secman111

It's more common these days that malicious browser add on's can have keyloggers, screengrabbers, and passwords ex-filtration tools, or at least pave the way for those tools to be executed even if not initially present and, even if the tools themselves are transient (memory present only) and do not remain on disk (won't come up in a scan). Never save your passwords in your browser for this reason, if you did, go ahead and change all of them. Move to a reputable password manager service. Many are free. I'd suggest you re-install firefox browser after you run some ESET and MB scans. I'm not sure if backing up firefox profile data would also transfer any malicious code since the firefox browser was hijacked. Perhaps backup your firefox profile data minus the extensions first before re-installing. Since Eset's real-time scanner has had more years of experience then malwarebytes does, I would expect its better, but, by turning off real-time scanning in malwarebytes, do you miss out on the anti-exploit etc. related protections that are unique to Malwarebytes? I trust eset as my base AV more than any other. But I do know malwarbytes leads the way in these pioneering browser PUP detentions that are plaguing many people without their knowledge. I wish other AV's would up their Game on that front.