Results 1 to 4 of 4

Thread: Cant access www.safer-networking.com

  1. #1
    Junior Member
    Join Date
    Apr 2010
    Posts
    13

    Default Cant access www.safer-networking.com

    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Cambridge at 11:46:01.93 on 13/05/2010
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1547 [GMT 1:00]

    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Cambridge\Desktop\dds.com

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.co.uk/
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [BrowserChoice] "c:\windows\system32\browserchoice.exe" /run
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe"
    mRun: [btbb_wcm_McciTrayApp] "c:\program files\bt broadband desktop help\btbb_wcm\McciTrayApp.exe"
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\cambri~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    Trusted Zone: motive.com\pbttbc.bt
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Notify: Antiwpa - antiwpa.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

    ============= SERVICES / DRIVERS ===============

    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-5-10 11608]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-5-10 135336]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-5-10 267432]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-5-10 60936]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-5-10 303952]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-5-10 20824]
    S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2008-12-18 255488]

    =============== Created Last 30 ================

    2010-05-10 17:56:11 0 d-----w- c:\windows\system32\NtmsData
    2010-05-10 17:51:01 0 d-----w- c:\docume~1\cambri~1\applic~1\Avira
    2010-05-10 16:34:24 0 d-----w- c:\program files\SpywareBlaster
    2010-05-10 16:25:31 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-05-10 16:25:30 0 d-----w- c:\program files\Avira
    2010-05-10 16:25:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Avira
    2010-05-10 16:22:25 0 d-----w- c:\program files\Spybot - Search & Destroy
    2010-05-10 16:22:25 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
    2010-05-10 16:21:03 0 d-----w- c:\docume~1\cambri~1\applic~1\Malwarebytes
    2010-05-10 16:20:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-05-10 16:20:55 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-05-10 16:20:55 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-05-10 16:20:55 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2010-05-10 15:35:00 221184 ----a-w- c:\windows\system32\wmpns.dll
    2010-05-10 15:28:56 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
    2010-05-10 15:25:56 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2010-05-10 15:25:56 411368 ----a-w- c:\windows\system32\deployJava1.dll
    2010-05-10 15:09:33 0 d-----w- c:\windows\system32\XPSViewer
    2010-05-10 15:08:58 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-05-10 15:08:58 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-05-10 15:08:58 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-05-10 15:08:58 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-05-10 15:08:58 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-05-10 15:08:57 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-05-10 15:08:57 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-05-10 15:08:57 0 d-----w- C:\7c1deb81f2f17d7dced98ba44d
    2010-05-10 15:04:34 0 d-----w- c:\program files\Windows Media Connect 2
    2010-05-10 15:02:20 64000 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2010-05-10 14:36:20 0 d-----w- c:\windows\ie8updates
    2010-05-10 14:33:26 293376 ------w- c:\windows\system32\browserchoice.exe
    2010-05-10 14:33:14 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2010-05-10 14:33:14 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2010-05-10 14:30:28 0 d-sh--w- c:\documents and settings\cambridge\IECompatCache
    2010-05-10 14:27:58 0 d-sh--w- c:\documents and settings\cambridge\PrivacIE
    2010-05-10 14:18:33 0 d-sh--w- c:\documents and settings\cambridge\IETldCache
    2010-05-10 14:13:29 0 dc-h--w- c:\windows\ie8
    2010-05-10 13:52:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Avg8
    2010-05-10 13:48:56 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
    2010-05-10 13:48:56 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
    2010-05-10 13:48:41 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
    2010-05-10 13:48:41 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
    2010-05-05 13:31:07 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
    2010-05-05 13:29:57 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
    2010-05-05 13:29:56 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
    2010-05-05 13:26:01 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
    2010-05-05 13:26:00 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
    2010-05-05 13:26:00 110592 -c----w- c:\windows\system32\dllcache\services.exe
    2010-05-05 13:25:59 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
    2010-05-05 13:25:59 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
    2010-05-05 13:25:59 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
    2010-05-05 13:25:57 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
    2010-05-05 13:25:57 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
    2010-05-05 13:24:53 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
    2010-05-05 13:24:41 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
    2010-05-05 13:24:11 128512 -c----w- c:\windows\system32\dllcache\dhtmled.ocx
    2010-05-05 13:21:59 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
    2010-05-05 13:11:56 2560 ------w- c:\windows\system32\xpsp4res.dll
    2010-05-05 13:11:55 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
    2010-05-05 13:11:55 1206508 -c----w- c:\windows\system32\dllcache\sysmain.sdb
    2010-05-05 13:03:16 215920 ----a-w- c:\windows\system32\muweb.dll
    2010-05-05 13:03:15 274288 ----a-w- c:\windows\system32\mucltui.dll
    2010-05-05 13:03:15 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
    2010-05-05 13:02:34 256640 ----a-w- c:\windows\system32\PROUnstl.exe
    2010-05-05 13:02:34 1904 ------w- c:\windows\system32\SetupBD.din
    2010-05-05 12:50:22 5504 -c--a-w- c:\windows\system32\dllcache\intelide.sys
    2010-05-05 12:50:22 5504 ----a-w- c:\windows\system32\drivers\intelide.sys

    ==================== Find3M ====================

    2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-16 14:08:49 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-02-16 13:25:04 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe

    ============= FINISH: 11:46:28.54 ===============

  2. #2
    Junior Member
    Join Date
    Apr 2010
    Posts
    13

    Default Microsoft.Windows.RedirectedHosts & Fraud.WindowsProtectionSuite

    Spybot has detected Microsoft.Windows.RedirectedHosts & Fraud.WindowsProtectionSuite and it cant remove it because host files denies access,

  3. #3
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Looks like you may have an illegal copy of windows on this system
    http://www.bleepingcomputer.com/star...dll-21379.html
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  4. #4
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Topic closed due to lack of response along with the fact that windows may be illegal
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •