Jump to content

darkangst

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you for your help! The new update version was able to full-scan no problems!
  2. =/ The quarantine section is working now, but the full scan is still not working. It does get hung up on the same file, something Tencent QQ...
  3. I did do the router reset. Didn't help. I think it has something to do with the router craziness(google seems to sound that router brand tends to reroute random things but I use computers on many different connections to internet so I can't force them to use a certain dns without it being annoying for me all the time) I didn't use mbam clean to uninstall and just reinstalled it, with the same results. I will now try mbam clean then reinstall.
  4. On a side note, I did run the check disc and MBAM is still giving me the funny runtime overflow 6 error. Should I redownload at this point?
  5. The redirect is happening again(I type in facebook.com and it directs me to pricegrabber.com) and mbam isn't working still. Was there any trojans in the original scan? I'm wondering if they are separate issues.
  6. They stopped before I even ran the programs, but my mbam still doesn't work and can't do a full scan. It keeps saying runtime error 6 overflow after about half an hour into the scan, and if I click the quarantine button, the same thing happens and the whole program crashes. Also, although the redirects stopped, this is the second time this month it suddenly happened, and when I run mbam and stop it before it crashes it always finds a trojan.
  7. ComboFix 10-11-30.02 - Boo Boo 0/2010 Tue 18:49:39.1.2 - x86 ????: c:\users\Boo Boo\Desktop\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( ?????? ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Install.exe . ((((((((((((((((((((((((((((((((((((((( ??/?? ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_usnjsvc ((((((((((((((((((((((((( 2010-11-01 ? 2010-12-01 ????? ))))))))))))))))))))))))))))))) . 2010-12-01 00:17 . 2010-12-01 00:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-30 07:27 . 2010-11-30 07:27 -------- d-----w- c:\users\Boo Boo\AppData\Local\Apple Computer 2010-11-30 07:23 . 2010-11-30 07:23 -------- d-----w- c:\program files\iPod 2010-11-30 07:21 . 2010-11-30 07:23 -------- d-----w- c:\programdata\Apple Computer 2010-11-30 07:14 . 2010-11-30 07:14 -------- d-----w- c:\program files\Bonjour 2010-11-30 06:35 . 2010-11-30 06:35 -------- d-----w- c:\program files\CCleaner 2010-11-30 06:21 . 2010-11-30 06:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-11-29 20:05 . 2010-11-30 06:21 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-11-29 20:04 . 2010-11-29 20:04 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\DAEMON Tools Lite 2010-11-29 20:04 . 2010-11-29 20:05 -------- d-----w- c:\programdata\DAEMON Tools Lite 2010-11-29 05:38 . 2010-11-29 05:38 -------- d-----w- c:\programdata\VirtualizedApplications 2010-11-29 01:12 . 2010-11-29 01:12 -------- d-----w- c:\program files\Undisker 2010-11-29 01:12 . 2010-11-29 01:12 -------- d-----w- c:\program files\Microsoft Application Virtualization Client 2010-11-29 00:49 . 2010-11-29 00:49 -------- d--h--w- c:\windows\PIF 2010-11-29 00:38 . 2010-11-29 00:40 -------- d-----w- c:\program files\MagicISO 2010-11-29 00:32 . 2010-11-29 00:32 -------- d-----w- c:\users\Public\CyberLink 2010-11-29 00:32 . 2010-11-29 00:32 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\CyberLink 2010-11-29 00:32 . 2010-11-29 00:32 -------- d-----w- c:\programdata\CyberLink 2010-11-29 00:20 . 2010-11-29 00:20 -------- d-----w- C:\ScrubTmp 2010-11-28 22:24 . 2010-11-28 22:24 -------- d-----w- c:\users\Boo Boo\AppData\Local\SoftGrid Client 2010-11-28 22:23 . 2010-11-30 17:16 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\SoftGrid Client 2010-11-28 22:19 . 2010-11-29 01:15 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\TP 2010-11-18 06:54 . 2010-11-18 06:54 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\Ashampoo 2010-11-18 06:52 . 2010-11-18 06:52 -------- d-----w- c:\users\Boo Boo\AppData\Local\ashampoo 2010-11-18 06:52 . 2010-11-18 06:52 -------- d-----w- c:\programdata\ashampoo 2010-11-18 06:52 . 