X
Nhấn vào đây để đến phiên bản di động của trang web.

Diễn đàn trợ giúp

Chủ đề này đã đóng và được lưu lại. Vui lòng hỏi một câu hỏi mới nếu bạn cần giúp đỡ.

Were do suspicous add-ons Download Keeper come from?

Được đăng

Today, I noticed an advertisement on a page I visited. This advertisement was labelled "Download Keeper" and showed a few pictures with products and prices in dollars. I didn't expect such advertisements on the site in question and so I looked more closely at it. In the mark-up, I find a lot of elements containing classes starting with SF_ like SF_IIAD_EXPL and url's starting with http://www.superfish.com. Also, some javascript files are loaded from http://rvzr-a.akamaihd.net. Then, I looked at my add-ons and found 4 suspicious ones: DDoowload keeper 1.6 DoWnlOad KeeEper 1.6 Download keeper 1.6 DownnlOadd KeepEr 1.6 How could these have come here? I certainly didn't add them intentionally. Will they have come in with some software installer? Is there some way I can prevent these types of add-ons to be installed?

Today, I noticed an advertisement on a page I visited. This advertisement was labelled "Download Keeper" and showed a few pictures with products and prices in dollars. I didn't expect such advertisements on the site in question and so I looked more closely at it. In the mark-up, I find a lot of elements containing classes starting with SF_ like SF_IIAD_EXPL and url's starting with http://www.superfish.com. Also, some javascript files are loaded from http://rvzr-a.akamaihd.net. Then, I looked at my add-ons and found 4 suspicious ones: DDoowload keeper 1.6 DoWnlOad KeeEper 1.6 Download keeper 1.6 DownnlOadd KeepEr 1.6 How could these have come here? I certainly didn't add them intentionally. Will they have come in with some software installer? Is there some way I can prevent these types of add-ons to be installed?

Giải pháp được chọn

I should mention that in Windows 8's Programs and Features control panel you can sort by date as one tool for investigating which programs installed together or very close in time.

Đọc câu trả lời này trong ngữ cảnh 1

Chi tiết hệ thống bổ sung

Phần bổ trợ đã cài đặt

  • Shockwave Flash 11.9 r900
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • NVIDIA 3D Vision plugin for Mozilla browsers
  • NVIDIA 3D Vision Streaming plugin for Mozilla browsers
  • Shockwave Flash 11.8 r800
  • iTunes Detector Plug-in
  • Google Update
  • GEPlugin
  • 5.1.20513.0
  • NetExtender Launcher NPAPI plugin
  • Foxit Reader Plug-In For Firefox and Netscape
  • Picasa plugin
  • Adobe Shockwave for Director Netscape plug-in, version 12.0
  • NPWLPG
  • VLC media player Web Plugin 2.0.2
  • Citrix Access Gateway
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Office Authorization plug-in for NPAPI browsers

Ứng dụng

  • Firefox 24.0
  • Chuỗi đại diện người dùng: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
  • URL hỗ trợ: https://support.mozilla.org/1/firefox/24.0/WINNT/nl/

Tiện ích mở rộng

  • Accessibility Evaluator for Firefox 1.5.7.1 (accessext@cita.uiuc.edu)
  • Adblock Plus 2.3.2 ({d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d})
  • DDoownload keeper 1.6 (mbplqp5zh@lxt-niyi.co.uk)
  • DoWnlOad keeEper 1.6 (dd.u@utfgyarr.co.uk)
  • Download keeper 1.6 (a2eae@bzysqaoyua.org)
  • DownnlOadd keepEr 1.6 (rhj.jt@iiue.co.uk)
  • Element Hiding Helper voor Adblock Plus 1.2.3 (elemhidehelper@adblockplus.org)
  • Firebug 1.12.3 (firebug@software.joehewitt.com)
  • FoxyProxy Standard 4.2.2 (foxyproxy@eric.h.jung)
  • Ghostery 5.0.4 (firefox@ghostery.com)
  • Google/Yandex search link fix 1.4.1 (jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack)
  • HackBar 1.6.2 ({F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4})
  • Live HTTP headers 0.17 ({8f8fe09b-0bd3-4470-bc1b-8cad42b8203a})
  • MeasureIt 0.4.13 ({75CEEE46-9B64-46f8-94BF-54012DE155F0})
  • Modify Headers 0.7.1.1 ({b749fc7c-e949-447f-926c-3f4eed6accfe})
  • NetExtender Launcher 6.0.0.93 (npNELaunch@sonicwall.com)
  • Secure Login 1.0.3 (secureLogin@blueimp.net)
  • Troubleshooter 1.1a (troubleshooter@mozilla.org)
  • Web Developer 1.2.5 ({c45c406e-ab73-11d8-be73-000a95be3b12})
  • AFAS Personal Bijwerk Assistent 2.3 ({848DC626-5EC9-4D09-A19F-E7F708EE2475}) (không hoạt động)
  • PDF-viewer 0.8.298 (uriloader@pdf.js) (không hoạt động)

