Got a user report with the GreatDealz extension active, but user said he never installed it. Searching for it shows mostly reports about it from the second half of 2016. From the user's about:support: Name: GreatDealz Version: 0.0.3 Aktiviert: false ID: @greatdealz An add-on with same name, id and version is hosted at https://addons.mozilla.org/firefox/addon/greatdealzof/ In the report at http://www.trojaner-board.de/182734-bekomme-staendig-meldung-potenziell-gefaehrliche-software-erkannt-browsermodifier-win32-suptab-blnk.html , it gets loaded from the registry: > FF HKLM-x32\...\Firefox\Extensions: [@greatdealz] - C:\Users\<Username>PC\AppData\Roaming\Mozilla\Firefox\Profiles\h5dxmvg4.default-1435937987119\extensions\@greatdealz.xpi
The add-on itself appears to meet our policies, so we would need evidence of it being force-installed in order to take any action. If there's a URL or piece of software you know where this happens, please add them to the report and reopen the bug. Otherwise, there isn't anything we can do.