1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

can't get Access to Facebook

Discussion in 'Virus & Other Malware Removal' started by farwabukhary, Jan 28, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    I 've lost access to Facebook from my PC Can anyone help me that how can I Fix it? I 've tried to get access to fFacebook from different browsers but all in vein so Can anyone help me to fix it?
    Em waiting :(
     
  2. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    nd here's the hijackthis scan log
    plzzz tell me what to further??????

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:39:55 PM, on 1/28/2013
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast5\afwServ.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    C:\Program Files\Hotspot Shield\bin\hsswd.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
    O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 7013 bytes
     
  3. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    plzzzzzzzzzzzzzzzzz somone help meeeee plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
     
  4. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,377
    First Name:
    Kevin
    Do the following:

    Run the MGA Diagnostic Tool and post back the report it creates:
    • Download MGADiag to your desktop.
    • Double-click on MGADiag.exe to launch the program
    • Click "Continue"
    • Ensure that the "Windows" tab is selected (it should be by default).
    • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
    • Paste the MGA Diagnostic Report back here in your next reply.

    Next,

    Download and save DDS to your Desktop from either of the following links:

    http://download.bleepingcomputer.com/sUBs/dds.scr
    http://compendiate.net/sUBs/dds/dds.scr

    Note: You must use Internet Explorer to download dds.scr, other browsers will open the file in the browser and not save it. Or if you must use Firefox, or Chrome, then right click the link and select "save link as" and save the file to your desktop.

    Double-click the dds.scr file to run the program.

    It will automatically run in silent mode and then you will see the following note:

    "Two logs shall be created on your Desktop"

    The logs will be named dds.txt and attach.txt".

    Wait until the logs appear and then copy and paste their contents in your post.

    Post those 3 logs.....

    Kevin....:)
     
  5. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Status: Blocked VLK
    Validation Code: 3
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-HM64M-6GJRK-8K83T
    Windows Product Key Hash: zG14BddWJSi9s2Jj0qZDc21SAXo=
    Windows Product ID: 55274-648-5295662-23565
    Windows Product ID Type: 1
    Windows License Type: Volume
    Windows OS version: 5.1.2600.2.00010100.2.0.pro
    ID: {4A07EA35-8593-4381-8201-F1E51427CAE9}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Plus 2007 - 100 Genuine
    Microsoft Office Enterprise 2007 - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
    Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{4A07EA35-8593-4381-8201-F1E51427CAE9}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-8K83T</PKey><PID>55274-648-5295662-23565</PID><PIDType>1</PIDType><SID>S-1-5-21-854245398-1788223648-725345543</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0406 </Version><SMBIOSVersion major="2" minor="3"/><Date>20051027000000.000000+000</Date></BIOS><HWID>77D63E7F0184EE7C</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>West Asia Standard Time(GMT+05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData> <Software><Office><Result>100</Result><Products><Product GUID="{90120000-0011-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Plus 2007</Name><Ver>12</Ver><Val>C0A25836FDBE5AC</Val><Hash>FmDbcrRY1pTOcrz4ZUZRHhpUuc0=</Hash><Pid>89409-726-2958074-65662</Pid><PidType>14</PidType></Product><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>C0A25836FDBE5AC</Val><Hash>FmDbcrRY1pTOcrz4ZUZRHhpUuc0=</Hash><Pid>89388-726-2958074-65793</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

    Licensing Data-->
    N/A

    Windows Activation Technologies-->
    N/A

    HWID Data-->
    N/A

    OEM Activation 1.0 Data-->
    BIOS string matches: yes
    Marker string from BIOS: 14110:ASUSTeK Computer Inc|160BA:GENUINE C&C INC
    Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

