I created new firefox profile using Profile Manager, then I copied all files fromt the old profile to the new one. AdwCleaner did not detect any suspicious files in that new profile folder, so I guess I'm good?
I created new firefox profile using Profile Manager, then I copied all files fromt the old profile to the new one. AdwCleaner did not detect any suspicious files in that new profile folder, so I guess I'm good?
Hello,
Thanks M-K-D-B, sorry for misunderstanding.
@Simplex: Can you zip me the folder "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1" and your profile: "4ui6vnjc.Simplex" ? I'll merge the two so that you'll find a clean profile, and you will be able to clean with AdwCleaner the malicious one.
Thanks,
Bonjour,
Nous allons utiliser Farbar Recovery Scan Tool, voici la marche à suivre :
You're right, nice catch! But that really is my main firefox profile. Did malware hacked its name, or what?
I searech for this profile ID and found in int he following places:
c:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\41a66e7e5ee1
c:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41a66e7e5ee1
I am certain that when I told adwcleaner to delete this folder, my firefox pro...
This element seems to be a FP caused by a generic detection.
Sorry, but I don't think so.
There are - only at the german TB forum - at least 50 topics with this ff profilename "41A66E7E5EE1".
Usually, every ff profilename is almost unique, 41A66E7E5EE1 isn't unique.
It is related to Yondoo browser hijacker, I've seen multiple topics with this variant.
my suggestion:
Check profiles.i...
Hello,
Sorry I was unclear. You can deselect the element "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1" from the "Folders", and do a clean.
This element seems to be a FP caused by a generic detection.
Best regards,
You mean this?
Thse issuses are in the log every time I do a scan. Either AdwCleaner does not remove them, or I still have some residual malware which puts it back.
Hello,
This detection is triggered by the fake firefox profile generic, which is a FP in your case.. Please uncheck it before cleaning.
Can you share the whole logfile too?
Thanks,
Hello, this is my fist post. AdwCleaner is an amazing tool which saved my skin multiple times, but now I have an issue.
This is from the log:
***** [ Folders ] *****
Folder Found: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
When I don't uncheck it, then AdwCleaner removes my whole Firefox profile folder, so I lose all my seetings, browsing history, etc. I had to ...
here is the same problem as this user http://www.bleepingcomputer.com/forums/t/623128/weird-chinese-programes/
and here http://www.bleepingcomputer.com/forums/t/624586/infected-with-ludashi-and-google-keeps-redirecting/
http://lavasoft.com/mylavasoft/malware-descriptions/blog/GenVariantMikey385380169e46229
Get Malwarebytes for powerful protection against adware and threats.
Get Malwarebytes Now