Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unwanted pages on firefox


  • Please log in to reply
13 replies to this topic

#1 andreapi

andreapi

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 14 July 2011 - 01:22 PM

Hi,
for the last few weeks I have been having all sorts of unwanted pages on my firefox browser, as I work on websites building I use also opera, IE, safari etc. but the problem is only on firefox. I unfortunetaly went a few time on megaupload and it seems that it all began there... The pages are advertisements, usually pretty ugly and even sometimes with sounds. I tried a reinstallation of firefox without success. I use G data and superantispyware, I also ran malwarebytes, and I can't get rid of those pages. Could anyone help me?

Edited by Orange Blossom, 14 July 2011 - 01:39 PM.
Moved to AII from Windows 7. ~ OB


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 14 July 2011 - 02:28 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 andreapi

andreapi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 30 July 2011 - 04:18 PM

hello, again thanks for your help (and sorry for this late reply) here are the results of the four scans :

jii Results of screen317's Security Check version 0.99.7
Windows 7 Service Pack 1 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

ESET Online Scanner v3
G Data AntiVirus 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
Java™ 6 Update 16
Java™ 6 Update 24
Out of date Java installed!
Adobe Flash Player 10.3.181.26
Adobe Reader X (10.1.0) - Français
Mozilla Firefox (x86 fr..) Firefox Out of Date!
Mozilla Thunderbird (3.1.11) Thunderbird Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
G Data AntiVirus AVK AVKWCtl.exe
G Data AntiVirus AVK AVKService.exe
G Data AntiVirus AVKTray AVKTray.exe
``````````End of Log````````````


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7248

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

23/07/2011 12:15:12
mbam-log-2011-07-23 (12-15-12).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 197860
Temps écoulé: 8 minute(s), 48 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

--just noticed it was in french, I hope it's not a problem, anyway it says nothing was found...--

MiniToolBox by Farbar
Ran by andre (administrator) on 23-07-2011 at 10:53:10
Windows 7 Ultimate Service Pack 1 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
========================= Hosts content: =================================

# Copyright © 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 localhost127.0.0.1 localhost127.0.0.1 localhost127.0.0.1 localhost
========================= IP Configuration: ================================

# ----------------------------------
# Configuration du protocole IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Fin de la configuration du protocole IPv4



Configuration IP de Windows

Nom de l'h“te . . . . . . . . . . : noumerouno
Suffixe DNS principal . . . . . . :
Type de noeud. . . . . . . . . . : Hybride
Routage IP activ‚ . . . . . . . . : Non
Proxy WINS activ‚ . . . . . . . . : Non
Liste de recherche du suffixe DNS.: home

Carte Ethernet Connexion au r‚seau local :

Suffixe DNS propre … la connexion. . . : home
Description. . . . . . . . . . . . . . : Connexion r‚seau Intel® PRO/100
Adresse physique . . . . . . . . . . . : 00-13-72-D8-D7-A5
DHCP activ‚. . . . . . . . . . . . . . : Oui
Configuration automatique activ‚e. . . : Oui
Adresse IPv6 de liaison locale. . . . .: fe80::8cc5:ef9f:275d:61ea%10(pr‚f‚r‚)
Adresse IPv4. . . . . . . . . . . . . .: 192.168.1.10(pr‚f‚r‚)
Masque de sous-r‚seau. . . .ÿ. . . . . : 255.255.255.0
Bail obtenu. . . . . . . . .ÿ. . . . . : vendredi 22 juillet 2011 10:53:09
Bail expirant. . . . . . . . .ÿ. . . . : vendredi 29 juillet 2011 10:53:09
Passerelle par d‚faut. . . .ÿ. . . . . : 192.168.1.1
Serveur DHCP . . . . . . . . . . . . . : 192.168.1.1
IAID DHCPv6 . . . . . . . . . . . : 234886002
DUID de client DHCPv6. . . . . . . . : 00-01-00-01-15-35-0C-5D-00-13-72-D8-D7-A5
Serveurs DNS. . . . . . . . . . . . . : 192.168.1.1
NetBIOS sur Tcpip. . . . . . . . . . . : Activ‚

Carte Tunnel isatap.home :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . : home
Description. . . . . . . . . . . . . . : Carte Microsoft ISATAP
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Tunnel Connexion au r‚seau local* 6 :

Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui
Adresse IPv6. . . . . . . . . . .ÿ. . .: 2001:0:5ef5:79fd:2c1f:12aa:a5fb:7597(pr‚f‚r‚)
Adresse IPv6 de liaison locale. . . . .: fe80::2c1f:12aa:a5fb:7597%12(pr‚f‚r‚)
Passerelle par d‚faut. . . .ÿ. . . . . : ::