    OEM Activation 2.0 Data-->
    N/A
     
  6. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/11/2013 6:50:58 PM
    System Uptime: 1/29/2013 5:14:54 PM (5 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P5LD2-VM
    Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | LGA 775 | 3400/200mhz
    Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | LGA 775 | 3400/200mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 20 GiB total, 10.312 GiB free.
    D: is FIXED (FAT32) - 20 GiB total, 19.492 GiB free.
    E: is FIXED (NTFS) - 20 GiB total, 6.416 GiB free.
    F: is FIXED (NTFS) - 16 GiB total, 5.487 GiB free.
    H: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) 82945G Express Chipset Family
    Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_817A1043&REV_02\3&11583659&0&10
    Manufacturer: Intel Corporation
    Name: Intel(R) 82945G Express Chipset Family
    PNP Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_817A1043&REV_02\3&11583659&0&10
    Service: igfx
    .
    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description:
    Device ID: ACPI\ATK0110\1010110
    Manufacturer:
    Name:
    PNP Device ID: ACPI\ATK0110\1010110
    Service:
    .
    ==== System Restore Points ===================
    .
    RP13: 1/23/2013 4:40:03 PM - Installed Microsoft Office Enterprise 2007
    RP14: 1/23/2013 4:44:32 PM - Printer Driver Send To Microsoft OneNote Driver Installed
    RP15: 1/26/2013 3:20:39 PM - Installed Java 7 Update 11
    RP16: 1/28/2013 9:37:31 PM - Installed HiJackThis
    RP17: 1/29/2013 9:55:22 PM - Removed HiJackThis
    .
    ==== Installed Programs ======================
    .
    ĀµTorrent
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    avast! Internet Security
    Google Chrome
    Google Chrome Frame
    Google Update Helper
    High Definition Audio Driver Package - KB888111
    Hotfix for Windows XP (KB915865)
    Hotspot Shield 2.83
    InstaTrader
    Internet Download Manager
    Java 7 Update 11
    Java Auto Updater
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Software Update for Web Folders (English) 12
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox 18.0.1 (x86 en-US)
    Mozilla Maintenance Service
    Nitro Reader 3
    Opera 12.12
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Skype&#8482; 6.1
    System Requirements Lab for Intel
    TeamViewer 8
    Update for Windows XP (KB932823-v3)
    VLC media player 2.0.5
    WebFldrs XP
    Windows Installer 3.1 (KB893803)
    WinRAR archiver
    Yahoo! Messenger
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/28/2013 10:56:32 PM, error: Dhcp [1002] - The IP address lease 10.184.56.19 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.233.111.254 (The DHCP Server sent a DHCPNACK message).
    1/25/2013 4:20:53 PM, error: Dhcp [1002] - The IP address lease 10.190.112.118 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.184.63.254 (The DHCP Server sent a DHCPNACK message).
    1/25/2013 4:12:58 PM, error: Dhcp [1002] - The IP address lease 10.171.168.80 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.190.119.254 (The DHCP Server sent a DHCPNACK message).
    1/24/2013 6:53:38 PM, error: Dhcp [1002] - The IP address lease 10.209.56.38 for the Network Card with network address 00FF948E56F0 has been denied by the DHCP server 10.171.175.254 (The DHCP Server sent a DHCPNACK message).
    1/23/2013 5:30:12 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 0015F25C55F6 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    1/22/2013 6:10:49 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume F:.
    1/22/2013 6:02:30 PM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 0015F25C55F6 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    .
    ==== End Of File ===========================
     
