing praying that this would be enough.
That is not a good way to eradicate malware. Instead, we will use first a diagnostic tool, and when we will know what is in your computer, we will use the tool designed for removing that malware. So please, stop running every too...
i appreciated the adwcleaner and jrt.exe files. the hitman pro site let me use download.com. I clicked the direct link instead. I thought download.com injects pup software? should a warning be on your site ot to use download.com?
I also cleaned everything the adw and jrt exes showed me and crossed my fingers that it would not crash my system. is that safe?
i already had malware bytes M...
Bonjour,
Hm, c'est étrange. Est-ce qu'il fait un bruit particulier lors du "freeze" ? (ou une absence de bruit justement)
Avez-vous réussi à démarrer via une clé USB Linux ?
Bon couurage,
Bonjour Maxjules.
Pour commencer, on va faire l'export du dossier d'Extensions de Google Chrome.
C:\Users\max\AppData\Local\Google\Chrome\User Data\Default\Bonjour,
On est reparti :
Alors d'abord une petite question, es-tu sûr que le pop-up se lance au démarage du navigateur Google Chrome et pas de Mozilla Firefox. En effet, tes messages MBAM indiquent une connection vers statsweb.proxad.net démarré par Mozilla Firefox.
A noté que statsweb.proxad.net appartenant à Free, il est probable qu'il s'agisse d'un Faux Positif. J'ai donc contacté quelqu...
Seems to have been happening for awhile for geekbuddy
https://malwaretips.com/blogs/comodo-geekbuddy-removal/
Maybe your users can uncheck the removal of geekbuddy before cleaning, If they are sure it was installed for a legitimate program and not bundled with other software as mentioned in the article
Suite des opérations.
Dans "Google dashboard" le synchronisation devait etre désynchroniser si j'en juge par la ligne au bas deman dant si on veut "redémarrer la synchronisation". Je n'ai donc rien touché sur cette page.
J'ai fait l'analyse avec adw cleaner dont voici le rapport. Comme il se doit le pc a été redémarrer les fenetres malwaresbytes antimalware réapparaissent.
rapport adw cleane...