NetBIOS sur TCPIP. . . . . . . . . . . : D‚sactiv‚
Serveur : HSIB.home
Address: 192.168.1.1

Nom : google.com
Addresses: 209.85.148.105
209.85.148.103
209.85.148.99
209.85.148.104
209.85.148.147
209.85.148.106


Envoi d'une requˆte 'ping' sur google.com [209.85.148.105] avec 32 octets de donn‚esÿ:
R‚ponse de 209.85.148.105ÿ: octets=32 temps=57 ms TTL=53
R‚ponse de 209.85.148.105ÿ: octets=32 temps=57 ms TTL=53

Statistiques Ping pour 209.85.148.105:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
Minimum = 57ms, Maximum = 57ms, Moyenne = 57ms
Serveur : HSIB.home
Address: 192.168.1.1

Nom : yahoo.com
Addresses: 67.195.160.76
69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70


Envoi d'une requˆte 'ping' sur yahoo.com [67.195.160.76] avec 32 octets de donn‚esÿ:
R‚ponse de 67.195.160.76ÿ: octets=32 temps=140 ms TTL=50
R‚ponse de 67.195.160.76ÿ: octets=32 temps=136 ms TTL=50

Statistiques Ping pour 67.195.160.76:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
Minimum = 136ms, Maximum = 140ms, Moyenne = 138ms

Envoi d'une requˆte 'Ping' 127.0.0.1 avec 32 octets de donn‚esÿ:
R‚ponse de 127.0.0.1ÿ: octets=32 temps=7 ms TTL=128
R‚ponse de 127.0.0.1ÿ: octets=32 temps=2 ms TTL=128

Statistiques Ping pour 127.0.0.1:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
Minimum = 2ms, Maximum = 7ms, Moyenne = 4ms
===========================================================================
Liste d'Interfaces
10...00 13 72 d8 d7 a5 ......Connexion r‚seau Intel® PRO/100
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Table de routage
===========================================================================
Itin‚raires actifsÿ:
Destination r‚seau Masque r‚seau Adr. passerelle Adr. interface M‚trique
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.10 276
192.168.1.10 255.255.255.255 On-link 192.168.1.10 276
192.168.1.255 255.255.255.255 On-link 192.168.1.10 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.10 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.10 276
===========================================================================
Itin‚raires persistantsÿ:
Aucun

IPv6 Table de routage
===========================================================================
Itin‚raires actifsÿ:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:2c1f:12aa:a5fb:7597/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::2c1f:12aa:a5fb:7597/128
On-link
10 276 fe80::8cc5:ef9f:275d:61ea/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Itin‚raires persistantsÿ:
Aucun

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/22/2011 06:49:30 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (07/22/2011 06:49:28 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (07/22/2011 06:43:17 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (07/22/2011 10:54:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2011 09:21:08 AM) (Source: Application Hang) (User: )
Description: Le programme emule.exe version 0.50.0.4 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : 1160

Heure de début : 01cc472833ba2d7e

Heure de fin : 33

Chemin d’accès de l’application : G:\eMule\emule.exe

ID de rapport : e680b9fd-b369-11e0-b172-001372d8d7a5

Error: (07/19/2011 06:54:13 PM) (Source: Application Hang) (User: )
Description: Le programme filezilla.exe version 3.5.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : a60

Heure de début : 01cc45a033924d69

Heure de fin : 287

Chemin d’accès de l’application : C:\Program Files\FileZilla FTP Client\filezilla.exe

ID de rapport : b59f2766-b227-11e0-b172-001372d8d7a5

Error: (07/19/2011 01:29:35 AM) (Source: Windows Search Service) (User: )
Description: Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : The catalog is corrupt.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
Le catalogue d’index des contenus est endommagé. 0xc0041801 (0xc0041801)

Error: (07/19/2011 01:29:35 AM) (Source: Windows Search Service) (User: )
Description: Le service de recherche a détecté des fichiers de données endommagés dans l’index {id=3910}. Le service tentera de corriger automatiquement ce problème en recréant l’index.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
Le catalogue d’index des contenus est endommagé. 0xc0041801 (0xc0041801)

Error: (07/18/2011 11:13:34 PM) (Source: Application Hang) (User: )
Description: Le programme Explorer.EXE version 6.1.7601.17567 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : e8c

Heure de début : 01cc4572608339c0

Heure de fin : 0

Chemin d’accès de l’application : C:\Windows\Explorer.EXE

ID de rapport : bae80144-b182-11e0-b172-001372d8d7a5

Error: (07/18/2011 08:06:44 PM) (Source: Application Hang) (User: )
