Firefox pagenotfound.co redirects

(First post!)

I was just searching for how to resolve this problem and landed on the guide. I'm not sure how many browsers were affected; I didn't think to check. As far as I can tell, it does only happen on my home network; I haven't yet reset my cable modem.

I cleaned out Firefox and 64-bit IE, then ran "ipconfig /flushdns". At this point I tried visiting Yahoo (my typical network test page because I never go there) and the problem didn't manifest. I have had the issue temporarily disappear several times, though.

I then ran GooredFix, whose results are attached - and not nearly as interesting as the first appeared to me. The extensions are the default theme, the Java Console, and Avast, in that order. I'll listen for advice here and post back if the issue returns.

Thanks for the help.

 

I noticed upon reading your reply that my GooredFix.txt attachment didn't seem to make it through, so here it is again with the two new logs.

 

I skipped RootRepeal because I'm on 64-bit. I message stated that SteelWerX had stopped working; I didn't think to check the command-prompt window before dismissing it and am uncertain whether the button said Close or Cancel.

I haven't seen pagenotfound.co again yet; still waiting. Should I re-enable UAC yet, and disable again if necessary?

 

Smooth sailing so far... In fact I haven't seen a problem that had been recurring often: Windows would get confused about how to talk to my modem, I would diagnose and sometimes had to replug the ethernet cable. It was always complaining about DNS issues (when it noticed issues; sometimes it would fix them without acknowledging they were there) while the Linux computer on the same desk never fussed. The Mac installation that dual-boots alongside Windows hasn't had a problem either.

 

(Sorry for the double post; the situation seems to transcend the reasons behind avoiding that.)

The problems are back. I left my computer hooked up to the Internet for a few hours, which I haven't done much since starting this thread. Some applications said they couldn't connect; YouTube began redirecting to pagenotfound.co; and the page for this thread gave me the following message (which has kept coming up, verbatim except for the filename and domain, for a while):

I've always been perplexed how that has been displaying when 1) I'm not supposed to have an Internet connection and 2) the servers are most often very reliable (such as Google).

Sometimes I'll find pages that display fine while others exhibit these symptoms. I replugged my ethernet cable and loaded this page again to make my post, then tried YouTube - still blocked. I tried it again after typing for a while and it works.

What else can I throw at this problem?

 

Sometimes, yes. When I got home I loaded Yahoo in Firefox and landed at a pagenotfound.co address. I opened the same page in Chrome, Safari, and Internet Explorer and got the typical "no connection" message in each one.

I diagnosed the connection (DNS server not responding) and tried again. Now Chrome, Safari, and Internet Explorer access it fine; Firefox showed the pagenotfound.co page with an address of "www.yahoo.com/search.php."

Trying again now, I get a Yahoo page saying it couldn't find the page (when I enter the simple yahoo.com and land at search.php). All the link URLs on that page look like this: http://www.yahoo.com/404/*http://help.yahoo.com

The MajorGeeks page for Firefox points to the download for version 3.6, which I know to be outdated. So I got the recent 8.0.1 from getfirefox.com.

Yahoo works again; I await the symptoms once more.

 

I have been having intermittent connection problems, but I figured if I never saw pagenotfound.co again I must have a legitimate connection issue. I got home and spent a bit of time browsing. All was well so I launched a game client. After playing for a while, I was disconnected (which has happened at least twice before - the first time I thought it was Avira's fault so I switched to Avast). After diagnosing the issue, I visited yahoo.com - I mean pagenotfound.co with a Yahoo address. Chrome exhibited the problem too this time, then a second try in Firefox initially showed a title of "Welcome to mydomainadvisor.com" followed by a notice-page that "The connection was reset." Firefox on Linux, and Internet Explorer & Safari on Windows remain unaffected.

[semi-informed rambling] Apparently the malware needs to fiddle with my DNS settings to get its dirty work done, but the way it does it is clumsy so it ends up disconnecting me and becoming visible. When I diagnose the issue, which seems to generally set things right even when nothing is detected as wrong, a side-effect is that the malware works a little "better": its domain is cloaked as intended. And it comes and goes, I guess in hopes that it's not active while I hunt it. I'd say that makes it more noticeable in a way, though.

I guess I don't need to reset my modem since the issue only manifests on my Windows partition. Should I bother to test in Mac to rule out infection of the network hardware within the Macbook?

 

The toolbar wasn't installed to Firefox or IE so I found it in the Control Panel. I checked the box at the end asking if I wanted to uninstall "Browsing Protection" or something like that. The folders did not exist. I restarted and immediately went to Yahoo in all four browsers; Firefox shows the Yahoo 404 page with the strange URLs while the others get it right.

 

That path doesn't exist; the closest I could get was C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hgro5ax2.default (new profile for the new Firefox) because there is no prefs.js.

After I uninstalled the Ad-Aware toolbar, it wouldn't stop sending me to www.yahoo.com/search.php (a page which doesn't exist - the 404 seems legitimate after all). I decided that since uninstalling it changed the issue, apparently it was related. So I uninstalled Ad-Aware completely, and didn't experience any problems for several hours.

I turned to Google and discovered that Ad-Aware has recently been sending browsers to pagenotfound.co, and that it's now owned by unscrupulous individuals.

After my computer slept for lack of use, I was going to check this thread but the DNS server wouldn't respond. I diagnosed the problem and replugged my ethernet to no avail. Finally one of the times that I diagnosed and tested, I was able to browse again. I still haven't seen anything about pagenotfound.co or mydomainadvisor.com, though.

It's been long enough that I'm pretty sure I'm out of the weather, but I'll wait a day or two more before I start telling all my geek buddies that Ad-Ware... err, Ad-Aware has turned to the dark side.

Unless you think the unresponsive DNS server is malware-related, I'll just ask my ISP about that. My connection issues are divided by ten or more already.