Jump to content

Websteroids, proving a bit difficult to remove.


Recommended Posts

Can someone please help me get rid of this invasive bit of malware?

 

I've tried add or remove programmes - clicking on remove just makes it go a nice shade of blue, it did nothing further. I've tried the same again in safe made - didn't even get the shade of blue that time. I've run malwarebytes - hooray, it detected it, I ticked the box to remove it, the computer restarted and low and behold it's still there. I've tried a system restore - three different dates and three times it didn't successfully restore, no changes have been made. I've tried a Google search on 'how to remove websteroids - well, quite frankly, I thought I was quite adept at computing but after reading the results I feel like I'm a newby all over again, I didn't have a clue.

 

So, in a nutshell, I'm lost. Can someone please help?

Link to post
Share on other sites

Hello Fudbucket! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.18702
Run by chris at 6:34:27 on 2014-04-02
Microsoft Windows XP Professional  5.1.2600.3.1252.44.1033.18.1791.813 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled* 
.
============== Running Processes ================
.
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
F:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
F:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
F:\WINDOWS\system32\mfevtps.exe
F:\Documents and Settings\All Users\Application Data\Websteroids\WebsteroidsService.exe
F:\Program Files\McAfee\MSC\McAPExe.exe
F:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
F:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
F:\WINDOWS\System32\alg.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\HP\HP Software Update\HPWuSchd2.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
F:\WINDOWS\system32\ctfmon.exe
G:\My Documents\set up progs\Data\SpotifyWebHelper.exe
F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
F:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
F:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
F:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Documents and Settings\All Users\Application Data\Websteroids\Websteroids.exe
F:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
F:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
F:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\WINDOWS\system32\wbem\wmiprvse.exe
F:\WINDOWS\system32\svchost.exe -k DcomLaunch
F:\WINDOWS\system32\svchost.exe -k rpcss
F:\WINDOWS\System32\svchost.exe -k netsvcs
F:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
F:\WINDOWS\system32\svchost.exe -k LocalService
F:\WINDOWS\system32\svchost.exe -k LocalService
F:\WINDOWS\system32\svchost.exe -k netsvcs
F:\WINDOWS\system32\svchost.exe -k bthsvcs
F:\WINDOWS\system32\svchost.exe -k hpdevmgmt
F:\WINDOWS\System32\svchost.exe -k HPZ12
F:\WINDOWS\System32\svchost.exe -k HPZ12
F:\WINDOWS\system32\svchost.exe -k imgsvc
F:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\program files\mcafee\siteadvisor\McIEPlg.dll
mURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - f:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - 
BHO: <No Name>: {53707962-6F74-2D53-2644-206D7942484F} - f:\program files\spybot - search & destroy\SDHelper.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - f:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - f:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - f:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "f:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [swg] "f:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe
uRun: [spotify Web Helper] "g:\my documents\set up progs\data\SpotifyWebHelper.exe"
mRun: [skyTel] SkyTel.EXE
mRun: [NeroFilterCheck] f:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [HP Software Update] f:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] f:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [mcui_exe] "f:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [mcpltui_exe] "f:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
dRun: [CTFMON.EXE] f:\windows\system32\CTFMON.EXE
dRunOnce: [Del2271250] cmd.exe /Q /D /c del "f:\windows\temp\0.del"
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - f:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - f:\program files\microsoft office\office\OSA9.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - f:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - f:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{A35186D3-CFB7-4986-99E0-1A4E8439E270} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{B3D88815-62C5-4B20-9881-2EAE2A9F68B3} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - f:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\program files\mcafee\siteadvisor\McIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "f:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - f:\documents and settings\chris\application data\mozilla\firefox\profiles\a1o6t2e2.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - plugin: f:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: f:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: f:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: f:\windows\system32\npDeployJava1.dll