  7. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    DDS scan

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.11.2
    Run by farwa bukhari at 22:06:33 on 2013-01-29
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2039.538 [GMT 5:00]
    .
    AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: avast! Internet Security *Enabled*
    .
    ============== Running Processes ================
    .
    C:\Program Files\Alwil Software\Avast5\afwServ.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Real\RealPlayer\update\realsched.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    C:\Program Files\Hotspot Shield\bin\hsswd.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Hotspot Shield\bin\openvpntray.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\farwa bukhari\My Documents\Downloads\Programs\MGADiag.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
    BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - c:\program files\google\chrome\application\26.0.1386.0\npchrome_frame.dll
    BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
    IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{1FDD9113-AF86-4B1D-BBCE-71C5569D6D10} : DHCPNameServer = 192.168.1.1
    Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome\application\26.0.1386.0\npchrome_frame.dll
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1386.0\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\
    FF - prefs.js: browser.search.selectedEngine - uTorrentControl_v2 Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&CUI=UN78261330421364665&q=
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
    FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
    FF - plugin: c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll
    FF - plugin: c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.124\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\nitro\reader 3\npdf.dll
    FF - plugin: c:\program files\nitro\reader 3\npnitroie.dll
    FF - plugin: c:\program files\nitro\reader 3\npnitromozilla.dll
    FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
    FF - ExtSQL: 2013-01-11 21:24; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
    FF - ExtSQL: 2013-01-12 14:46; {7473b6bd-4691-4744-a82b-7854eb3d70b6}; c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
    FF - ExtSQL: 2013-01-12 15:28; [email protected]; c:\documents and settings\farwa bukhari\application data\idm\idmmzcc5
    FF - ExtSQL: 2013-01-12 20:34; [email protected]; c:\program files\mozilla firefox\extensions\[email protected]
    FF - ExtSQL: 2013-01-15 21:13; [email protected]; c:\program files\alwil software\avast5\webrep\FF
    FF - ExtSQL: 2013-01-28 21:40; [email protected]; c:\documents and settings\farwa bukhari\application data\mozilla\firefox\profiles\oic5j02x.default\extensions\[email protected]
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.incredibar_i.newTab - false
    FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8SInu92Z&loc=IB_TB&i=26&search=
    FF - user.js: extensions.incredibar_i.id - 5c3208f000000000000000ff948e56f0
    FF - user.js: extensions.incredibar_i.instlDay - 15733
    FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
    FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
    FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:40:19
    FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
    FF - user.js: extensions.incredibar_i.prdct - incredibar
    FF - user.js: extensions.incredibar_i.aflt - orgnl
    FF - user.js: extensions.incredibar_i.smplGrp - none
    FF - user.js: extensions.incredibar_i.tlbrId - base
    FF - user.js: extensions.incredibar_i.instlRef -
    FF - user.js: extensions.incredibar_i.dfltLng -
    FF - user.js: extensions.incredibar_i.excTlbr - false
    FF - user.js: extensions.incredibar_i.ms_url_id -
    FF - user.js: extensions.incredibar_i.upn2 - 6R8SInu92Z
    FF - user.js: extensions.incredibar_i.upn2n - 92825825660036957
    FF - user.js: extensions.incredibar_i.productid - 26
    FF - user.js: extensions.incredibar_i.installerproductid - 26
    FF - user.js: extensions.incredibar_i.did - 10665
    FF - user.js: extensions.incredibar_i.ppd - t213
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-1-27 12112]
    R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-1-27 199320]
    R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2013-1-11 26112]
    R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2013-1-27 106560]
    R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-1-27 20624]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-1-15 738504]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-1-11 361032]
    R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2012-12-24 112480]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-1-11 21256]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2013-1-11 44808]
    R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2013-1-27 133912]
    R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2013-1-11 533288]
    R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2013-1-11 389928]
    R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\nitro\reader 3\NitroPDFReaderDriverService3.exe [2012-12-17 196624]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
