OK. I think, your best option in this situation is to back up your Firefox data (MozBackup - Backup tool for Firefox and Thunderbird) and perform clean FF reinstall.
Make sure, it's clean install: Uninstalling Firefox - MozillaZine Knowledge Base

MozBackup: done.

Mozilla Firefox complete Uninstall : Done.

Then I Reinstalled Firefox. I tried a quick search on Mozilla Firefox Start Page without restoring the old profile yet. The problem soon occurs again.

Then I restored the old profile with MozBackup. The problem is still there (but less frequent than two days ago).

See, if you can run FoxScan now.

Originally Posted by broni

See, if you can run FoxScan now.

Same thing as before.

I can see a lot of "Access denied" in the FoxScan window (don't know if that can help...).

I'm starting to wonder, if we're not dealing here with some other computer problems, not an infection.

Turn your computer off, disconnect router/modem from power source for 1 minute.
Restart everything.

Please download The Avenger by Swandog46 to your Desktop.
- Right click on the Avenger.zip folder and select Extract All...
- Follow the prompts and extract the avenger folder to your desktop

Double click on avenger.exe.
Click OK in pop-up window.

Avenger window will open.

Click on Execute button.
Click OK in two consecutive pop-up windows.

Your computer will re-boot now.

Upon re-boot, Notepad window will open.
Select all text, copy it, and paste it into next reply.

NOTE. If the log doesn't open on reboot, open Avenger again, and go File>Open Log File.

There's the report:

Logfile of The Avenger Version 2.0, (c) by Swandog46
Swandog46's Public Anti-Malware Tools

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Completed script processing.

*******************

Finished! Terminate.

Nothing here...

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

• Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.
• This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.
• Once the short scan has finished, select Complete scan.
• Click the green arrow at the right, and the scan will start.
• Click Yes to all if it asks if you want to cure/move the file.
• When the scan has finished, in the menu, click File and choose Save report list
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.
• Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
• Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Here’s the report:
Processus en mémoire: C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe:588;;BackDoor.Tdss.565;Eradiqué .;
RegUBP2b-Proprio.reg;C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Snapshots2;Trojan.StartPage.1505;Supprimé. ;
61FC5AB4d01;C:\Documents and Settings\Proprio\AppData\Local\Application Data\Mozilla\Firefox\Profiles\bf0wc3u6.default\Cac he;Probablement SCRIPT.Virus;;
61FC5AB4d01;C:\Documents and Settings\Proprio\AppData\Local\Mozilla\Firefox\Pro files\bf0wc3u6.default\Cache;Probablement SCRIPT.Virus;;
61FC5AB4d01;C:\Documents and Settings\Proprio\Local Settings\Mozilla\Firefox\Profiles\bf0wc3u6.default \Cache;Probablement SCRIPT.Virus;;
61FC5AB4d01;C:\Users\Proprio\AppData\Local\Mozilla \Firefox\Profiles\bf0wc3u6.default\Cache;Probablem ent SCRIPT.Virus;;
61FC5AB4d01;C:\Users\Proprio\Local Settings\Mozilla\Firefox\Profiles\bf0wc3u6.default \Cache;Probablement SCRIPT.Virus;;

_--------------------------------------------
I didn’t know what to do with those scripts Virus after the scan so I didn’t take any action with DrWeb.

I prefer to play save and doing your directions.

Bad or good ?

Very good approach
I want you to kill all those entries.
I can see some of those locations are in Firefox profile, so there is a chance, it may help.