FF - plugin: f:\windows\system32\npptools.dll
FF - ExtSQL: 2014-02-14 06:28; {20a82645-c095-46ed-80e3-08825760534b}; f:\documents and settings\chris\application data\mozilla\firefox\profiles\a1o6t2e2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - ExtSQL: !HIDDEN! 2012-09-02 20:07; {20a82645-c095-46ed-80e3-08825760534b}; f:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R?2 mcbootdelaystartsvc;McAfee Boot Delay Start Service;f:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-11-10 281560]
R1 mfetdi2k;McAfee Inc. mfetdi2k;f:\windows\system32\drivers\mfetdi2k.sys [2013-2-19 92216]
R2 HomeNetSvc;McAfee Home Network;f:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-11-10 281560]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;f:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-6-24 167784]
R2 McAPExe;McAfee AP Service;f:\program files\mcafee\msc\McAPExe.exe [2013-11-10 145568]
R2 McMPFSvc;McAfee Personal Firewall Service;f:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-11-10 281560]
R2 McNaiAnn;McAfee VirusScan Announcer;f:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-11-10 281560]
R2 mcpltsvc;McAfee Platform Services;f:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-11-10 281560]
R2 McProxy;McAfee Proxy Service;f:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-11-10 281560]
R2 mfeavfk;McAfee Inc. mfeavfk;f:\windows\system32\drivers\mfeavfk.sys [2013-5-30 236480]
R2 mfecore;McAfee Anti-Malware Core;f:\program files\common files\mcafee\amcore\mcshield.exe [2013-11-10 644088]
R2 mfefire;McAfee Firewall Core Service;f:\program files\common files\mcafee\systemcore\mfefire.exe [2013-5-30 169800]
R2 mfehidk;McAfee Inc. mfehidk;f:\windows\system32\drivers\mfehidk.sys [2013-2-19 573840]
R2 mfevtp;McAfee Validation Trust Protection Service;f:\windows\system32\mfevtps.exe [2013-5-30 175480]
R2 Websteroids;Websteroids;f:\documents and settings\all users\application data\websteroids\WebsteroidsService.exe [2014-3-22 61816]
R3 cfwids;McAfee Inc. cfwids;f:\windows\system32\drivers\cfwids.sys [2013-5-30 61400]
R3 mfefirek;McAfee Inc. mfefirek;f:\windows\system32\drivers\mfefirek.sys [2013-5-30 366248]
R3 mfencbdc;McAfee Inc. mfencbdc;f:\windows\system32\drivers\mfencbdc.sys [2013-9-20 330248]
R3 mfendiskmp;mfendiskmp;f:\windows\system32\drivers\mfendisk.sys [2013-5-30 85544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;f:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 HipShieldK;McAfee Inc. HipShieldK;f:\windows\system32\drivers\HipShieldK.sys [2013-5-30 147912]
S3 mfebopk;McAfee Inc. mfebopk;f:\windows\system32\drivers\mfebopk.sys [2013-5-30 66408]
S3 mfencrk;McAfee Inc. mfencrk;f:\windows\system32\drivers\mfencrk.sys [2013-9-20 81264]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;f:\windows\system32\drivers\mfendisk.sys [2013-5-30 85544]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;f:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-04-01 07:11:02 -------- d-----w- f:\documents and settings\all users\application data\Websteroids
2014-04-01 07:09:36 -------- d-----w- f:\program files\InstallConverter bundle uninstaller
2014-03-27 05:52:35 13312 -c----w- f:\windows\system32\dllcache\xp_eos.exe
2014-03-27 05:52:35 13312 ------w- f:\windows\system32\xp_eos.exe
.
==================== Find3M  ====================
.
2014-03-12 07:03:11 71048 ----a-w- f:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 07:03:11 692616 ----a-w- f:\windows\system32\FlashPlayerApp.exe
2014-02-24 11:46:36 920064 ----a-w- f:\windows\system32\wininet.dll
2014-02-24 11:45:58 43520 ----a-w- f:\windows\system32\licmgr10.dll
2014-02-24 11:45:57 1469440 ------w- f:\windows\system32\inetcpl.cpl
2014-02-24 11:45:42 18944 ----a-w- f:\windows\system32\corpol.dll
2014-02-24 10:54:21 385024 ----a-w- f:\windows\system32\html.iec
2014-02-07 02:01:37 1879040 ----a-w- f:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- f:\windows\system32\qedit.dll
2014-01-27 09:18:40 61400 ----a-w- f:\windows\system32\drivers\cfwids.sys
2014-01-27 09:11:50 175480 ----a-w- f:\windows\system32\mfevtps.exe
2014-01-27 09:11:02 92216 ----a-w- f:\windows\system32\drivers\mfetdi2k.sys
2014-01-27 09:06:46 573840 ----a-w- f:\windows\system32\drivers\mfehidk.sys
2014-01-27 09:05:16 85544 ----a-w- f:\windows\system32\drivers\mfendisk.sys
2014-01-27 09:04:54 366248 ----a-w- f:\windows\system32\drivers\mfefirek.sys
2014-01-27 09:04:10 66408 ----a-w- f:\windows\system32\drivers\mfebopk.sys
2014-01-27 09:03:26 236480 ----a-w- f:\windows\system32\drivers\mfeavfk.sys
2014-01-27 09:02:18 134568 ----a-w- f:\windows\system32\drivers\mfeapfk.sys
2014-01-21 03:49:38 10632 ----a-w- f:\windows\system32\drivers\mfeclnrk.sys
2014-01-21 03:49:16 81264 ----a-w- f:\windows\system32\drivers\mfencrk.sys
2014-01-21 03:48:54 330248 ----a-w- f:\windows\system32\drivers\mfencbdc.sys
2014-01-04 03:13:05 420864 ----a-w- f:\windows\system32\vbscript.dll
.
============= FINISH:  6:35:43.68 ===============
Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 13/06/2011 12:30:03

