Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly infected.


  • Please log in to reply
12 replies to this topic

#1 Sean92

Sean92

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 08:43 AM

Hi, Malwarebytes regularly gives me pop-ups stating that it has blocked access to a potentionally malicious website via an outgoing port. While my internet browser is not even open and there are no P2P programmes open. Because of this I am inclined to assume that there is malware on my computer.

I would also like to refer you to this topic: http://www.bleepingcomputer.com/forums/topic438608.html The problem stated of something using up my bandwidth has become far less often after Broni helped me out although it has recently happened again yesterday. I have gone through the same processes in this topic in an attempt to fix it but have found nothing.

IMPORTANTProgrammes on my computer have changed since the post that I have linked you too so consider the scan results held within it to be irrelevant.

Could anyone help me out here please?

Regards, Sean.

Edited by Sean92, 25 January 2012 - 08:44 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:35 AM

Posted 25 January 2012 - 09:07 AM

Download

TDSSkiller

Launch it Click on "Scan".Please post the LOG report


Please download GMER from here

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Good luck

#3 Sean92

Sean92
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 09:26 AM

No log was created by TDSS Killer, it found no results.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:35 AM

Posted 25 January 2012 - 09:38 AM

If tdsskiller SCAN has come out clean,go for other scans :thumbup2:

Edited by narenxp, 25 January 2012 - 09:38 AM.


#5 Sean92

Sean92
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 09:39 AM

GMER has also yielded no results, starting aswMBR now.

#6 Sean92

Sean92
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 09:44 AM

aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-25 14:39:14
-----------------------------
14:39:14.604 OS Version: Windows x64 6.1.7601 Service Pack 1
14:39:14.604 Number of processors: 4 586 0x2502
14:39:14.604 ComputerName: USER-PC UserName: User
14:39:24.463 Initialize success
14:40:34.017 AVAST engine defs: 12012500
14:40:49.398 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:40:49.398 Disk 0 Vendor: ST350041 CC44 Size: 476940MB BusType: 3
14:40:49.414 Disk 0 MBR read successfully
14:40:49.429 Disk 0 MBR scan
14:40:49.429 Disk 0 Windows 7 default MBR code
14:40:49.429 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 21504 MB offset 2048
14:40:49.445 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 44042240
14:40:49.461 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 227278 MB offset 44247040
14:40:49.476 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 228056 MB offset 509712384
14:40:49.492 Service scanning
14:40:50.412 Modules scanning
14:40:50.412 Disk 0 trace - called modules:
14:40:50.443 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:40:50.459 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003490060]
14:40:50.459 3 CLASSPNP.SYS[fffff88001b6343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8003224050]
14:40:51.208 AVAST engine scan C:\Windows
14:40:52.659 AVAST engine scan C:\Windows\system32
14:42:19.910 AVAST engine scan C:\Windows\system32\drivers
14:42:27.335 AVAST engine scan C:\Users\User
14:42:54.261 AVAST engine scan C:\ProgramData
14:43:28.396 Scan finished successfully
14:43:33.435 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
14:43:33.435 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:35 AM

Posted 25 January 2012 - 09:46 AM

Download

mini toolbox

Checkmark following boxes:

List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs

Click Go and post the result.

#8 Sean92

Sean92
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 09:47 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by User (administrator) on 25-01-2012 at 14:47:03
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : User-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 90-FB-A6-89-BB-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::40a0:39de:952a:c6b9%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 25 January 2012 13:26:48
Lease Expires . . . . . . . . . . : 28 January 2012 13:26:48
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 235728614
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-6E-68-46-90-FB-A6-89-BB-FB
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F8EE9510-ED6A-4941-B0B9-79B66AF76C97}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2ca9:f07:3f57:fff9(Preferred)
Link-local IPv6 Address . . . . . : fe80::2ca9:f07:3f57:fff9%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 173.194.67.103
173.194.67.99
173.194.67.106
173.194.67.105
173.194.67.147
173.194.67.104


Pinging google.com [173.194.67.103] with 32 bytes of data:
Reply from 173.194.67.103: bytes=32 time=36ms TTL=46
Reply from 173.194.67.103: bytes=32 time=36ms TTL=46

Ping statistics for 173.194.67.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 36ms, Average = 36ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
72.30.2.43
98.137.149.56


Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=729ms TTL=47
Reply from 98.139.180.149: bytes=32 time=655ms TTL=47

Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 655ms, Maximum = 729ms, Average = 692ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
10...90 fb a6 89 bb fb ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.6 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.6 276
192.168.0.6 255.255.255.255 On-link 192.168.0.6 276
192.168.0.255 255.255.255.255 On-link 192.168.0.6 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.6 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.6 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:5ef5:79fb:2ca9:f07:3f57:fff9/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::2ca9:f07:3f57:fff9/128
On-link
10 276 fe80::40a0:39de:952a:c6b9/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/24/2012 07:11:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: ekrn.exe, version: 5.0.94.0, time stamp: 0x4e7b0032
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e3be
Faulting process id: 0x5d8
Faulting application start time: 0xekrn.exe0
Faulting application path: ekrn.exe1
Faulting module path: ekrn.exe2
Report Id: ekrn.exe3

Error: (01/23/2012 08:29:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 08:29:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 08:29:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:27:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:27:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:27:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:27:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:27:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:17:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/25/2012 02:19:05 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/24/2012 07:11:32 PM) (Source: Service Control Manager) (User: )
Description: The ESET Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (01/24/2012 06:47:27 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/23/2012 08:29:12 PM) (Source: Service Control Manager) (User: )
Description: The GRegService service terminated unexpectedly. It has done this 1 time(s).

Error: (01/23/2012 08:28:54 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/23/2012 07:21:29 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/23/2012 00:59:56 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/21/2012 10:26:10 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (01/21/2012 10:26:10 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (01/17/2012 09:09:18 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Photoshop Elements 8.0 (Version: 8.0)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Advertising Center (Version: 0.0.0.2)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dead Island
ESET NOD32 Antivirus (Version: 5.0.95.0)
Hotkey Utility (Version: 2.05.3003)
Identity Card (Version: 1.00.3002)
ImagXpress (Version: 7.0.74.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2082)
Intel® Matrix Storage Manager
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Junk Mail filter update (Version: 14.0.8089.726)
League of Legends (Version: 1.02.0000)
LibreOffice 3.3 (Version: 3.3.401)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mount & Blade: Warband
Mozilla Firefox 9.0.1 (x86 en-GB) (Version: 9.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.33.100)
neroxml (Version: 1.0.0)
Packard Bell InfoCentre (Version: 3.02.3000)
Packard Bell Recovery Management (Version: 4.05.3007)
Packard Bell Registration (Version: 1.02.3006)
Packard Bell ScreenSaver (Version: 1.1.0812)
Packard Bell Software Suite SE (Version: 2.01.3003)
Packard Bell Updater (Version: 1.02.3001)
Pando Media Booster (Version: 2.6.0.1)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6045)
Sid Meier's Civilization V
Skype™ 5.5 (Version: 5.5.124)
Steam (Version: 1.0.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Welcome Center (Version: 1.00.3013)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
YouTube Downloader 3.4
YouTube Downloader Toolbar v4.9 (Version: 4.9)

**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:35 AM

Posted 25 January 2012 - 09:51 AM

Launch malwarebytes

Click on LOGS tab,open the protection log and post the contents here

#10 Sean92

Sean92
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 09:56 AM

(Logs for last few days)

2012/01/25 13:29:01 GMT USER-PC User MESSAGE Starting protection
2012/01/25 13:29:03 GMT USER-PC User MESSAGE Protection started successfully
2012/01/25 13:29:06 GMT USER-PC User MESSAGE Starting IP protection
2012/01/25 13:29:06 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/25 13:37:48 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: outgoing, Port: 49611, Process: pmb.exe)
2012/01/25 13:44:53 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: outgoing, Port: 50627, Process: pmb.exe)
2012/01/25 13:57:04 GMT USER-PC User IP-BLOCK 89.28.56.216 (Type: outgoing, Port: 52460, Process: pmb.exe)
2012/01/25 14:01:21 GMT USER-PC User IP-BLOCK 77.78.216.233 (Type: outgoing, Port: 53458, Process: pmb.exe)

2012/01/24 00:09:58 GMT USER-PC User MESSAGE Starting protection
2012/01/24 00:10:00 GMT USER-PC User MESSAGE Protection started successfully
2012/01/24 00:10:03 GMT USER-PC User MESSAGE Starting IP protection
2012/01/24 00:10:03 GMT USER-PC User MESSAGE IP Protection started successfully

2012/01/23 09:32:18 GMT USER-PC User MESSAGE Starting protection
2012/01/23 09:32:20 GMT USER-PC User MESSAGE Protection started successfully
2012/01/23 09:32:23 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 09:32:23 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 09:43:01 GMT USER-PC User MESSAGE Executing scheduled update: Daily
2012/01/23 09:43:10 GMT USER-PC User MESSAGE Scheduled update executed successfully: database updated from version v2012.01.22.02 to version v2012.01.23.02
2012/01/23 09:43:10 GMT USER-PC User MESSAGE Starting database refresh
2012/01/23 09:43:10 GMT USER-PC User MESSAGE Stopping IP protection
2012/01/23 09:44:27 GMT USER-PC User MESSAGE IP Protection stopped
2012/01/23 09:44:29 GMT USER-PC User MESSAGE Database refreshed successfully
2012/01/23 09:44:29 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 09:44:30 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 11:05:25 GMT USER-PC User IP-BLOCK 93.114.40.157 (Type: outgoing, Port: 61487, Process: pmb.exe)
2012/01/23 11:06:30 GMT USER-PC User IP-BLOCK 62.45.250.141 (Type: outgoing, Port: 59137, Process: pmb.exe)
2012/01/23 11:27:30 GMT USER-PC User IP-BLOCK 93.114.40.157 (Type: outgoing, Port: 52345, Process: pmb.exe)
2012/01/23 11:33:30 GMT USER-PC User IP-BLOCK 62.45.250.141 (Type: outgoing, Port: 52069, Process: pmb.exe)
2012/01/23 13:17:11 GMT USER-PC User MESSAGE Starting protection
2012/01/23 13:17:13 GMT USER-PC User MESSAGE Protection started successfully
2012/01/23 13:17:16 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 13:17:16 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 15:31:07 GMT USER-PC User IP-BLOCK 62.45.250.114 (Type: outgoing, Port: 50929, Process: pmb.exe)
2012/01/23 15:33:48 GMT USER-PC User IP-BLOCK 62.45.250.114 (Type: outgoing, Port: 51384, Process: pmb.exe)
2012/01/23 15:36:37 GMT USER-PC User IP-BLOCK 78.26.187.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:36:37 GMT USER-PC User IP-BLOCK 78.26.187.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:36:45 GMT USER-PC User IP-BLOCK 78.26.187.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:37:01 GMT USER-PC User IP-BLOCK 78.26.187.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:37:01 GMT USER-PC User IP-BLOCK 78.26.187.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:37:09 GMT USER-PC User IP-BLOCK 78.26.187.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:41:18 GMT USER-PC User IP-BLOCK 77.78.233.60 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:41:26 GMT USER-PC User IP-BLOCK 77.78.233.60 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:41:26 GMT USER-PC User IP-BLOCK 77.78.233.60 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:43:10 GMT USER-PC User IP-BLOCK 62.45.250.114 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:43:10 GMT USER-PC User IP-BLOCK 62.45.250.114 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:43:18 GMT USER-PC User IP-BLOCK 62.45.250.114 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:52:01 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: outgoing, Port: 53791, Process: pmb.exe)
2012/01/23 15:54:10 GMT USER-PC User IP-BLOCK 62.45.243.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:54:10 GMT USER-PC User IP-BLOCK 62.45.243.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 15:54:18 GMT USER-PC User IP-BLOCK 62.45.243.89 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 16:21:35 GMT USER-PC User IP-BLOCK 89.28.121.109 (Type: outgoing, Port: 54387, Process: pmb.exe)
2012/01/23 17:08:32 GMT USER-PC User IP-BLOCK 89.28.3.15 (Type: outgoing, Port: 55661, Process: pmb.exe)
2012/01/23 17:10:40 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 17:10:40 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 17:10:48 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 17:52:09 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 17:52:09 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 17:52:17 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: incoming, Port: 58374, Process: pmb.exe)
2012/01/23 18:45:47 GMT USER-PC User IP-BLOCK 62.45.4.43 (Type: outgoing, Port: 57381, Process: pmb.exe)
2012/01/23 18:50:52 GMT USER-PC User IP-BLOCK 62.45.4.43 (Type: outgoing, Port: 57660, Process: pmb.exe)
2012/01/23 18:53:49 GMT USER-PC User IP-BLOCK 77.78.216.233 (Type: outgoing, Port: 56417, Process: pmb.exe)
2012/01/23 18:58:54 GMT USER-PC User IP-BLOCK 83.128.74.162 (Type: outgoing, Port: 58514, Process: pmb.exe)
2012/01/23 19:04:24 GMT USER-PC User IP-BLOCK 83.128.46.111 (Type: outgoing, Port: 59206, Process: pmb.exe)
2012/01/23 19:15:28 GMT USER-PC User MESSAGE Starting protection
2012/01/23 19:15:30 GMT USER-PC User MESSAGE Protection started successfully
2012/01/23 19:15:33 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 19:15:34 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 19:20:15 GMT USER-PC User IP-BLOCK 77.78.216.233 (Type: outgoing, Port: 61121, Process: pmb.exe)
2012/01/23 19:29:18 GMT USER-PC User MESSAGE Starting protection
2012/01/23 19:29:20 GMT USER-PC User MESSAGE Protection started successfully
2012/01/23 19:29:23 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 19:29:24 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 20:28:42 GMT USER-PC User MESSAGE Starting protection
2012/01/23 20:28:44 GMT USER-PC User MESSAGE Protection started successfully
2012/01/23 20:28:47 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 20:28:48 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 23:17:20 GMT USER-PC User MESSAGE Starting protection
2012/01/23 23:17:22 GMT USER-PC User MESSAGE Protection started successfully
2012/01/23 23:17:25 GMT USER-PC User MESSAGE Starting IP protection
2012/01/23 23:17:25 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/23 23:33:27 GMT USER-PC User IP-BLOCK 174.120.103.107 (Type: outgoing, Port: 49497, Process: firefox.exe)
2012/01/23 23:33:27 GMT USER-PC User IP-BLOCK 174.120.103.107 (Type: outgoing, Port: 49528, Process: firefox.exe)

2012/01/22 09:12:22 GMT USER-PC User MESSAGE Starting protection
2012/01/22 09:12:24 GMT USER-PC User MESSAGE Protection started successfully
2012/01/22 09:12:27 GMT USER-PC User MESSAGE Starting IP protection
2012/01/22 09:12:28 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/22 09:13:16 GMT USER-PC User IP-BLOCK 109.236.86.230 (Type: outgoing, Port: 49248, Process: firefox.exe)
2012/01/22 09:17:43 GMT USER-PC User MESSAGE Executing scheduled update: Daily
2012/01/22 09:17:50 GMT USER-PC User MESSAGE Scheduled update executed successfully: database updated from version v2012.01.21.01 to version v2012.01.22.02
2012/01/22 09:17:50 GMT USER-PC User MESSAGE Starting database refresh
2012/01/22 09:17:50 GMT USER-PC User MESSAGE Stopping IP protection
2012/01/22 09:18:47 GMT USER-PC User MESSAGE IP Protection stopped
2012/01/22 09:18:49 GMT USER-PC User MESSAGE Database refreshed successfully
2012/01/22 09:18:49 GMT USER-PC User MESSAGE Starting IP protection
2012/01/22 09:18:49 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/22 10:12:22 GMT USER-PC User MESSAGE Starting protection
2012/01/22 10:12:24 GMT USER-PC User MESSAGE Protection started successfully
2012/01/22 10:12:27 GMT USER-PC User MESSAGE Starting IP protection
2012/01/22 10:12:27 GMT USER-PC User MESSAGE IP Protection started successfully
2012/01/22 12:19:23 GMT USER-PC User IP-BLOCK 62.45.205.96 (Type: outgoing, Port: 56485, Process: pmb.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53325, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53326, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53327, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53328, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53329, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53330, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53331, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53332, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53333, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 53334, Process: firefox.exe)
2012/01/22 12:31:34 GMT USER-PC User IP-BLOCK 88.85.70.60 (Type: outgoing, Port: 53335, Process: firefox.exe)
2012/01/22 12:38:39 GMT USER-PC User IP-BLOCK 62.45.205.96 (Type: outgoing, Port: 55342, Process: pmb.exe)
2012/01/22 15:31:10 GMT USER-PC User IP-BLOCK 83.128.99.195 (Type: outgoing, Port: 63085, Process: pmb.exe)
2012/01/22 16:35:31 GMT USER-PC User IP-BLOCK 83.128.87.50 (Type: outgoing, Port: 55591, Process: pmb.exe)
2012/01/22 16:37:08 GMT USER-PC User IP-BLOCK 83.128.87.50 (Type: outgoing, Port: 55754, Process: pmb.exe)
2012/01/22 21:44:18 GMT USER-PC User IP-BLOCK 83.128.74.162 (Type: outgoing, Port: 58549, Process: pmb.exe)

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:35 AM

Posted 25 January 2012 - 10:02 AM

2012/01/25 13:37:48 GMT USER-PC User IP-BLOCK 83.128.78.228 (Type: outgoing, Port: 49611, Process: pmb.exe)//

PMB.EXE is nothing but your PANDO MEDIA BOOSTER(it should have got installed with league of legends)

Uninstall it and mbam should stop warnings too,PC looks clean

Good luck

Edited by narenxp, 25 January 2012 - 10:03 AM.


#12 Sean92

Sean92
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 25 January 2012 - 10:04 AM

Thanks for the help my friend! I shall be sure to come back here if anything else suspicious crops up :)

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:35 AM

Posted 25 January 2012 - 10:06 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users