2010-11-18 06:52 -------- d-----w- c:\program files\Ashampoo 2010-11-18 06:40 . 2010-11-18 06:40 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\Nero 2010-11-18 06:37 . 2010-11-18 06:41 -------- d-----w- c:\programdata\Nero 2010-11-18 06:20 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2010-11-16 23:17 . 2010-11-16 23:18 466944 ----a-w- c:\program files\Mozilla Firefox\plugins\NPcol500.dll 2010-11-16 23:17 . 2010-11-16 23:17 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\Catalina Marketing Corp 2010-11-16 23:17 . 2010-11-16 23:17 521760 ----a-w- c:\users\Boo Boo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp\UninstallCouponActivator.exe 2010-11-16 21:11 . 2010-11-30 06:20 -------- d-----w- c:\program files\PDFCreator 2010-11-12 03:21 . 2010-11-12 03:21 -------- d-----w- c:\users\Boo Boo\AppData\Local\MetaGeek,_LLC 2010-11-12 03:14 . 2010-11-12 03:14 -------- d-----w- c:\program files\MetaGeek 2010-11-08 15:20 . 2010-11-29 00:02 -------- d-----w- c:\program files\SpywareBlaster 2010-11-08 14:55 . 2010-11-29 22:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-08 14:55 . 2010-11-29 22:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-08 07:17 . 2010-11-08 07:17 -------- d-----w- c:\programdata\WindowsSearch 2010-11-08 01:50 . 2010-11-30 06:38 -------- d-----w- c:\users\Boo Boo\AppData\Roaming\Media Player Classic 2010-11-08 01:46 . 2010-11-08 01:47 -------- d-----w- c:\program files\Combined Community Codec Pack 2010-11-08 01:24 . 2010-11-08 01:43 -------- d--h--w- c:\windows\msdownld.tmp 2010-11-08 00:45 . 2010-11-30 06:39 -------- d-----w- c:\programdata\Autorun Eater 2010-11-05 02:38 . 2010-11-05 02:38 -------- d-----w- c:\programdata\Trymedia . (((((((((((((((((((((((((((((((((((((((( ??????????? )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-26 17:10 . 2010-04-14 17:42 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-11-07 19:11 . 2010-04-14 17:42 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-10-28 01:58 . 2010-04-14 18:35 2741624 ----a-w- c:\windows\system32\QQPinyin.ime 2010-10-07 17:23 . 2010-10-07 17:23 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-10-07 17:23 . 2010-10-07 17:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2010-10-07 17:23 . 2010-10-07 17:23 197920 ----a-w- c:\windows\system32\dnssdX.dll 2010-10-07 17:23 . 2010-10-07 17:23 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-09-15 09:50 . 2010-04-30 00:19 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-13 13:56 . 2010-10-22 14:52 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-08 16:17 . 2010-09-08 16:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 16:17 . 2010-09-08 16:17 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-08 06:01 . 2010-10-22 14:52 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-08 05:57 . 2010-10-22 14:52 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-08 05:57 . 2010-10-22 14:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-09-08 05:56 . 2010-10-22 14:52 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-09-08 05:56 . 2010-10-22 14:52 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-09-08 05:04 . 2010-10-22 14:52 385024 ----a-w- c:\windows\system32\html.iec 2010-09-08 04:26 . 2010-10-22 14:52 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-09-08 04:25 . 2010-10-22 14:52 1638912 ----a-w- c:\windows\system32\mshtml.tlb . ((((((((((((((((((((((((((((((((((((( ????? )))))))))))))))))))))))))))))))))))))))))))))))))) . . *??* ??????????????? REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QQ2009"="c:\program files\Tencent\QQ\Bin\QQ.exe" [2010-03-16 144760] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 815104] "SigmatelSysTrayApp"="sttray.exe" [2007-07-27 405504] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-18 421160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2008-01-19 40072] c:\users\Boo Boo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Digsby.lnk - c:\program files\Digsby\digsby.exe [2010-3-3 141488] DING!.lnk - c:\program files\Southwest Airlines\Ding\Ding.exe [2006-6-22 462848] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804] Ime File REG_SZ QQPINYIN.IME [HKLM\~\startupfolder\C:^Users^Boo Boo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^QQ