System Uptime: 02/04/2014 06:26:11 (0 hours ago)

.

Motherboard: PACKARD BELL BV |  | GA-T671MG

Processor: Intel® Core2 Duo CPU     E4500  @ 2.20GHz | Socket 775 | 2199/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 232 GiB total, 205.114 GiB free.

D: is CDROM ()

F: is FIXED (NTFS) - 233 GiB total, 124.123 GiB free.

G: is FIXED (FAT32) - 233 GiB total, 67.874 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: 

Description: 

Device ID: ROOT\LEGACY_SASKUTIL\0000

Manufacturer: 

Name: 

PNP Device ID: ROOT\LEGACY_SASKUTIL\0000

Service: 

.

==== System Restore Points ===================

.

RP427: 11/01/2014 11:18:18 - System Checkpoint

RP428: 14/01/2014 08:11:31 - Software Distribution Service 3.0

RP429: 15/01/2014 14:39:15 - Software Distribution Service 3.0

RP430: 21/01/2014 13:10:23 - System Checkpoint

RP431: 22/01/2014 08:43:39 - Spybot-S&D Spyware removal

RP432: 25/01/2014 09:52:03 - System Checkpoint

RP433: 26/01/2014 10:47:41 - System Checkpoint

RP434: 31/01/2014 08:58:53 - System Checkpoint

RP435: 03/02/2014 10:00:49 - System Checkpoint

RP436: 06/02/2014 10:57:32 - System Checkpoint

RP437: 11/02/2014 12:43:22 - System Checkpoint

RP438: 11/02/2014 19:08:27 - Spybot-S&D Spyware removal

RP439: 12/02/2014 07:04:33 - Software Distribution Service 3.0

RP440: 13/02/2014 08:58:40 - System Checkpoint

RP441: 13/02/2014 13:46:26 - Spybot-S&D Spyware removal

RP442: 13/02/2014 13:54:30 - Spybot-S&D Spyware removal

RP443: 13/02/2014 14:04:37 - Restore Operation

RP444: 13/02/2014 15:54:54 - Software Distribution Service 3.0

RP445: 14/02/2014 10:01:36 - Software Distribution Service 3.0

RP446: 16/02/2014 10:47:03 - System Checkpoint

RP447: 16/02/2014 18:38:29 - Removed Adobe Reader 7.0

RP448: 16/02/2014 18:52:46 - Spybot-S&D Spyware removal

RP449: 17/02/2014 06:49:12 - Installed Sophos Virus Removal Tool.

RP450: 18/02/2014 18:30:11 - Removed Sophos Virus Removal Tool.

RP451: 18/02/2014 18:32:01 - Spybot-S&D Spyware removal

RP452: 14/03/2014 07:54:28 - Software Distribution Service 3.0

RP453: 17/03/2014 09:47:10 - System Checkpoint

RP454: 18/03/2014 08:06:16 - Software Distribution Service 3.0

RP455: 22/03/2014 09:30:55 - System Checkpoint

RP456: 26/03/2014 10:03:28 - System Checkpoint

RP457: 27/03/2014 08:38:41 - Software Distribution Service 3.0

RP458: 28/03/2014 10:01:02 - System Checkpoint

RP459: 31/03/2014 10:53:59 - System Checkpoint

RP460: 01/04/2014 19:30:25 - Spybot-S&D Spyware removal

RP461: 01/04/2014 20:05:32 - Restore Operation

RP462: 01/04/2014 20:09:34 - Restore Operation

RP463: 01/04/2014 20:13:56 - Restore Operation

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

µTorrent

BTOffer

BufferChm

CCleaner (remove only)

CDisplay 1.8

Compatibility Pack for the 2007 Office system

ConvertXtoDVD 4.1.19.365

Copy

CustomerResearchQFolder

DC++ 0.691

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DJ_AIO_03_F2200_ProductContext

DJ_AIO_03_F2200_Software

DJ_AIO_03_F2200_Software_Min

DVD Decrypter (Remove Only)

DVD Shrink 3.2

ESET Online Scanner v3

eSupportQFolder

Extended Update

F2200

F2200_Help

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Smart Web Printing

HP Solution Center 10.0

HP Update

HPProductAssistant

HPSSupply

ImgBurn (Remove Only)

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

McAfee AntiVirus Plus

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Word 2000

Mozilla Firefox 12.0 (x86 en-GB)

Mozilla Firefox 27.0.1 (x86 en-US)

Mozilla Maintenance Service

Nero 7 Premium

neroxml

NVIDIA Drivers

PSSWCORE

Realtek High Definition Audio Driver

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2870699)

Security Update for Windows Internet Explorer 8 (KB2879017)

Security Update for Windows Internet Explorer 8 (KB2888505)

Security Update for Windows Internet Explorer 8 (KB2898785)

Security Update for Windows Internet Explorer 8 (KB2909210)

Security Update for Windows Internet Explorer 8 (KB2909921)

Security Update for Windows Internet Explorer 8 (KB2925418)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2834904-v2)

Security Update for Windows Media Player (KB2834904)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2847311)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2862152)

Security Update for Windows XP (KB2862330)

Security Update for Windows XP (KB2862335)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2868038)

Security Update for Windows XP (KB2868626)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB2876331)

Security Update for Windows XP (KB2883150)

Security Update for Windows XP (KB2892075)

Security Update for Windows XP (KB2893294)

Security Update for Windows XP (KB2893984)

Security Update for Windows XP (KB2898715)

Security Update for Windows XP (KB2900986)

Security Update for Windows XP (KB2914368)

Security Update for Windows XP (KB2916036)

Security Update for Windows XP (KB2929961)

Security Update for Windows XP (KB2930275)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Shared C Run-time for x86

Shop for HP Supplies

SmartWebPrintingOC

SolutionCenter

Spotify

Spybot - Search & Destroy 1.3

Status

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB2904266)

Update for Windows XP (KB2934207)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VC80CRTRedist - 8.0.50727.6195

VideoToolkit01

WavePad Uninstall

WebFldrs XP

WebReg

Websteroids

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

.

==== Event Viewer Messages From Past Week ========

.

30/03/2014 06:57:21, error: Service Control Manager [7031]  - The McAfee Boot Delay Start Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

29/03/2014 15:40:38, error: WPDMTPDriver [15300]  - MTP WPD Driver has failed to start. Error 0x8007001f.

28/03/2014 06:24:23, error: Service Control Manager [7022]  - The McAfee Boot Delay Start Service service hung on starting.

28/03/2014 06:24:20, error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.

28/03/2014 06:22:56, error: Service Control Manager [7000]  - The Parallel port driver service failed to start due to the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

28/03/2014 06:22:56, error: Service Control Manager [7000]  - The McAfee Inc. mfeapfk service failed to start due to the following error:  The system cannot find message text for message number 0x%1 in the message file for %2.

27/03/2014 20:15:33, error: Service Control Manager [7031]  - The McAfee Boot Delay Start Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

27/03/2014 20:00:00, error: Schedule [7901]  - The At3.job command failed to start due to the following error:  %%2147942403

27/03/2014 20:00:00, error: Schedule [7901]  - The At1.job command failed to start due to the following error:  %%2147942403

26/03/2014 18:11:06, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Boot Delay Start Service service, but this action failed with the following error:  An instance of the service is already running.