Description: Le programme firefox.exe version 5.0.0.4183 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : fb8

Heure de début : 01cc45754ac29fa6

Heure de fin : 78

Chemin d’accès de l’application : C:\Program Files\Mozilla Firefox\firefox.exe

ID de rapport : 9fdb7bea-b168-11e0-b172-001372d8d7a5


System errors:
=============
Error: (07/23/2011 00:17:51 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:48 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:46 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:43 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:40 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:38 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:35 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:33 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:30 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.

Error: (07/23/2011 00:17:28 AM) (Source: Disk) (User: )
Description: Le périphérique \Device\Harddisk6\DR6 comporte un bloc défectueux.


Microsoft Office Sessions:
=========================
Error: (07/22/2011 06:49:30 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\OrangeBS\BEWPro\installation\Core\setupApiWrapper64.exe

Error: (07/22/2011 06:49:28 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\OrangeBS\BEWPro\installation\Core\InstallDevice64.exe

Error: (07/22/2011 06:43:17 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="AMD64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\carddetector\ICON505\setupApiWrapper64.exe

Error: (07/22/2011 10:54:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2011 09:21:08 AM) (Source: Application Hang)(User: )
Description: emule.exe0.50.0.4116001cc472833ba2d7e33G:\eMule\emule.exee680b9fd-b369-11e0-b172-001372d8d7a5

Error: (07/19/2011 06:54:13 PM) (Source: Application Hang)(User: )
Description: filezilla.exe3.5.0.0a6001cc45a033924d69287C:\Program Files\FileZilla FTP Client\filezilla.exeb59f2766-b227-11e0-b172-001372d8d7a5

Error: (07/19/2011 01:29:35 AM) (Source: Windows Search Service)(User: )
Description: Contexte : Application Windows, Catalogue SystemIndex

Détails :
Le catalogue d’index des contenus est endommagé. 0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (07/19/2011 01:29:35 AM) (Source: Windows Search Service)(User: )
Description: Contexte : Application Windows, Catalogue SystemIndex

Détails :
Le catalogue d’index des contenus est endommagé. 0xc0041801 (0xc0041801)
3910

Error: (07/18/2011 11:13:34 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567e8c01cc4572608339c00C:\Windows\Explorer.EXEbae80144-b182-11e0-b172-001372d8d7a5

Error: (07/18/2011 08:06:44 PM) (Source: Application Hang)(User: )
Description: firefox.exe5.0.0.4183fb801cc45754ac29fa678C:\Program Files\Mozilla Firefox\firefox.exe9fdb7bea-b168-11e0-b172-001372d8d7a5


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 2046.15 MB
Available physical RAM: 1072.44 MB
Total Pagefile: 4092.3 MB
Available Pagefile: 1847.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.73 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:160 GB) (Free:76.04 GB) NTFS
5 Drive f: © (Fixed) (Total:72.82 GB) (Free:52.54 GB) NTFS
6 Drive o: (STORE N GO) (Removable) (Total:7.44 GB) (Free:3.87 GB) FAT32

========================= Users: ========================================

comptes d'utilisateurs de \\NOUMEROUNO

Administrateur andre andr‚
‚lise Invit‚
La commande s'est termin‚e correctement.


== End of log ==


GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-07-28 19:27:59
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD2500JS-75NCB2 rev.10.02E03
Running: sty6y41i.exe; Driver: C:\Users\andre\AppData\Local\Temp\uftcipoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 8348E339 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 834C7D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Thunderbird\thunderbird.exe[4376] ntdll.dll!LdrLoadDll 76ED22B8 5 Bytes JMP 009412F7 C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Messaging)
