can't get Access to Facebook

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
I 've lost access to Facebook from my PC Can anyone help me that how can I Fix it? I 've tried to get access to fFacebook from different browsers but all in vein so Can anyone help me to fix it?
Em waiting :(
 

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
nd here's the hijackthis scan log
plzzz tell me what to further??????

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:39:55 PM, on 1/28/2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 7013 bytes
 

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
plzzzzzzzzzzzzzzzzz somone help meeeee plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
 

kevinf80

Kevin
Malware Specialist
Joined
Mar 21, 2006
Messages
11,440
Do the following:

Run the MGA Diagnostic Tool and post back the report it creates:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.

Next,

Download and save DDS to your Desktop from either of the following links:

http://download.bleepingcomputer.com/sUBs/dds.scr
http://compendiate.net/sUBs/dds/dds.scr

Note: You must use Internet Explorer to download dds.scr, other browsers will open the file in the browser and not save it. Or if you must use Firefox, or Chrome, then right click the link and select "save link as" and save the file to your desktop.

Double-click the dds.scr file to run the program.

It will automatically run in silent mode and then you will see the following note:

"Two logs shall be created on your Desktop"

The logs will be named dds.txt and attach.txt".

Wait until the logs appear and then copy and paste their contents in your post.

Post those 3 logs.....

Kevin....:)
 

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Blocked VLK
Validation Code: 3
Cached Validation Code: N/A
Windows Product Key: *****-*****-HM64M-6GJRK-8K83T
Windows Product Key Hash: zG14BddWJSi9s2Jj0qZDc21SAXo=
Windows Product ID: 55274-648-5295662-23565
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.2.0.pro
ID: {4A07EA35-8593-4381-8201-F1E51427CAE9}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Professional Plus 2007 - 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{4A07EA35-8593-4381-8201-F1E51427CAE9}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-8K83T</PKey><PID>55274-648-5295662-23565</PID><PIDType>1</PIDType><SID>S-1-5-21-854245398-1788223648-725345543</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0406 </Version><SMBIOSVersion major="2" minor="3"/><Date>20051027000000.000000+000</Date></BIOS><HWID>77D63E7F0184EE7C</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>West Asia Standard Time(GMT+05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData> <Software><Office><Result>100</Result><Products><Product GUID="{90120000-0011-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Plus 2007</Name><Ver>12</Ver><Val>C0A25836FDBE5AC</Val><Hash>FmDbcrRY1pTOcrz4ZUZRHhpUuc0=</Hash><Pid>89409-726-2958074-65662</Pid><PidType>14</PidType></Product><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>C0A25836FDBE5AC</Val><Hash>FmDbcrRY1pTOcrz4ZUZRHhpUuc0=</Hash><Pid>89388-726-2958074-65793</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 14110:ASUSTeK Computer Inc|160BA:GENUINE C&C INC
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
 

