Jump to content
jamesRR

Malware Found in FF Extension?

Recommended Posts

Hi, I had a gut feeling this morning to run a Malwarebytes scan and when I came to check it there was something found.

PUP.Optional.StartPage24, C:\USERS\JARED\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FL0IL897.DEFAULT-RELEASE\EXTENSIONS\FFEXT_BASICVIDEOEXT@STARTPAGE24.XPI, Delete-on-Reboot, 4622, 186354, 1.0.15058, , ame, 

I put it in google and went to the Malwarebytes page: https://blog.malwarebytes.com/detections/pup-optional/ 

Then I had restarted my computer, went to quarantine and deleted it. I did another scan with rootkits enabled and nothing was found. 

When I went back to the googled file in question I found this thread on here:

Which the person thinks the problem was the add-on extension called "Video Downloader Professional" which I had. 

I recently reinstalled my operating system because of an FF add-on, I don't know which, that got my gmail hacked. So I was really cautious, read the reviews and have been using VirusTotal alot but I guess.. yeah. I didn't think firefox add-ons were this risky.

I want to be sure that my FF browser is clean. 

 

Malwarebytes Scan 11-17-19.txt FRST.txt Addition.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

After reviewing your logs I suspect that this is a Sync issue.

If the problem persists and you are Syncing Firefox it with other Devices reset it.

Navigate to this page and Remove it as suggested.

https://support.mozilla.org/en-US/kb/remove-synced-device-firefox-accounts

When done restart the computer normally.

If all is well.

Return to your Firefox Account and Click the Connect button.

Reset the sync.

Restart the computer normally.
<<<>>>

If the problem persists run this program.
--RogueKiller--

  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED  
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.


=======


 

Share this post


Link to post
Share on other sites

Alright I did it, and some more scans with Malwarebytes which found nothing. Thanks for your help!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.