Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My WordPress blog links don't work, in Firefox; and, I keep getting redirected to "Local Pages" advertising.


  • Please log in to reply
4 replies to this topic

#1 Teochter

Teochter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 25 November 2011 - 07:04 PM

I write a blog, which I built using WordPress; however, I keep seeing red colouring on some of my links which, when clicked on, takes me through to either a "page not found", or to advertisments from an organisation called "Local Pages": I have tried to contact "Local pages", without success! Periodically, the links to my "Recent Posts" and "Recent Comments" also appear to be red cloured, and sometimes go dead. The RSS reader icon is sometimes affected also.I think that the red colouring that appears on some of my links is, somehow, linked to the No/dofollow facility when the right mouse is clicked.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by user at 15:11:26 on 2011-11-25
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2134 [GMT 0:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Firewall *Enabled*
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\AOL\1312112157\ee\AOLSoftware.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\WI371A~2\Datamngr\DATAMN~1.EXE
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: AOL Broadband Toolbar Search Class: {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - c:\program files\aol broadband toolbar\aolbbtb.dll
uURLSearchHooks: Serif WebPlus Toolbar: {07364a98-eb02-4736-bc54-ebe437fccb87} - c:\program files\serif__webplus\prxtbSeri.dll
mURLSearchHooks: AOL Broadband Toolbar Search Class: {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - c:\program files\aol broadband toolbar\aolbbtb.dll
mURLSearchHooks: H - No File
BHO: Serif WebPlus Toolbar: {07364a98-eb02-4736-bc54-ebe437fccb87} - c:\program files\serif__webplus\prxtbSeri.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: AOL Broadband Toolbar Loader: {776a9d06-e178-4aa0-aee4-b4de3a64ad28} - c:\program files\aol broadband toolbar\aolbbtb.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~2\datamngr\toolbar\searchqudtx.dll
BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\wi371a~2\datamngr\BROWSE~1.DLL
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - c:\program files\common files\simple adblock\SimpleAdblock.dll
TB: AOL Broadband Toolbar: {e6ed7f95-e571-4f81-8757-5eb11252703d} - c:\program files\aol broadband toolbar\aolbbtb.dll
TB: Serif WebPlus Toolbar: {07364a98-eb02-4736-bc54-ebe437fccb87} - c:\program files\serif__webplus\prxtbSeri.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~2\datamngr\toolbar\searchqudtx.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [HostManager] c:\program files\common files\aol\1312112157\ee\AOLSoftware.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DATAMNGR] c:\progra~1\wi371a~2\datamngr\DATAMN~1.EXE
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [WUAppSetup] c:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023
StartupFolder: c:\docume~1\user\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: aol.co.uk\www
Trusted Zone: aol.com\mail
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302524918559
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{DE4DE603-F4F3-4AC7-922C-377CB5146A44} : DhcpNameServer = 192.168.1.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\wi371a~2\datamngr\datamngr.dll c:\progra~1\wi371a~2\datamngr\IEBHO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\z3nmo6x1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3031756&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=113&systemid=406&sr=0&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 295248]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl260c5cb0;MpKsl260c5cb0;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\MpKsl260c5cb0.sys [2011-11-25 28752]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-10-24 2398512]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 16720]
S1 MpKsl4d097c4e;MpKsl4d097c4e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{33aa2a4e-ab6d-46d4-b1fb-19b1ee2777a4}\mpksl4d097c4e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{33aa2a4e-ab6d-46d4-b1fb-19b1ee2777a4}\MpKsl4d097c4e.sys [?]
S1 MpKsl72e9e978;MpKsl72e9e978;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\mpksl72e9e978.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\MpKsl72e9e978.sys [?]