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/11/2013 6:50:58 PM
System Uptime: 1/29/2013 5:14:54 PM (5 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5LD2-VM
Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | LGA 775 | 3400/200mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | LGA 775 | 3400/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 10.312 GiB free.
D: is FIXED (FAT32) - 20 GiB total, 19.492 GiB free.
E: is FIXED (NTFS) - 20 GiB total, 6.416 GiB free.
F: is FIXED (NTFS) - 16 GiB total, 5.487 GiB free.
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) 82945G Express Chipset Family
Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_817A1043&REV_02\3&11583659&0&10
Manufacturer: Intel Corporation
Name: Intel(R) 82945G Express Chipset Family
PNP Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_817A1043&REV_02\3&11583659&0&10
Service: igfx
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
==== System Restore Points ===================
.
RP13: 1/23/2013 4:40:03 PM - Installed Microsoft Office Enterprise 2007
RP14: 1/23/2013 4:44:32 PM - Printer Driver Send To Microsoft OneNote Driver Installed
RP15: 1/26/2013 3:20:39 PM - Installed Java 7 Update 11
RP16: 1/28/2013 9:37:31 PM - Installed HiJackThis
RP17: 1/29/2013 9:55:22 PM - Removed HiJackThis
.
==== Installed Programs ======================
.
µTorrent
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
avast! Internet Security
Google Chrome
Google Chrome Frame
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Windows XP (KB915865)
Hotspot Shield 2.83
InstaTrader
Internet Download Manager
Java 7 Update 11
Java Auto Updater
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
Nitro Reader 3
Opera 12.12
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Skype&#8482; 6.1
System Requirements Lab for Intel
TeamViewer 8
Update for Windows XP (KB932823-v3)
VLC media player 2.0.5
WebFldrs XP
Windows Installer 3.1 (KB893803)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
1/28/2013 10:56:32 PM, error: Dhcp [1002] - The IP address lease 10.184.56.19 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.233.111.254 (The DHCP Server sent a DHCPNACK message).
1/25/2013 4:20:53 PM, error: Dhcp [1002] - The IP address lease 10.190.112.118 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.184.63.254 (The DHCP Server sent a DHCPNACK message).
1/25/2013 4:12:58 PM, error: Dhcp [1002] - The IP address lease 10.171.168.80 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.190.119.254 (The DHCP Server sent a DHCPNACK message).
1/24/2013 6:53:38 PM, error: Dhcp [1002] - The IP address lease 10.209.56.38 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.171.175.254 (The DHCP Server sent a DHCPNACK message).
1/23/2013 5:30:12 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 0015F25C55F6 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
1/22/2013 6:10:49 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume F:.
1/22/2013 6:02:30 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0015F25C55F6 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
 