Javascript

  • incrementalGCEnabled: True

Đồ họa

  • adapterDescription: NVIDIA GeForce GT 320M
  • adapterDescription2:
  • adapterDeviceID: 0x0a2d
  • adapterDeviceID2:
  • adapterDrivers: nvd3dumx,nvwgf2umx,nvwgf2umx nvd3dum,nvwgf2um,nvwgf2um
  • adapterDrivers2:
  • adapterRAM: 1024
  • adapterRAM2:
  • adapterVendorID: 0x10de
  • adapterVendorID2:
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.2.9200.16581
  • driverDate: 9-12-2013
  • driverDate2:
  • driverVersion: 9.18.13.2723
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d'}
  • isGPU2Active: False
  • numAcceleratedWindows: 3
  • numTotalWindows: 3
  • webglRenderer: Google Inc. -- ANGLE (NVIDIA GeForce GT 320M Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Direct3D 10

Thay đổi cài đặt

  • accessibility.typeaheadfind.flashBar: 0
  • browser.cache.disk.capacity: 358400
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.disk.smart_size_cached_value: 358400
  • browser.places.smartBookmarksVersion: 4
  • browser.privatebrowsing.dont_prompt_on_enter: True
  • browser.startup.homepage_override.buildID: 20130910160258
  • browser.startup.homepage_override.mstone: 24.0
  • browser.tabs.warnOnClose: False
  • dom.mozApps.used: True
  • dom.w3c_touch_events.expose: False
  • extensions.lastAppVersion: 24.0
  • gfx.direct3d.last_used_feature_level_idx: 0
  • gfx.direct3d.prefer_10_1: True
  • network.cookie.prefsMigrated: True
  • places.database.lastMaintenance: 1381258970
  • places.history.expiration.transient_current_max_pages: 104858
  • plugin.disable_full_page_plugin_for_types: application/pdf
  • plugin.importedState: True
  • plugin.state.java: 0
  • privacy.sanitize.migrateFx3Prefs: True
  • security.warn_viewing_mixed: False
  • storage.vacuum.last.index: 1
  • storage.vacuum.last.places.sqlite: 1380702879

Linh tinh

  • Người dùng JS: Không
  • Có thể tiếp cận: Không
jscher2000
  • Top 10 Contributor
8642 giải pháp 70715 câu trả lời
Được đăng

Câu trả lời hữu ích

Sometimes when you download and install software it includes a bundle of undisclosed programs...

I suggest disabling ALL nonessential or unrecognized add-ons on these two tabs:

  • orange Firefox button (or Tools menu) > Add-ons > Plugins category
    Set unimportant plugins to "Never Activate"
  • orange Firefox button (or Tools menu) > Add-ons > Extensions category
    Click Disable for unimportant or unwanted extensions

Usually a link will appear above at least one disabled extension to restart Firefox. You can complete your work on the tab and click one of the links as the last step.

Although you may be tempted to remove some of them immediately, before doing that, I suggest seeing whether some more general malware scans will clean them up so they don't get re-injected into Firefox. This article has a range of free tools you can use for that: Troubleshoot Firefox issues caused by malware.

Sometimes when you download and install software it includes a bundle of undisclosed programs... I suggest disabling ALL nonessential or unrecognized add-ons on these two tabs: * orange Firefox button (or Tools menu) > Add-ons > Plugins category<br>''Set unimportant plugins to "Never Activate"'' * orange Firefox button (or Tools menu) > Add-ons > Extensions category<br>''Click Disable for unimportant or unwanted extensions'' Usually a link will appear above at least one disabled extension to restart Firefox. You can complete your work on the tab and click one of the links as the last step. Although you may be tempted to remove some of them immediately, before doing that, I suggest seeing whether some more general malware scans will clean them up so they don't get re-injected into Firefox. This article has a range of free tools you can use for that: [[Troubleshoot Firefox issues caused by malware]].
jscher2000
  • Top 10 Contributor
8642 giải pháp 70715 câu trả lời
Được đăng

Giải pháp được chọn

I should mention that in Windows 8's Programs and Features control panel you can sort by date as one tool for investigating which programs installed together or very close in time.

I should mention that in Windows 8's Programs and Features control panel you can sort by date as one tool for investigating which programs installed together or very close in time.

Người tạo câu hỏi

Indeed, in installed programs, a program DownlOad KeepEr, (or some other weird casing sequence, I forgot to write it down before uninstalling) was present. The same date, I installed Java 7 Update 40 (both 32- and 64-bit) and some NVIDIA drivers: NVIDIA HD Audio-stuurprogramma 1.3.26.4, NVIDIA Grafisch stuurprogramma 327.23 and NVIDIA 3D Vision stuurprogramma 327.23 (Dutch versions). I downloaded these from http://www.nvidia.com/Download/Scan.aspx?lang=en-us. I revisited this site an recall that I followed the link The NVIDIA Smart Scan requires the latest version of Java. There is also a message on the page about the Java Deployment Toolkit being disabled, because this plug-in contains vulnerabilities. I cannot remember whether I activated it. Anyway, I am not sure if this has anything to do with the Download Keeper plug-in, but thank you for pointing me in the right direction for getting rid of it.

Indeed, in installed programs, a program DownlOad KeepEr, (or some other weird casing sequence, I forgot to write it down before uninstalling) was present. The same date, I installed ''Java 7 Update 40'' (both 32- and 64-bit) and some NVIDIA drivers: ''NVIDIA HD Audio-stuurprogramma 1.3.26.4'', ''NVIDIA Grafisch stuurprogramma 327.23'' and ''NVIDIA 3D Vision stuurprogramma 327.23'' (Dutch versions). I downloaded these from [http://www.nvidia.com/Download/Scan.aspx?lang=en-us http://www.nvidia.com/Download/Scan.aspx?lang=en-us]. I revisited this site an recall that I followed the link [http://www.oracle.com/technetwork/java/index.html The NVIDIA Smart Scan requires the latest version of Java]. There is also a message on the page about the Java Deployment Toolkit being disabled, because this plug-in contains vulnerabilities. I cannot remember whether I activated it. Anyway, I am not sure if this has anything to do with the Download Keeper plug-in, but thank you for pointing me in the right direction for getting rid of it.
tomatto007 0 giải pháp 2 câu trả lời
Được đăng

First download the latest version UnHackMe from our site. link to questionable download removed by moderator. Open the archive and start the unhackme_setup.exe.

When the installation is over you will see the main UnHackMe screen.

Click on the Advanced button and choose "Send report to the support center"; in the popup menu. Follow the instructions.

The report file (regrunlog.txt) will be saved on your Desktop.

Attach it to your ticket and click on the Browse button and then to the regrunlog.txt file.

Don't insert the report text directly into the message text! We won't be able to analyse such a report.

Describe your problem in detail. Add the screenshot, your antivirus log or suspicious files.

Thank you for cooperation!

First download the latest version UnHackMe from our site. <!--http://www.greatis.com/unhackme.zip--><sub>link to questionable download removed by moderator.</sub> Open the archive and start the unhackme_setup.exe. When the installation is over you will see the main UnHackMe screen. Click on the Advanced button and choose "Send report to the support center"; in the popup menu. Follow the instructions. The report file (regrunlog.txt) will be saved on your Desktop. Attach it to your ticket and click on the Browse button and then to the regrunlog.txt file. Don't insert the report text directly into the message text! We won't be able to analyse such a report. Describe your problem in detail. Add the screenshot, your antivirus log or suspicious files. Thank you for cooperation!

Được chỉnh sửa bởi AliceWyman vào

AliceWyman
  • Moderator
240 giải pháp 2594 câu trả lời
Được đăng

The "UnHackMe" download link in the last post was removed as questionable software.

As posted earlier in this thread, This Mozilla Support article has a range of free tools you can use to scan for malware:

The "UnHackMe" download link in the last post was removed as questionable software. As posted earlier in this thread, This Mozilla Support article has a range of free tools you can use to scan for malware: *[[Troubleshoot Firefox issues caused by malware]]
tomatto007 0 giải pháp 2 câu trả lời
Được đăng

Ok But computer has infected. I want to help. You can use the free utility - RegRun Reanimator. Mode - 'Fix Problems... / Fix Browser Redirect' or 'Send Report'.

Ok But computer has infected. I want to help. You can use the free utility - RegRun Reanimator. Mode - 'Fix Problems... / Fix Browser Redirect' or 'Send Report'.
AliceWyman
  • Moderator
240 giải pháp 2594 câu trả lời
Được đăng

tomatto007,

This forum is not the right place to help users remove malware from their computer.

That being said, forum contributors do sometimes include links to a very small number of malware removal tools which are listed in the Troubleshoot Firefox issues caused by malware article, along with links to specialized malware removal forums for users who need more help. Links to other malware removal tools or direct links to installers are removed by moderators to protect Firefox users from questionable or potentially harmful software.

P.S. Since the original poster has reported that his issue is now solved, I'm closing this thread.

'''tomatto007, ''' This forum is not the right place to help users remove malware from their computer. That being said, forum contributors do sometimes include links to a very small number of [/kb/troubleshoot-firefox-issues-caused-malware#w_how-do-i-get-rid-of-malware malware removal tools] which are listed in the [[Troubleshoot Firefox issues caused by malware]] article, along with links to specialized malware removal forums for users who need more help. Links to other malware removal tools or direct links to installers are removed by moderators to protect Firefox users from questionable or potentially harmful software. P.S. Since the original poster has reported that his issue is now solved, I'm closing this thread.

Được chỉnh sửa bởi AliceWyman vào