.text C:\Program Files\Real\RealPlayer\update\realsched.exe[5416] kernel32.dll!SetUnhandledExceptionFilter 7571F4FB 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73D82437] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73D65600] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73D656BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73D824B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73D78514] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73D74CC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73D7506F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73D75144] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73D76671] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73D7826B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73D787BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73D7901B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73D7E1BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3908] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73D74BFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3972] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74F4FFF6] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3972] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74F4FFF6] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3972] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74F4FFF6] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3972] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74F4FFF6] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (Pilote du système de fichiers NT/Microsoft Corporation)

AttachedDevice tdrpm273.sys (Acronis Try&Decide Volume Filter Driver/Acronis)

Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000051 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device volmgr.sys (Volume Manager Driver/Microsoft Corporation)

AttachedDevice fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)

Device cdfs.sys (CD-ROM File System Driver/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File C:\ProgramData\G DATA\AVK\Log\AVKLog\0000001988.log 986 bytes

---- EOF - GMER 1.0.15 ----

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 30 July 2011 - 04:23 PM

Re-run MiniToolbox.

Checkmark following boxes:
  • Flush DNS
  • Reset FF Proxy Settings
Click Go and post the result.

Restart computer.

Re-run MiniToolbox again.

Checkmark following boxes:
  • Report FF Proxy Settings
Click Go and post the result.

Then...

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 andreapi

andreapi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 05 August 2011 - 04:20 AM

Hello,
Here are the results of the three scans you told me to perform..


MiniToolBox by Farbar
Ran by andre (administrator) on 05-08-2011 at 09:58:48
Windows 7 Ultimate Service Pack 1 (X86)

***************************************************************************

========================= Flush DNS: ===================================

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.


== End of log ==
MiniToolBox by Farbar
Ran by andre (administrator) on 05-08-2011 at 10:13:30
Windows 7 Ultimate Service Pack 1 (X86)

***************************************************************************

========================= FF Proxy Settings: ==============================


== End of log ==

GooredFix by jpshortstuff (03.07.10.1)
Log created at 10:19 on 05/08/2011 (andre)
Firefox version 5.0 (fr)

========== GooredScan ==========

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [13:02 24/06/2011]
{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [14:21 15/05/2011]
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [12:40 11/06/2011]
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [20:02 12/04/2011]

C:\Users\andre\Application Data\Mozilla\Firefox\Profiles\vow9uazh.default\extensions\
{1018e4d6-728f-4b20-ad56-37578a4de76b} [20:56 16/07/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{fa46cb24-1d5b-4048-911a-2857a0944395}"="C:\Program Files\FVD Suite\addons\Firefox" [20:26 26/05/2011]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [09:36 26/06/2011]

-=E.O.F=-

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 05 August 2011 - 06:41 PM

How are the issues?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 andreapi

andreapi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 06 August 2011 - 06:38 AM

Hi,
I still get unwanted advertising sites poping up... One thing I don't understand : I use Gdata antivirus program and when I run the scan it shows a bunch of register keys with "permission denied", is it possible to have a scan working on most of the register? With other program I have used I could run the scan on, I can't remember how you call it in english, the primary 'state' of Windows, but with Gdata it's not working somehow....
again, thanks for your time!
andré

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 06 August 2011 - 08:45 PM

If you're using Firefox 3.x, close Firefox. Go Start>All Programs>Mozilla Firefox, click on Mozilla Firefox (safe mode).
If you're using Firefox 4, or 5 go Help>Restart Firefox with Add-ons Disabled.
Same issue?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 andreapi

andreapi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 07 August 2011 - 03:56 PM

Hi,
so far the issue stopped
andré

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 07 August 2011 - 04:39 PM

Must be some of your addons...

Let's see, if we can find out which one.

Download FoxScan from HERE

Double click on FoxScan.exe to start the scan.
DOS-like window will pop-up.
Press 2 for English. Press Enter.
Be patient. It'll take few minutes.
When the tool is done, it'll display:

Search completed.
Press any key to coninue...


Press any key.
Notepad window titled Rapport-FS.txt will open.
Save the file to known location, and attach it to your next reply.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 andreapi

andreapi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 08 August 2011 - 12:55 PM

hello, here is the scan result, I wish you (us) good luck and a very good day.
FoxScan Version 1.1.1
By Loup blanc - Zebulon.fr
Scan started 08/08/2011 at 9:36

Microsoft Windows 7 Ultimate Service Pack 1 [version 6.1.7601]

Mozilla Firefox version : 5.0 (fr)
Installation folder : C:\Program Files\Mozilla Firefox


=================================================================================
---------- User account : andre [Current session]
=================================================================================


Profile name : default
Profile folder : C:\Users\andre\AppData\Roaming\mozilla\firefox\Profiles\vow9uazh.default\


//////////// Setting \\\\\\\\\\\\\
======= Profile name : default =======

Firefox update : Activated
Add-on update : Activated
Search engines update : Activated
Java : Activated
Javascript : Activated
Proxy : No Proxy




//////////// Add-on \\\\\\\\\\\\\

======= Profile name : default =======

Installation notification for Add-on is enabled




//////////// Search plugins \\\\\\\\\\\\\

======= Profile name : default =======

Search in "prefs.js" :

browser.search.defaultenginename :
browser.search.defaulturl :
browser.search.selectedEngine :
keyword.URL :
keyword.enable :


--------- Search engines found ------------
+ Search form configured for the engine





=================================================================================
---------- User account : andr‚
=================================================================================


Profile name : default
Profile folder : C:\Users\andr‚\AppData\Roaming\mozilla\firefox\Profiles\z0ccf60p.default\


//////////// Setting \\\\\\\\\\\\\
======= Profile name : default =======

Firefox update : Activated
Add-on update : Activated
Search engines update : Activated
Java : Activated
Javascript : Activated
Proxy : No Proxy




//////////// Add-on \\\\\\\\\\\\\

======= Profile name : default =======

Installation notification for Add-on is enabled




//////////// Search plugins \\\\\\\\\\\\\

======= Profile name : default =======

Search in "prefs.js" :

browser.search.defaultenginename :
browser.search.defaulturl :
browser.search.selectedEngine : "Google Custom Search"
keyword.URL :
keyword.enable :


--------- Search engines found ------------
+ Search form configured for the engine





=================================================================================
---------- User account : ‚lise
=================================================================================


Profile name : default
Profile folder : C:\Users\‚lise\AppData\Roaming\mozilla\firefox\Profiles\33wak1ea.default\


//////////// Setting \\\\\\\\\\\\\
======= Profile name : default =======

Firefox update : Activated
Add-on update : Activated
Search engines update : Activated
Java : Activated
Javascript : Activated
Proxy : No Proxy




//////////// Add-on \\\\\\\\\\\\\

======= Profile name : default =======

Installation notification for Add-on is enabled




//////////// Search plugins \\\\\\\\\\\\\

======= Profile name : default =======

Search in "prefs.js" :

browser.search.defaultenginename :
browser.search.defaulturl :
browser.search.selectedEngine : "Google Custom Search"
keyword.URL :
keyword.enable :


--------- Search engines found ------------
+ Search form configured for the engine





=================================================================================
---------- Common section
=================================================================================

//////////// DLL found in C:\Program Files\Mozilla Firefox\components \\\\\\\\\\\\\

browsercomps.dll


------------------------------------------------------

//////////// Search plugins \\\\\\\\\\\\\

--------- Search engines found ------------
+ Search form configured for the engine


C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
Template : http://www.amazon.fr/exec/obidos/external-search/


C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
Template : http://www.bing.com/search


C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
Template : http://www.cnrtl.fr/lexicographie/{searchTerms}


C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
Template : http://rover.ebay.com/rover/1/709-47295-17703-3/4


C:\Program Files\Mozilla Firefox\searchplugins\google.xml
Template : http://www.google.com/search


C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
Template : http://fr.wikipedia.org/wiki/Special:Recherche


C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
Template : http://fr.search.yahoo.com/search



------------------------------------------------------

//////////// Plugins set in registry \\\\\\\\\\\\\


[HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/FlashPlayer]
"Description"="Adobe© Flash© Player 10.1 Plugin"
"Vendor"="Adobe Systems Incorporated"
"Path"="C:\Windows\system32\Macromed\Flash\NPSWF32.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@java.com/JavaPlugin]
"Description"="Oracle© Next Generation JavaT Plug-In"
"Vendor"="Oracle Corp."
"Path"="C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@ma-config.com/HardwareDetection]
"Description"="D‚tection mat‚riel Ma-Config.com"
"Vendor"="CybelSoft"
"Path"="C:\Program Files\ma-config.com\nphardwaredetection.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/GENUINE]
"Path"="C:\Windows\system32\Wat\npWatWeb.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"="WLPG Install MIME type"
"Vendor"="Microsoft"
"Path"="C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"="WLPG Install MIME type"
"Vendor"="Microsoft"
"Path"="C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@real.com/nppl3260;version=12.0.1.647]
"Description"="RealPlayer™ LiveConnect-Enabled Plug-In"
"Vendor"="RealNetworks"
"Path"="c:\program files\real\realplayer\Netscape6\nppl3260.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@real.com/nprjplug;version=12.0.1.647]
"Description"="RealJukebox Netscape Plugin"
"Vendor"="RealNetworks"
"Path"="c:\program files\real\realplayer\Netscape6\nprjplug.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"="RealNetworks™ RealPlayer Chrome Background Extension Plug-In"
"Vendor"="RealNetworks"
"Path"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"="RealPlayer™ HTML5VideoShim Plug-In"
"Vendor"="RealNetworks"
"Path"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"="12.0.1.647"
"Vendor"="RealNetworks"
"Path"="c:\program files\real\realplayer\Netscape6\nprpjplug.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\@real.com/nsJSRealPlayerPlugin;version=]

[HKEY_LOCAL_MACHINE\software\mozillaplugins\Adobe Reader]
"Description"="Handles PDFs in-place in Firefox"
"Vendor"="Adobe Systems Incorporated. Copyright 1994-2010 All Rights Reserved"
"Path"="C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll"

[HKEY_LOCAL_MACHINE\software\mozillaplugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"="Yahoo! activeX Plug-in Bridge"
"Vendor"="Yahoo"
"Path"="C:\Program Files\Yahoo!\Common\npyaxmpb.dll"

[HKEY_CURRENT_USER\software\mozillaplugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]

[HKEY_CURRENT_USER\software\mozillaplugins\@tools.google.com/Google Update;version=3]
"Description"="Google Update"
"Vendor"="Google Inc."
"Path"="C:\Users\andre\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll"

[HKEY_CURRENT_USER\software\mozillaplugins\@tools.google.com/Google Update;version=9]
"Description"="Google Update"
"Vendor"="Google Inc."
"Path"="C:\Users\andre\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll"


------------------------------------------------------

//////////// Additional search... \\\\\\\\\\\\\

==== Additional extension ====

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext"



=========================== End of report ===========================

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 08 August 2011 - 07:20 PM

I don't see too many addons, so I suggest you simply uninstall/reinstall Firefox.
Let me know if it cures the issue.

Edited by Broni, 27 August 2011 - 10:22 AM.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 andreapi

andreapi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 27 August 2011 - 10:16 AM

Hello,

apparently the problem is solved, many thanks to you
andré

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:07 AM

Posted 27 August 2011 - 10:22 AM

You're very welcome Posted Image

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users