S1 MpKsl8579b436;MpKsl8579b436;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{33aa2a4e-ab6d-46d4-b1fb-19b1ee2777a4}\mpksl8579b436.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{33aa2a4e-ab6d-46d4-b1fb-19b1ee2777a4}\MpKsl8579b436.sys [?]
S1 MpKslbce049df;MpKslbce049df;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{afa45ab1-0152-4ac5-ad4b-2f6b850e71c3}\mpkslbce049df.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{afa45ab1-0152-4ac5-ad4b-2f6b850e71c3}\MpKslbce049df.sys [?]
S1 MpKsld9662fc1;MpKsld9662fc1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\mpksld9662fc1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\MpKsld9662fc1.sys [?]
S1 MpKslfd24a94b;MpKslfd24a94b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{33aa2a4e-ab6d-46d4-b1fb-19b1ee2777a4}\mpkslfd24a94b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{33aa2a4e-ab6d-46d4-b1fb-19b1ee2777a4}\MpKslfd24a94b.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30944]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-25 14:47:40 -------- d-----w- c:\documents and settings\user\application data\Simple Adblock
2011-11-25 14:47:38 -------- d-----w- c:\program files\common files\Simple Adblock
2011-11-25 10:40:19 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\MpKsl260c5cb0.sys
2011-11-25 10:40:17 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\offreg.dll
2011-11-25 10:33:48 -------- dc-h--w- c:\windows\ie8
2011-11-25 09:26:35 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b7c2f221-5777-4178-a51e-21c6a9fdece3}\mpengine.dll
2011-11-23 15:58:50 -------- d-----w- c:\program files\Runtime Software
2011-11-23 14:17:35 -------- d-----w- c:\program files\Cobian Backup 8
2011-11-23 13:37:50 -------- d-----w- c:\documents and settings\user\local settings\application data\Safe mirror
2011-11-23 13:34:39 -------- d-----w- c:\program files\Cobian Backup 10
2011-11-23 12:55:15 -------- d-----w- c:\documents and settings\user\application data\ElevatedDiagnostics
2011-11-23 09:26:58 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-11-21 15:44:03 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-21 15:41:13 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-11-21 15:41:13 215920 ----a-w- c:\windows\system32\muweb.dll
2011-11-21 15:41:13 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-11-21 15:40:03 -------- d-----w- c:\program files\Microsoft Security Client
2011-11-13 16:29:10 -------- d-----w- c:\documents and settings\user\application data\Final Draft
2011-11-13 10:27:42 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan
2011-11-13 10:27:37 -------- d-----w- c:\program files\McAfee Security Scan
2011-11-12 12:32:30 -------- d-----w- c:\documents and settings\user\application data\PrimoPDF
2011-11-11 17:39:38 180624 ----a-w- c:\windows\system32\Primomonnt.dll
2011-11-11 17:39:34 -------- d-----w- c:\program files\Nitro PDF
2011-11-08 16:15:50 -------- d-----w- c:\documents and settings\user\application data\searchqutoolbar
2011-11-08 15:50:49 -------- d-----w- c:\program files\Ask.com
2011-11-08 15:50:47 -------- d-----w- c:\documents and settings\user\local settings\application data\AskToolbar
2011-11-08 15:50:37 -------- d-----w- c:\program files\FoxTabFLVPlayer
2011-11-05 13:09:31 -------- dc-h--w- c:\documents and settings\all users\application data\{08E30618-5D06-461B-BBD3-4ADFB0810824}
2011-11-05 13:09:20 -------- d-----w- c:\program files\iLivid
2011-11-05 13:08:57 -------- d-----w- c:\program files\Windows iLivid Toolbar
2011-11-03 17:49:15 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
.
==================== Find3M ====================
.
2011-11-08 09:53:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-07 06:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-10-04 06:21:42 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-10-03 04:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 10:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-13 05:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-30 22:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 22:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 22:05:04 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 22:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-27 16:51:50 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
.
============= FINISH: 15:12:15.26 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 AM

Posted 30 November 2011 - 07:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/429317 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Teochter

Teochter
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:50 AM

Posted 01 December 2011 - 12:50 PM

Hi
Apologies for not replying sooner, and many thanks for the last email reminder. Since my first request for help, the problems I was / am experiencing have changed a little. I am still seeing some of the links on my blog highlited in red; however, after deleting my "recent comments" plugin, I am no longer being re-directed to the "Local Pages" advertisments that I first mentioned. The links to various sections of the blog, posts etc', all appear to be working now, in the Google Chrome, AOL, and IE 8, browsers, but not in Firefox (latest edition.)

I ran MalWare bytes, yesterday, and discovered an Adware Winfix32, I think that was the name; however, the MalwareBytes software removed it. And, I don't know if it's relevant or not, but the red highlighting I mentioned turns blue when I right click and toggle on the NoDofollow gizmo!

So, to summarize, the other remaining problem I have now is:

In the blog Meta data section, both the RSS categories re-direct me to, what looks like, the actual source code. I would be grateful if you can help me.

Best regards
Ian McKay

(END)


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 28/11/2008 22:01:52
System Uptime: 01/12/2011 15:44:24 (1 hours ago)
.
Motherboard: Dell Inc. | | 0UH789
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 279 GiB total, 214.459 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 466 GiB total, 431.279 GiB free.
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP80: 06/11/2011 13:04:15 - AVG Regisry Defrag - before defragmentation
RP81: 06/11/2011 13:04:15 - System Checkpoint
RP82: 06/11/2011 13:04:15 - Software Distribution Service 3.0
RP83: 06/11/2011 13:04:15 - System Checkpoint
RP84: 06/11/2011 13:04:16 - Installed Windows Internet Explorer 8.
RP85: 06/11/2011 13:04:16 - Software Distribution Service 3.0
RP86: 06/11/2011 13:04:16 - Installed Windows Internet Explorer 8.
RP87: 06/11/2011 13:04:16 - Software Distribution Service 3.0
RP88: 06/11/2011 13:04:16 - Software Distribution Service 3.0
RP89: 06/11/2011 13:04:16 - System Checkpoint
RP90: 06/11/2011 13:04:16 - System Checkpoint
RP91: 06/11/2011 13:04:17 - System Checkpoint
RP92: 06/11/2011 13:04:17 - System Checkpoint
RP93: 06/11/2011 13:04:17 - System Checkpoint
RP94: 06/11/2011 13:04:17 - System Checkpoint
RP95: 06/11/2011 13:04:17 - System Checkpoint
RP96: 06/11/2011 13:04:17 - AVG Regisry Defrag - before defragmentation
RP97: 06/11/2011 13:04:17 - System Checkpoint
RP98: 06/11/2011 13:04:17 - System Checkpoint
RP99: 06/11/2011 13:04:17 - System Checkpoint
RP100: 06/11/2011 13:04:18 - Software Distribution Service 3.0
RP101: 06/11/2011 13:04:18 - System Checkpoint
RP102: 06/11/2011 13:04:18 - System Checkpoint
RP103: 06/11/2011 13:04:18 - System Checkpoint
RP104: 06/11/2011 13:04:18 - System Checkpoint
RP105: 06/11/2011 13:04:19 - System Checkpoint
RP106: 06/11/2011 13:04:19 - System Checkpoint
RP107: 06/11/2011 13:04:19 - System Checkpoint
RP108: 06/11/2011 13:04:19 - AVG Regisry Defrag - before defragmentation
RP109: 06/11/2011 13:04:19 - System Checkpoint
RP110: 06/11/2011 13:04:19 - System Checkpoint
RP111: 06/11/2011 13:04:19 - System Checkpoint
RP112: 06/11/2011 13:04:19 - System Checkpoint
RP113: 06/11/2011 13:04:19 - Software Distribution Service 3.0
RP114: 06/11/2011 13:04:20 - System Checkpoint
RP115: 06/11/2011 13:04:20 - System Checkpoint
RP116: 06/11/2011 13:04:20 - System Checkpoint
RP117: 06/11/2011 13:04:20 - System Checkpoint
RP118: 06/11/2011 13:04:20 - System Checkpoint
RP119: 06/11/2011 13:04:20 - Removed Java™ 6 Update 13
RP120: 06/11/2011 13:04:20 - Removed OpenOffice.org 3.1
