firstname.lastname@example.org in Extension folder
I "unknowingly" installed an extension/addon via Firefox created by brandthunder. I say "unknowingly" installed because somehow something an addon was installed called "Prestosavings." I use RoboForm and kept getting this popup message every time I tried to auto fill a form via RF:
The site domain does not Match URL of the passcard. Match URL:/https://savecdn.com/addon/coupontool2/iframe.php http://https://savecdn.com/addon/coupontool2/iframe.php* Site URL: https://savecdn.com/addon/coupontool2/iframe.php Do you still want RF to fill the form?
I was going nuts trying to figure out what was happening! A "coupontool2" addon? Whenever I see the word "addon" I automatically know it's a Firefox thing. I never installed that so where was it coming from? I opened up my Error Console from a few sites and found tons of entries referring to "prestosavings". It was as if my browser had been hijacked! I did a little research and found this: PrestoSavings :: Add-ons for Firefox https://addons.mozilla.org/en-us/firefox/addon/prestosavings/ I had never installed that addon! I opened up my Profile folder and dug through the directories for any sign of the "PrestoSavings" monster! VOILA! Hidden away in the Chrome folder in email@example.com Extension folder. Hmmm....The PrestoSavings iframe.php was loading on every page I went to when I checked each page source! Hmmm...PrestoSavings bundled into my Personas? Not what I expected! Not what I requested! I quickly uninstalled the "firstname.lastname@example.org (took about 3 tries!) and another persona/skin (had the icon of the PrestoSavings) and NO more problems with RF. Again.....I did NOT install this PrestoSavings addon but it was installed - somehow Mysteriously - when I installed the email@example.com.
I just wanted to post this in case others are bombarded by the same problem. Do with it what you will.
Modified by CoronaQueen
Additional System Details
- Shockwave Flash 11.4 r402
- NPRuntime Script Plug-in Library for Java(TM) Deploy
- Next Generation Java Plug-in 10.7.2 for Mozilla browsers
- Office Authorization plug-in for NPAPI browsers
- The plug-in allows you to open and edit files using Microsoft Office applications
- VLC media player Web Plugin 2.0.2
- Adobe PDF Plug-In For Firefox and Netscape 10.1.4
- User Agent: Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
First, you should IMMEDIATELY update to Firefox 15.0.1, as the version you are using is EXTREMELY out of date and insecure. Update Firefox to the latest version.
After that, do you still need help removing this add-on?
Thanks much for the reply, Tylerdowner. Unfortunately, Firefox 15 does not suit my needs and most of the addons and extensions I use with Firefox 4 haven't been compatible with any of the upgrades. Call me a simple girl who likes a simple UI. This shouldn't have happened to me no matter which version of Firefox I choose to use and I just don't want to see this happen to anyone else. Thanks for the offer of assistance to remove the PrestoSavings nightmare but I accomplished it on my own. Take care.
The User Interface from Firefox 4 to Firefox 15.0.1 hasn't changed very much, and by staying on Firefox 4 you are vulnerable to all the security holes listed at https://www.mozilla.org/security/known-vulnerabilities/firefox.html. Also, after Firefox 10 the majority of add-ons are compatible with newer versions.