  8. OTL Extras logfile created on: 11/30/2010 3:31:11 PM - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Boo Boo\Desktop\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 54.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 221.98 Gb Total Space | 69.33 Gb Free Space | 31.23% Space Free | Partition Type: NTFS Drive D: | 10.91 Gb Total Space | 2.20 Gb Free Space | 20.13% Space Free | Partition Type: NTFS Computer Name: BOOBOO-PC | User Name: Boo Boo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-245683649-3948869699-232604328-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [QQMusic.1.Play] -- "C:\Program Files\Tencent\QQMusic\QQMusic.exe" /play "%1" (Tencent) Directory [QQMusic.2.Add] -- "C:\Program Files\Tencent\QQMusic\QQMusic.exe" /add "%1" (Tencent) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{10616CBB-F20C-4BF5-BDAA-827049EE5994}" = lport=6906 | protocol=6 | dir=in | name=league of legends launcher | "{150A8BC5-0253-47AF-99AD-A6561EAC56C6}" = lport=6884 | protocol=6 | dir=in | name=league of legends launcher | "{1600E587-54F8-4F0D-A9C8-8A2E75433CB5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{1AF97FFA-8321-422C-B182-08C6308F9C22}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | "{1B27CB57-6DD8-46F2-9C1E-43B5C743E630}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{1B58B281-BE34-4E72-B80A-13FA09CC6B65}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher | "{1D8D6A23-B0F2-42B1-8ED8-6D258EAEF55C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2665B212-3CCE-4ACD-9BBD-1CF27A247807}" = lport=8380 | protocol=17 | dir=in | name=league of legends launcher | "{27FD1E02-F081-4905-B976-AB7E4F149D80}" = rport=445 | protocol=6 | dir=out | app=system | "{34BAEFB3-CCF8-459A-94B7-B881EC29A3E5}" = lport=6969 | protocol=17 | dir=in | name=league of legends launcher | "{3A933DC6-BA10-4042-ADF6-FE07FE7E1B2A}" = rport=139 | protocol=6 | dir=out | app=system | "{4713ACE8-5A90-4469-9F65-36F300E46670}" = lport=8380 | protocol=6 | dir=in | name=league of legends launcher | "{58F05D21-F852-4741-BCF5-D8A9F83879A8}" = rport=137 | protocol=17 | dir=out | app=system | "{69DADDC9-EE7A-453B-B7BE-B1637AFD3889}" = lport=137 | protocol=17 | dir=in | app=system | "{71EB709A-224B-4B1B-934A-81867C096EA9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{7689D9BD-1437-4148-943E-2EE79BB200EC}" = lport=6969 | protocol=6 | dir=in | name=league of legends launcher | "{7AF495AD-A71B-403D-9772-483862892BE6}" = lport=6884 | protocol=17 | dir=in | name=league of legends launcher | "{8257A838-8D5C-4E73-862A-084B4E55C8E8}" = lport=8378 | protocol=17 | dir=in | name=league of legends launcher | "{8A53EDDB-A7E1-4E5A-869E-8539147C58D8}" = lport=8378 | protocol=6 | dir=in | name=league of legends launcher | "{8DEB6825-8052-4A1E-B1CB-D7DA9A51DF4E}" = lport=8378 | protocol=17 | dir=in | name=league of legends launcher | "{A7866277-21A6-456A-A49A-AD35A3C8B68D}" = lport=139 | protocol=6 | dir=in | app=system | "{B2C4AE5D-F85E-422F-B1CC-82AF2B0118D3}" = lport=138 | protocol=17 | dir=in | app=system | "{B69C0AE4-DF77-4CEB-8BD9-F2D0896FB63A}" = rport=138 | protocol=17 | dir=out | app=system | "{BD2BF6B4-C7D1-4B85-93E6-9C4351A60657}" = lport=8378 | protocol=6 | dir=in | name=league of legends launcher | "{BEB187DD-3640-41ED-8984-17240ADDC944}" = lport=8380 | protocol=17 | dir=in | name=league of legends launcher | "{C2AE37D3-51CC-4EBF-97F3-9B0DAC219657}" = lport=445 | protocol=6 | dir=in | app=system | "{CB249061-6D10-4C4E-A011-3566CE9725EE}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | "{D2CC2F90-FB96-44F7-A0DD-C611B2D88288}" = lport=2869 | protocol=6 | dir=in | app=system | "{D9FFDA27-029B-4454-A6EC-15EEBA62870F}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher | "{E1C57331-7D26-46E2-962E-2F4EB3C2E5E3}" = lport=6906 | protocol=17 | dir=in | name=league of legends launcher | "{EEAEDE9A-B9AB-4B7F-9F87-45FA69B1F423}" = lport=8380 | protocol=6 | dir=in | name=league of legends launcher | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01F7A343-6B8D-4431-8CDE-CF1B2453AFA7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{024A086A-8928-4245-B0EE-20D5854AEA1F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{044C4DEC-E7BF-4ECA-9077-E00903D4B521}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyhandinput.exe | "{064ACC65-68B5-4A2B-9610-349F9CE64C8F}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpydict.exe | "{072CC039-E3EE-4DA1-BCD5-A5B3814E69A5}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregdict.exe | "{078881A7-20B3-49BC-BEB7-CB7B3AE36578}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregskin.exe | "{08AFDA1F-5744-4049-BCA9-27005508893B}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregskin.exe | "{0D896CC6-9C7F-4844-9C82-6316DE439112}" = dir=in | app=c:\program files\itunes\itunes.exe | "{1066F0A3-A720-49D5-A0E8-8AE27D21792D}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyhandinput.exe | "{13F26BCF-F204-462D-9368-5879031C674E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{15F39D78-FF0C-4277-AF86-DB8E82BDA427}" = protocol=6 | dir=in | app=c:\program files\tencent\qqsoftmgr\1.0.338.203\qqsoftmgr.exe | "{16607D54-D657-4AAC-B70D-FEFD40676E3C}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyliveup.exe | "{191977F4-E616-4ABB-B91B-901BC4DBB402}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregdict.exe | "{1EB320EA-D5B5-4309-B304-FBF5F549FD06}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyhandinput.exe | "{1EC73485-B7D9-4CB4-9FB5-FD1C0231B008}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimedownload.exe | "{2237B856-7184-4FDA-B4C5-E4BB51C0223B}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregskin.exe | "{22E75346-1407-465B-B534-303C90D5E894}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimedownload.exe | "{2A14541F-BFF7-4A1D-92BD-1D743BC8403D}" = protocol=6 | dir=in | app=c:\program files\tencent\qq\bin\qq.exe | "{307BD085-1F63-44B2-9ECE-74B7F9EAF3CB}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{342E50DC-0A8B-41DB-AA1C-FE6F9F656E86}" = protocol=6 | dir=in | app=c:\program files\tencent\qqsoftmgr\1.0.338.203\tencentupdatesvc.exe | "{39CF1078-4610-4E55-9ADD-F394784725D7}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpylevel.exe | "{3B2C6AA3-3935-474C-99E3-C18B9BCE10CD}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyliveup.exe | "{3B365A11-558D-49B7-B695-8289C0EEC796}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpydict.exe | "{3ED92929-2B13-44AC-9584-78E706D74ADB}" = protocol=17 | dir=in | app=c:\program files\tencent\qq\bin\qq.exe | "{416B20DF-BB0B-4041-9229-37D73860367F}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpylevel.exe | "{43B8DF07-7F13-4324-9DF9-C48E6F07BF2E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4A2B03F6-CE92-40CF-9144-EBF6B03B8DB5}" = protocol=17 | dir=in | app=c:\program files\tencent\qqsoftmgr\1.0.338.203\tencentupdatesvc.exe | "{4AF90DB0-F5D2-48B3-BBD5-99E1BEA44C8E}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpydict.exe | "{4B0D260B-8CE5-499D-AD70-70AC823B6AC2}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{4C838351-C43C-4A5F-A7A6-F51B656325CA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4D2C6221-72D4-42E7-BEB0-7364F924F1FD}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpydict.exe | "{4E744C2C-B3DC-463A-9993-A74DBE46828B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4ED45E6E-1DD2-49FD-8A94-A1E4CB0734C0}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyhandinput.exe | "{54232F49-36D3-4CB9-B74F-624B3DE6B6CF}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyliveup.exe | "{55F0DD9F-DCE1-4AD1-BF38-8EA367B616D6}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyconfig.exe | "{57542CBA-947C-4737-8A46-310A9CA6FD96}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregdict.exe | "{5C9E0291-1C9E-444C-BBEB-2619C7537DF0}" = protocol=6 | dir=in | app=c:\users\boo boo\appdata\local\google\google talk plugin\googletalkplugin.exe | "{5E33002B-83D6-4976-A41E-AD1EF3EA49C5}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpymblog.exe | "{600131EF-9FEB-4A9F-A6D0-EED28867EC6A}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpydict.exe | "{6154719C-4F34-429E-A405-276FAC2C540B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6680428F-374B-4A6E-AEB6-8BF796991820}" = protocol=17 | dir=in | app=c:\program files\tencent\qqsoftmgr\1.0.338.203\qqsoftmgrupdater.exe | "{6760E434-9591-4945-AF16-84DD201F291C}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{6BF4C515-4316-44D6-9A29-A8838801F249}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregdict.exe | "{6E5C84E1-6247-42A6-8411-838963CE26AE}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyhandinput.exe | "{74801106-DAA7-433F-B787-2C1E853B550F}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyliveup.exe | "{776FDC47-5193-47E7-A073-91C36D0B7FE8}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimedownload.exe | "{82706E74-2826-4100-BA9C-A03FB80E0973}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimedownload.exe | "{86F93116-99B4-480A-9542-37F5D5044BF0}" = protocol=6 | dir=in | app=c:\users\boo boo\appdata\local\google\google talk plugin\googletalkplugin.exe | "{8C5151AD-46B6-4E90-9B5B-C8C8D044C8AB}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpymblog.exe | "{93AFBE2F-B538-4421-807A-5626E6D302A9}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpymblog.exe | "{970F37B3-62A2-4EAB-A691-1FECB188AB90}" = protocol=17 | dir=in | app=c:\users\boo boo\appdata\local\google\google talk plugin\googletalkplugin.exe | "{9F2F96B0-B23C-4644-BFEB-00AFF6D6F753}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{9F9D20A8-D6BA-4637-A8FA-D3D2B2902033}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpymblog.exe | "{9FEEC861-09A4-4E6E-A8BC-F9664D9CB320}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyhandinput.exe | "{A1D0E49B-0619-4568-A3EF-F600146ABE4F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A37D3B5B-1B3C-415B-891A-C83B1091AF1E}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpylevel.exe | "{A5064957-B1E4-48FD-9E39-3C5927EF403A}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimedownload.exe | "{AA404424-8E4F-42D9-A79B-3FDD5925FACE}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregdict.exe | "{AAF479F5-E636-4765-8D2E-CCA7C750A8E2}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyconfig.exe | "{ACE4E1AC-F6D8-499C-BD0F-E80D02603E89}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyliveup.exe | "{AEF43D16-48F1-43F7-8E21-749F913E9BAF}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{B3D18853-F212-4DCF-9F3B-3DE9CE2A7D10}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{B9683E63-5A58-4627-B229-7CE49E72AA22}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{BBB3D5D6-7D66-4B65-BEFB-019BCBE8CED8}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{BF2DE2A8-5A2B-4C02-A0A8-32408D0D5D8D}" = protocol=17 | dir=in | app=c:\users\boo boo\appdata\local\google\google talk plugin\googletalkplugin.exe | "{C17F3588-41B0-4460-8728-AD49F63EA474}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpymblog.exe | "{C7709D07-C1E9-44DE-BB1A-FCD1C37A654D}" = protocol=6 | dir=in | app=c:\program files\tencent\qqsoftmgr\1.0.338.203\qqsoftmgrupdater.exe | "{C8087A3D-9195-4E86-AEE5-F6C8FEFD4734}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyconfig.exe | "{CB39B58F-E5A4-4E5F-9D12-D9163EE37532}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpylevel.exe | "{CCD1B8EE-263A-4A53-94C9-1AAEA669D93A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{CD1A39FB-E6A9-470F-A19A-DA1D244FDA4E}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregskin.exe | "{D08FE942-66E4-46A4-8FC7-A79F6B918624}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregdict.exe | "{D6F595F7-EB97-427E-B5D5-FC1A8BEAE901}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyconfig.exe | "{D8AEB38D-3DFC-4D19-811E-A55EECC49AAE}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{DC848861-D174-438E-9EDC-2935208399B5}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregskin.exe | "{DFA04D01-FC16-42FD-AC05-FD605247C927}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyliveup.exe | "{E018E890-5F93-4621-926A-CE170ADF813A}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimedownload.exe | "{E2259022-F8DA-4675-BC89-1E14FA37BED4}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpydict.exe | "{E311DD59-C4DE-4605-BD59-0E5728DB1845}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpymblog.exe | "{E34A0CA9-C52C-4BE1-9C66-5CE3458B5ED4}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{E68A05CB-D258-4014-AAEC-6B067866843E}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpylevel.exe | "{E8294ADC-81AB-406D-BBFE-C12603938D6B}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyconfig.exe | "{E9625C92-40CC-4427-AF06-CA4751D823A5}" = protocol=6 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpylevel.exe | "{E98BFF28-73CD-4FD5-8745-2DD52FD9EF6C}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqpyconfig.exe | "{EB8EC5EC-B353-432A-90B1-D10CBE29B097}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{EF617132-657C-420F-A17D-2968F3D998B2}" = protocol=17 | dir=in | app=c:\program files\tencent\qqpinyin\3.5.968.400\qqimeregskin.exe | "{F2A9975C-DCA8-488D-90DE-F7E0957B513A}" = protocol=17 | dir=in | app=c:\program files\tencent\qqsoftmgr\1.0.338.203\qqsoftmgr.exe | "TCP Query User{357F8374-17B9-4B9F-B56D-10526FC8ADC6}C:\program files\tencent\qq\bin\qq.exe" = protocol=6 | dir=in | app=c:\program files\tencent\qq\bin\qq.exe | "TCP Query User{47DE8D7F-F24A-4008-8327-AAA29D41E8B9}C:\program files\tams11\tams11lobby.exe" = protocol=6 | dir=in | app=c:\program files\tams11\tams11lobby.exe | "TCP Query User{50B07BB6-07BD-4292-8C1F-320783CEEF2D}C:\users\boo boo\appdata\local\temp\rar$ex00.296\phase10.exe" = protocol=6 | dir=in | app=c:\users\boo boo\appdata\local\temp\rar$ex00.296\phase10.exe | "TCP Query User{65A4541C-F185-4ADE-BC71-80A576C4740C}C:\program files\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files\motorola\rsd lite\sdl.exe | "TCP Query User{777FB7E9-518F-47BB-A292-0BB6FB9C1F12}C:\program files\digsby\lib\digsby-app.exe" = protocol=6 | dir=in | app=c:\program files\digsby\lib\digsby-app.exe | "TCP Query User{9F215365-3CFE-46FD-845B-59C91F5D6E0A}C:\program files\digsby\lib\digsby-app.exe" = protocol=6 | dir=in | app=c:\program files\digsby\lib\digsby-app.exe | "TCP Query User{A4C730DA-02A1-4876-9C80-C3AC27054721}C:\program files\tencent\qq\bin\auclt.exe" = protocol=6 | dir=in | app=c:\program files\tencent\qq\bin\auclt.exe | "TCP Query User{AA40BB1A-9150-4E27-B320-964D88C35396}C:\users\boo boo\desktop\downloads\phase10.exe" = protocol=6 | dir=in | app=c:\users\boo boo\desktop\downloads\phase10.exe | "TCP Query User{C329D868-0BDC-42EE-BEE9-AD7813836597}C:\users\boo boo\appdata\local\temp\qqmusicinstall.exe" = protocol=6 | dir=in | app=c:\users\boo boo\appdata\local\temp\qqmusicinstall.exe | "TCP Query User{C3FFBD0C-881B-4E67-9D9B-A00C1E6C29A6}C:\program files\tencent\qqmusic\qqmusic.exe" = protocol=6 | dir=in | app=c:\program files\tencent\qqmusic\qqmusic.exe | "TCP Query User{D511AE99-75AF-4B28-97B3-05975FCCA921}C:\program files\tencent\qqmusic\qqmusic.exe" = protocol=6 | dir=in | app=c:\program files\tencent\qqmusic\qqmusic.exe | "TCP Query User{DA799518-D209-4C98-9B4E-EC8B59F819E4}C:\program files\
  9. Defogger also doesn't seem to anything... and I would attempt the DDS but it gave me the blue screen of death last time so I'm doing something wrong with that one.
  10. Hi, I did post last time about my MBAM doing the Add result thing, but it still scanned and my computer did stop redirecting from facebook to pricegrabber so i ignored it. but today it happened again, I updated MBAM, there was a updated version, but when I installed that version it gave me run time error 6 overflow when I clicked quarantine by accident and closed. When I did the full scan, half an hour into it, it closed itself. Before I stopped the scan and it found a trojan, where or what it was couldn't say, I removed it an rebooted, and then the full scan thing happened. my host file is okay so I don't know what's really going on. is it a trojan or just maybe the router messing with me?
  11. Hi, When I scan in quick scan, it's fine. but when I do full scan, if it gives me mbam error add to results (0,6), then when i say okay, it keep scanning. (it's always found 1 infected item at this point), then about 15 minutes later, mbam crashes saying a program has prevented from running. Is this an infection or something on my computer interfering with mbam? I'm going to head over to the infection area, but avira cant' find anything wrong.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.