RP121: 06/11/2011 13:04:20 - System Checkpoint
RP122: 06/11/2011 13:04:20 - Software Distribution Service 3.0
RP123: 06/11/2011 13:04:20 - Installed Java™ 6 Update 26
RP124: 06/11/2011 13:04:20 - System Checkpoint
RP125: 06/11/2011 13:04:21 - System Checkpoint
RP126: 06/11/2011 13:04:21 - Installed Final Draft 7
RP127: 06/11/2011 13:04:21 - Printer Driver Amyuni Document Converter 2.50 Installed
RP128: 06/11/2011 13:04:21 - System Checkpoint
RP129: 06/11/2011 13:04:21 - System Checkpoint
RP130: 06/11/2011 13:04:21 - System Checkpoint
RP131: 06/11/2011 13:04:21 - Installed Serif WebPlus Starter Edition 3.0
RP132: 06/11/2011 13:04:21 - Software Distribution Service 3.0
RP133: 06/11/2011 13:04:21 - System Checkpoint
RP134: 06/11/2011 13:04:21 - System Checkpoint
RP135: 06/11/2011 13:04:22 - AVG Regisry Defrag - before defragmentation
RP136: 06/11/2011 13:04:22 - Software Distribution Service 3.0
RP137: 06/11/2011 13:04:22 - System Checkpoint
RP138: 06/11/2011 13:04:22 - System Checkpoint
RP139: 06/11/2011 13:04:22 - System Checkpoint
RP140: 06/11/2011 13:04:22 - System Checkpoint
RP141: 06/11/2011 13:04:22 - System Checkpoint
RP142: 06/11/2011 13:04:22 - Software Distribution Service 3.0
RP143: 06/11/2011 13:04:22 - System Checkpoint
RP144: 06/11/2011 13:04:23 - System Checkpoint
RP145: 06/11/2011 13:04:23 - System Checkpoint
RP146: 06/11/2011 13:04:23 - Installed AVG 2012
RP147: 06/11/2011 13:04:23 - Installed AVG 2012
RP148: 06/11/2011 13:04:23 - Installed iTunes
RP149: 06/11/2011 13:04:23 - Removed Apple Mobile Device Support
RP150: 06/11/2011 13:04:23 - Removed Apple Application Support
RP151: 06/11/2011 13:04:23 - Removed iTunes
RP152: 06/11/2011 13:04:23 - Installed Java™ 6 Update 29
RP153: 06/11/2011 13:04:24 - System Checkpoint
RP154: 06/11/2011 13:04:24 - System Checkpoint
RP155: 06/11/2011 13:04:24 - System Checkpoint
RP156: 06/11/2011 13:04:24 - Installed Windows Internet Explorer 8.
RP157: 06/11/2011 13:04:24 - Software Distribution Service 3.0
RP158: 06/11/2011 13:04:24 - Software Distribution Service 3.0
RP159: 06/11/2011 13:04:24 - System Checkpoint
RP160: 06/11/2011 13:04:24 - System Checkpoint
RP161: 06/11/2011 13:04:25 - System Checkpoint
RP162: 06/11/2011 13:04:25 - System Checkpoint
RP163: 06/11/2011 13:04:25 - Installed Microsoft Fix it 50777
RP164: 06/11/2011 13:04:25 - System Checkpoint
RP165: 06/11/2011 13:04:25 - System Checkpoint
RP166: 06/11/2011 13:04:25 - System Checkpoint
RP167: 06/11/2011 13:04:25 - AVG Regisry Defrag - before defragmentation
RP168: 06/11/2011 13:04:25 - System Checkpoint
RP169: 07/11/2011 13:12:23 - System Checkpoint
RP170: 08/11/2011 14:22:18 - System Checkpoint
RP171: 09/11/2011 18:18:05 - System Checkpoint
RP172: 09/11/2011 22:43:00 - Software Distribution Service 3.0
RP173: 11/11/2011 09:49:33 - System Checkpoint
RP174: 11/11/2011 17:39:42 - Printer Driver PrimoPDF Installed
RP175: 11/11/2011 23:50:43 - Software Distribution Service 3.0
RP176: 12/11/2011 12:31:04 - Printer Driver PrimoPDF Installed
RP177: 13/11/2011 23:10:46 - System Checkpoint
RP178: 15/11/2011 10:04:04 - System Checkpoint
RP179: 16/11/2011 14:50:02 - System Checkpoint
RP180: 18/11/2011 11:30:15 - System Checkpoint
RP181: 07/11/2011 14:59:51 - System Checkpoint
RP182: 19/11/2011 11:09:07 - AVG Regisry Defrag - before defragmentation
RP183: 21/11/2011 12:43:10 - System Checkpoint
RP184: 21/11/2011 15:44:02 - Software Distribution Service 3.0
RP185: 21/11/2011 15:45:16 - Software Distribution Service 3.0
RP186: 23/11/2011 09:26:27 - Software Distribution Service 3.0
RP187: 24/11/2011 11:33:25 - System Checkpoint
RP188: 25/11/2011 09:26:30 - Software Distribution Service 3.0
RP189: 25/11/2011 10:35:07 - Installed Windows Internet Explorer 8.
RP190: 25/11/2011 10:37:20 - Software Distribution Service 3.0
RP191: 25/11/2011 14:47:33 - Installed Simple Adblock
RP192: 26/11/2011 00:17:13 - Software Distribution Service 3.0
RP193: 26/11/2011 10:22:44 - Software Distribution Service 3.0
RP194: 26/11/2011 17:25:59 - Restore Operation
RP195: 26/11/2011 17:34:57 - Software Distribution Service 3.0
RP196: 27/11/2011 10:06:16 - Software Distribution Service 3.0
RP197: 28/11/2011 14:24:32 - System Checkpoint
RP198: 29/11/2011 17:51:58 - System Checkpoint
RP199: 30/11/2011 09:12:33 - Software Distribution Service 3.0
RP200: 01/12/2011 11:40:22 - System Checkpoint
RP201: 01/12/2011 15:56:16 - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.6
AiO_Scan_CDA
AOL Broadband Toolbar
AOL Uninstaller (Choose which Products to Remove)
Apple Software Update
Ask Toolbar
AVG 2012
AVG PC Tuneup 2011
Belarc Advisor 8.2
Bonjour
Cobian Backup 8
Download Updater (AOL LLC)
DriveImage XML (Private Edition)
DVD Suite
Final Draft 7
Google Chrome
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart, Officejet and Deskjet 7.0.A
iLivid
Intel® Graphics Media Accelerator Driver
Internet Explorer (Enable DEP)
Java Auto Updater
Java™ 6 Update 29
Java™ 6 Update 7
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Automated Troubleshooting Services Shim
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Fix it Center
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Security Client
Microsoft Security Essentials
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mouse Suite
Mozilla Firefox 8.0.1 (x86 en-GB)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org 3.3
PrimoPDF -- brought to you by Nitro PDF Software
QFolder
RoboForm 7-6-1 (All Users)
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB923789)
Serif WebPlus Toolbar
Serif WebPlus Starter Edition 3.0
Simple Adblock
Skype Click to Call
Skype™ 5.5
SopCast 3.4.0
swMSM
System Requirements Lab for Intel
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Veetle TV
Viewpoint Media Player
VLC media player 1.1.11
WebFldrs XP
Windows iLivid Toolbar
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Xvid 1.2.2 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
29/11/2011 19:37:13, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
29/11/2011 11:03:59, error: Service Control Manager [7001] - The Windows Search service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
29/11/2011 11:03:58, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
29/11/2011 09:52:46, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified.
29/11/2011 09:47:44, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.2675.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
29/11/2011 09:47:44, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.2675.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
.
==== End Of File ===========================

Attached Files


Edited by Orange Blossom, 01 December 2011 - 02:31 PM.
Merged topics. ~ OB


#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:50 AM

Posted 01 December 2011 - 02:35 PM

I merged your reply to the topic it belongs to. Please keep all posts regarding this issue to this topic by using the Add Reply button found near the bottom. Starting new topics causes confusion for all concerned and delays the assistance you receive. I suggest bookmarking the topic and checking the topic itself for replies rather than relying on e-mail notification which is unreliable.

A team member will be with you soon.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 shelf life

shelf life

  • Malware Response Team
  • 2,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:04:50 AM

Posted 01 December 2011 - 05:57 PM

hi,

First, iam no HTML guru if that turns out to be the problem. The raw HTML code is ok? Are you having any issues like re-directs when using your browser? Look in add/remove programs panel and uninstall: Searchqu Toolbar, if present.

Download and run the free version of malwarebytes

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users