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
DDS scan

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.11.2
Run by farwa bukhari at 22:06:33 on 2013-01-29
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2039.538 [GMT 5:00]
.
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled*
.
============== Running Processes ================
.
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\farwa bukhari\My Documents\Downloads\Programs\MGADiag.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - c:\program files\google\chrome\application\26.0.1386.0\npchrome_frame.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1FDD9113-AF86-4B1D-BBCE-71C5569D6D10} : DHCPNameServer = 192.168.1.1
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome\application\26.0.1386.0\npchrome_frame.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1386.0\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\
FF - prefs.js: browser.search.selectedEngine - uTorrentControl_v2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN78261330421364665&q=
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll
FF - plugin: c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\nitro\reader 3\npdf.dll
FF - plugin: c:\program files\nitro\reader 3\npnitroie.dll
FF - plugin: c:\program files\nitro\reader 3\npnitromozilla.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2013-01-11 21:24; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-01-12 14:46; {7473b6bd-4691-4744-a82b-7854eb3d70b6}; c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
FF - ExtSQL: 2013-01-12 15:28; [email protected]; c:\documents and settings\farwa bukhari\application data\idm\idmmzcc5
FF - ExtSQL: 2013-01-12 20:34; [email protected]; c:\program files\mozilla firefox\extensions\[email protected]
FF - ExtSQL: 2013-01-15 21:13; [email protected]; c:\program files\alwil software\avast5\webrep\FF
FF - ExtSQL: 2013-01-28 21:40; [email protected]; c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\[email protected]
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8SInu92Z&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 5c3208f000000000000000ff948e56f0
FF - user.js: extensions.incredibar_i.instlDay - 15733
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:40:19
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8SInu92Z
FF - user.js: extensions.incredibar_i.upn2n - 92825825660036957
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10665
FF - user.js: extensions.incredibar_i.ppd - t213
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-1-27 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-1-27 199320]
R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2013-1-11 26112]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2013-1-27 106560]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-1-27 20624]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-1-15 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-1-11 361032]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2012-12-24 112480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-1-11 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2013-1-11 44808]
R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2013-1-27 133912]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2013-1-11 533288]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2013-1-11 389928]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\nitro\reader 3\NitroPDFReaderDriverService3.exe [2012-12-17 196624]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-1-11 3467768]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-1-11 1691480]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
.
=============== Created Last 30 ================
.
2013-01-29 16:55:27 -------- d-----w- c:\windows\system32\appmgmt
2013-01-28 16:40:48 -------- d-----w- c:\program files\Perion
2013-01-28 16:37:36 -------- d-----w- c:\program files\Trend Micro
2013-01-27 14:25:42 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-01-27 14:25:28 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-01-27 14:25:28 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-01-27 14:25:21 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2013-01-26 10:21:07 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-25 07:38:55 -------- d-----w- c:\windows\system32\Hotspot Shield
2013-01-23 11:44:36 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2013-01-23 11:44:36 32592 ----a-w- c:\windows\system32\msonpmon.dll
2013-01-16 15:17:29 -------- d-----w- c:\documents and settings\farwa bukhari\application data\TuneUp Software
2013-01-16 15:17:00 -------- d-----w- c:\documents and settings\all users\application data\TuneUp Software
2013-01-16 15:16:50 -------- d-sh--w- c:\documents and settings\all users\application data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-01-16 15:16:49 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2013-01-16 14:54:49 -------- d-----w- c:\documents and settings\farwa bukhari\application data\OpenCandy
2013-01-16 14:51:57 -------- d-----w- c:\program files\Optimizer Pro
2013-01-16 14:29:26 -------- d-----w- C:\Data
2013-01-15 15:51:07 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-14 08:51:47 -------- d-s---w- c:\documents and settings\farwa bukhari\UserData
2013-01-14 08:51:15 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\visi_coupon
2013-01-14 07:49:18 -------- d-----w- c:\windows\SHELLNEW
2013-01-14 07:49:05 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\Microsoft Help
2013-01-12 17:03:43 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2013-01-12 10:43:22 -------- d-----w- c:\documents and settings\farwa bukhari\application data\Nitro
2013-01-12 10:43:09 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-01-12 10:43:09 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-01-12 10:43:01 -------- d-----w- c:\program files\Nitro
2013-01-12 10:43:01 -------- d-----w- c:\program files\common files\Nitro
2013-01-12 10:42:59 -------- d-----w- c:\documents and settings\all users\application data\Nitro
2013-01-12 10:42:33 -------- d-----w- c:\documents and settings\farwa bukhari\application data\Downloaded Installations
2013-01-12 10:28:25 -------- d-----w- c:\documents and settings\farwa bukhari\application data\IDM
2013-01-12 10:28:25 -------- d-----w- c:\documents and settings\farwa bukhari\application data\DMCache
2013-01-12 10:28:09 -------- d-----w- c:\program files\Internet Download Manager
2013-01-12 09:46:16 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\CRE
2013-01-12 09:46:02 -------- d-----w- c:\program files\Conduit
2013-01-12 09:45:58 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\Conduit
2013-01-12 09:45:56 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\Temp
2013-01-12 09:44:04 -------- d-----w- c:\program files\uTorrent
2013-01-12 09:42:27 -------- d-----w- c:\documents and settings\farwa bukhari\application data\uTorrent
.
==================== Find3M ====================
.
2013-01-11 17:54:16 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-11 17:54:16 779704 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-11 17:27:40 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-11 17:27:40 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-11 16:24:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-01-11 16:24:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-01-10 19:28:24 40648 ----a-w- c:\windows\system32\drivers\hssdrv.sys
2012-11-22 00:43:14 112480 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2012-11-01 17:45:36 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
.
============= FINISH: 22:07:06.67 ===============
 

farwabukhary

Thread Starter
Joined
Jan 28, 2013
Messages
7
Sir I 've followed your instructions kindly tell me what Should I do futher thanks a lot
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
117,905
The MGA Diagnostic report indicates that you're runnng a blocked volume license therefore the operating system is not genuine. This means that we cannot assist as we don't condone or support pirated software. You need to purchase a valid license and reload Windows to become genuine before we can assist.

Therefore, since there is nothing further we can do here, I'm closing this thread.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top