26/03/2014 13:04:15, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee VirusScan Announcer service, but this action failed with the following error:  An instance of the service is already running.

26/03/2014 13:04:15, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Platform Services service, but this action failed with the following error:  An instance of the service is already running.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee Platform Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:14, error: Service Control Manager [7031]  - The McAfee Home Network service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 07:48:57, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

01/04/2014 19:43:19, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

01/04/2014 19:42:08, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

01/04/2014 19:41:57, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

01/04/2014 19:41:50, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

01/04/2014 19:41:39, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

01/04/2014 19:41:39, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}

01/04/2014 19:40:38, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Fips intelppm IPSec mfetdi2k MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL

01/04/2014 19:40:38, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.

01/04/2014 19:40:38, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.

01/04/2014 19:40:38, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.

01/04/2014 19:14:22, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume.

01/04/2014 18:34:10, error: Service Control Manager [7034]  - The Websteroids service terminated unexpectedly.  It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as µTorrent, DC++ or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

When you are done, please generate a new fresh DDS log file.

Link to post
Share on other sites

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 13/06/2011 12:30:03

System Uptime: 02/04/2014 18:03:01 (2 hours ago)

.

Motherboard: PACKARD BELL BV |  | GA-T671MG

Processor: Intel® Core2 Duo CPU     E4500  @ 2.20GHz | Socket 775 | 2199/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 232 GiB total, 205.114 GiB free.

D: is CDROM ()

F: is FIXED (NTFS) - 233 GiB total, 123.991 GiB free.

G: is FIXED (FAT32) - 233 GiB total, 67.539 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: 

Description: 

Device ID: ROOT\LEGACY_SASKUTIL\0000

Manufacturer: 

Name: 

PNP Device ID: ROOT\LEGACY_SASKUTIL\0000

Service: 

.

==== System Restore Points ===================

.

RP427: 11/01/2014 11:18:18 - System Checkpoint

RP428: 14/01/2014 08:11:31 - Software Distribution Service 3.0

RP429: 15/01/2014 14:39:15 - Software Distribution Service 3.0

RP430: 21/01/2014 13:10:23 - System Checkpoint

RP431: 22/01/2014 08:43:39 - Spybot-S&D Spyware removal

RP432: 25/01/2014 09:52:03 - System Checkpoint

RP433: 26/01/2014 10:47:41 - System Checkpoint

RP434: 31/01/2014 08:58:53 - System Checkpoint

RP435: 03/02/2014 10:00:49 - System Checkpoint

RP436: 06/02/2014 10:57:32 - System Checkpoint

RP437: 11/02/2014 12:43:22 - System Checkpoint

RP438: 11/02/2014 19:08:27 - Spybot-S&D Spyware removal

RP439: 12/02/2014 07:04:33 - Software Distribution Service 3.0

RP440: 13/02/2014 08:58:40 - System Checkpoint

RP441: 13/02/2014 13:46:26 - Spybot-S&D Spyware removal

RP442: 13/02/2014 13:54:30 - Spybot-S&D Spyware removal

RP443: 13/02/2014 14:04:37 - Restore Operation

RP444: 13/02/2014 15:54:54 - Software Distribution Service 3.0

RP445: 14/02/2014 10:01:36 - Software Distribution Service 3.0

RP446: 16/02/2014 10:47:03 - System Checkpoint

RP447: 16/02/2014 18:38:29 - Removed Adobe Reader 7.0

RP448: 16/02/2014 18:52:46 - Spybot-S&D Spyware removal

RP449: 17/02/2014 06:49:12 - Installed Sophos Virus Removal Tool.

RP450: 18/02/2014 18:30:11 - Removed Sophos Virus Removal Tool.

RP451: 18/02/2014 18:32:01 - Spybot-S&D Spyware removal

RP452: 14/03/2014 07:54:28 - Software Distribution Service 3.0

RP453: 17/03/2014 09:47:10 - System Checkpoint

RP454: 18/03/2014 08:06:16 - Software Distribution Service 3.0

RP455: 22/03/2014 09:30:55 - System Checkpoint

RP456: 26/03/2014 10:03:28 - System Checkpoint

RP457: 27/03/2014 08:38:41 - Software Distribution Service 3.0

RP458: 28/03/2014 10:01:02 - System Checkpoint

RP459: 31/03/2014 10:53:59 - System Checkpoint

RP460: 01/04/2014 19:30:25 - Spybot-S&D Spyware removal

RP461: 01/04/2014 20:05:32 - Restore Operation

RP462: 01/04/2014 20:09:34 - Restore Operation

RP463: 01/04/2014 20:13:56 - Restore Operation

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

BTOffer

BufferChm

CCleaner (remove only)

CDisplay 1.8

Compatibility Pack for the 2007 Office system

ConvertXtoDVD 4.1.19.365

Copy

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DJ_AIO_03_F2200_ProductContext

DJ_AIO_03_F2200_Software

DJ_AIO_03_F2200_Software_Min

DVD Decrypter (Remove Only)

DVD Shrink 3.2

ESET Online Scanner v3

eSupportQFolder

Extended Update

F2200

F2200_Help

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Smart Web Printing

HP Solution Center 10.0

HP Update

HPProductAssistant

HPSSupply

ImgBurn (Remove Only)

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

McAfee AntiVirus Plus

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Word 2000

Mozilla Firefox 12.0 (x86 en-GB)

Mozilla Firefox 27.0.1 (x86 en-US)

Mozilla Maintenance Service

Nero 7 Premium

neroxml

NVIDIA Drivers

PSSWCORE

Realtek High Definition Audio Driver

Scan

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2870699)

Security Update for Windows Internet Explorer 8 (KB2879017)

Security Update for Windows Internet Explorer 8 (KB2888505)

Security Update for Windows Internet Explorer 8 (KB2898785)

Security Update for Windows Internet Explorer 8 (KB2909210)

Security Update for Windows Internet Explorer 8 (KB2909921)

Security Update for Windows Internet Explorer 8 (KB2925418)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2834904-v2)

Security Update for Windows Media Player (KB2834904)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2847311)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2862152)

Security Update for Windows XP (KB2862330)

Security Update for Windows XP (KB2862335)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2868038)

Security Update for Windows XP (KB2868626)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB2876331)

Security Update for Windows XP (KB2883150)

Security Update for Windows XP (KB2892075)

Security Update for Windows XP (KB2893294)

Security Update for Windows XP (KB2893984)

Security Update for Windows XP (KB2898715)

Security Update for Windows XP (KB2900986)

Security Update for Windows XP (KB2914368)

Security Update for Windows XP (KB2916036)

Security Update for Windows XP (KB2929961)

Security Update for Windows XP (KB2930275)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Shared C Run-time for x86

Shop for HP Supplies

SmartWebPrintingOC

SolutionCenter

Spotify

Spybot - Search & Destroy 1.3

Status

Toolbox

TrayApp

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB2904266)

Update for Windows XP (KB2934207)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VC80CRTRedist - 8.0.50727.6195

VideoToolkit01

WavePad Uninstall

WebFldrs XP

WebReg

Websteroids

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

30/03/2014 06:57:21, error: Service Control Manager [7031]  - The McAfee Boot Delay Start Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

29/03/2014 15:40:38, error: WPDMTPDriver [15300]  - MTP WPD Driver has failed to start. Error 0x8007001f.

28/03/2014 18:03:52, error: Service Control Manager [7000]  - The Parallel port driver service failed to start due to the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

28/03/2014 11:29:39, error: Service Control Manager [7022]  - The McAfee Boot Delay Start Service service hung on starting.

28/03/2014 11:29:37, error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.

28/03/2014 11:28:16, error: Service Control Manager [7000]  - The McAfee Inc. mfeapfk service failed to start due to the following error:  The system cannot find message text for message number 0x%1 in the message file for %2.

28/03/2014 11:00:00, error: Schedule [7901]  - The At3.job command failed to start due to the following error:  %%2147942403

28/03/2014 11:00:00, error: Schedule [7901]  - The At1.job command failed to start due to the following error:  %%2147942403

27/03/2014 20:15:33, error: Service Control Manager [7031]  - The McAfee Boot Delay Start Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 18:11:06, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Boot Delay Start Service service, but this action failed with the following error:  An instance of the service is already running.

26/03/2014 13:04:15, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee VirusScan Announcer service, but this action failed with the following error:  An instance of the service is already running.

26/03/2014 13:04:15, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Platform Services service, but this action failed with the following error:  An instance of the service is already running.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee Platform Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:15, error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 13:03:14, error: Service Control Manager [7031]  - The McAfee Home Network service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

26/03/2014 07:48:57, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

01/04/2014 19:43:19, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

01/04/2014 19:42:08, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

01/04/2014 19:41:57, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

01/04/2014 19:41:50, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

01/04/2014 19:41:39, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

01/04/2014 19:41:39, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}

01/04/2014 19:40:38, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Fips intelppm IPSec mfetdi2k MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL

01/04/2014 19:40:38, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.

01/04/2014 19:40:38, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.

01/04/2014 19:40:38, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.

01/04/2014 19:14:22, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume.

01/04/2014 18:34:10, error: Service Control Manager [7034]  - The Websteroids service terminated unexpectedly.  It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

Please run a Quick Scan with Malwarebytes and post the log:

Open up Malwarebytes => Settings Tab => Scanner Settings => Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.04.05.04

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

chris :: CHRIS-FBF550ADA [administrator]

 

05/04/2014 17:54:31

MBAM-log-2014-04-05 (18-14-12).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 285999

Time elapsed: 19 minute(s), 7 second(s)

 

Memory Processes Detected: 1

F:\Documents and Settings\All Users\Application Data\Websteroids\WebsteroidsService.exe (PUP.OPtional.Websteroids) -> 1932 -> No action taken.

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 1

HKLM\SYSTEM\CurrentControlSet\Services\Websteroids (PUP.OPtional.Websteroids) -> No action taken.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 3

F:\Documents and Settings\chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage (PUP.Optional.Websteroids.A) -> No action taken.

F:\Documents and Settings\chris\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal (PUP.Optional.Websteroids.A) -> No action taken.

F:\Documents and Settings\All Users\Application Data\Websteroids\WebsteroidsService.exe (PUP.OPtional.Websteroids) -> No action taken.

 

(end)
Link to post
Share on other sites

Just to give you an update.

 

Since doing the scan, Websteroids has stopped appearing in the task manager, I'm not sure if that happened before so I can't give any prediction as to weather it will come back or not, but it is still showing in the add or remove programs section of the control panel.

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
Link to post
Share on other sites

I did the scans without shutting down McAfee, I don't know if they are any good. If you want them done again let me know along with any ideas you might have about shutting McAfee down. Here are the logs as they stand.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by chris on 09/04/2014 at 18:49:17.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: F:\Documents and Settings\chris\Application Data\mozilla\firefox\profiles\a1o6t2e2.default\minidumps [4 files]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/04/2014 at 19:12:13.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v3.023 - Report created 09/04/2014 at 19:21:58
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : chris - CHRIS-FBF550ADA
# Running from : F:\Documents and Settings\chris\My Documents\Downloads\AdwCleaner (3).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : F:\Documents and Settings\All Users\Application Data\Websteroids
Folder Deleted : F:\Documents and Settings\chris\Local Settings\Application Data\NativeMessaging
Folder Deleted : F:\DOCUME~1\chris\LOCALS~1\Temp\NativeMessaging
Folder Deleted : F:\Documents and Settings\chris\My Documents\Optimizer Pro
File Deleted : F:\Documents and Settings\Dee\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [F:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UpdaterEX
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C792A75A-2A1F-4991-9B85-291745478A79}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : F:\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\a1o6t2e2.default\prefs.js ]
 
 
[ File : F:\Documents and Settings\Dee\Application Data\Mozilla\Firefox\Profiles\xgimvuh7.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : F:\Documents and Settings\chris\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : F:\Documents and Settings\Dee\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [18074 octets] - [17/02/2014 09:47:01]
AdwCleaner[R1].txt - [2823 octets] - [09/04/2014 19:16:43]
AdwCleaner[s0].txt - [18314 octets] - [17/02/2014 09:48:41]
AdwCleaner[s1].txt - [2784 octets] - [09/04/2014 19:21:58]
 
########## EOF - F:\AdwCleaner\AdwCleaner[s1].txt - [2844 octets] ##########
 
 
 
Link to post
Share on other sites

Glad I could help! :)

Step 1

  • Download OTL to your desktop and run it.
  • Click on CleanUp button.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.