    R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-1-11 3467768]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-1-11 1691480]
    S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
    .
    =============== Created Last 30 ================
    .
    2013-01-29 16:55:27 -------- d-----w- c:\windows\system32\appmgmt
    2013-01-28 16:40:48 -------- d-----w- c:\program files\Perion
    2013-01-28 16:37:36 -------- d-----w- c:\program files\Trend Micro
    2013-01-27 14:25:42 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys
    2013-01-27 14:25:28 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
    2013-01-27 14:25:28 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
    2013-01-27 14:25:21 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
    2013-01-26 10:21:07 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-01-25 07:38:55 -------- d-----w- c:\windows\system32\Hotspot Shield
    2013-01-23 11:44:36 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
    2013-01-23 11:44:36 32592 ----a-w- c:\windows\system32\msonpmon.dll
    2013-01-16 15:17:29 -------- d-----w- c:\documents and settings\farwa bukhari\application data\TuneUp Software
    2013-01-16 15:17:00 -------- d-----w- c:\documents and settings\all users\application data\TuneUp Software
    2013-01-16 15:16:50 -------- d-sh--w- c:\documents and settings\all users\application data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
    2013-01-16 15:16:49 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
    2013-01-16 14:54:49 -------- d-----w- c:\documents and settings\farwa bukhari\application data\OpenCandy
    2013-01-16 14:51:57 -------- d-----w- c:\program files\Optimizer Pro
    2013-01-16 14:29:26 -------- d-----w- C:\Data
    2013-01-15 15:51:07 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-01-14 08:51:47 -------- d-s---w- c:\documents and settings\farwa bukhari\UserData
    2013-01-14 08:51:15 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\visi_coupon
    2013-01-14 07:49:18 -------- d-----w- c:\windows\SHELLNEW
    2013-01-14 07:49:05 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\Microsoft Help
    2013-01-12 17:03:43 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
    2013-01-12 10:43:22 -------- d-----w- c:\documents and settings\farwa bukhari\application data\Nitro
    2013-01-12 10:43:09 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
    2013-01-12 10:43:09 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
    2013-01-12 10:43:01 -------- d-----w- c:\program files\Nitro
    2013-01-12 10:43:01 -------- d-----w- c:\program files\common files\Nitro
    2013-01-12 10:42:59 -------- d-----w- c:\documents and settings\all users\application data\Nitro
    2013-01-12 10:42:33 -------- d-----w- c:\documents and settings\farwa bukhari\application data\Downloaded Installations
    2013-01-12 10:28:25 -------- d-----w- c:\documents and settings\farwa bukhari\application data\IDM
    2013-01-12 10:28:25 -------- d-----w- c:\documents and settings\farwa bukhari\application data\DMCache
    2013-01-12 10:28:09 -------- d-----w- c:\program files\Internet Download Manager
    2013-01-12 09:46:16 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\CRE
    2013-01-12 09:46:02 -------- d-----w- c:\program files\Conduit
    2013-01-12 09:45:58 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\Conduit
    2013-01-12 09:45:56 -------- d-----w- c:\documents and settings\farwa bukhari\local settings\application data\Temp
    2013-01-12 09:44:04 -------- d-----w- c:\program files\uTorrent
    2013-01-12 09:42:27 -------- d-----w- c:\documents and settings\farwa bukhari\application data\uTorrent
    .
    ==================== Find3M ====================
    .
    2013-01-11 17:54:16 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-01-11 17:54:16 779704 ----a-w- c:\windows\system32\deployJava1.dll
    2013-01-11 17:27:40 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-01-11 17:27:40 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-01-11 16:24:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2013-01-11 16:24:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2013-01-10 19:28:24 40648 ----a-w- c:\windows\system32\drivers\hssdrv.sys
    2012-11-22 00:43:14 112480 ----a-w- c:\windows\system32\drivers\idmtdi.sys
    2012-11-01 17:45:36 33512 ----a-w- c:\windows\system32\drivers\taphss.sys
    .
    ============= FINISH: 22:07:06.67 ===============
     
  8. farwabukhary

    farwabukhary Thread Starter

    Joined:
    Jan 28, 2013
    Messages:
    7
    Sir I 've followed your instructions kindly tell me what Should I do futher thanks a lot
     
  9. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    113,293
    The MGA Diagnostic report indicates that you're runnng a blocked volume license therefore the operating system is not genuine. This means that we cannot assist as we don't condone or support pirated software. You need to purchase a valid license and reload Windows to become genuine before we can assist.

    Therefore, since there is nothing further we can do here, I'm closing this thread.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1087257

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice