Mom's PC is having a few issues.

Thornbreaker · Sep 2, 2013

Thanks for taking a look when you get a chance.

I ran a MBAM scan a couple weeks ago and it picked up a lot of PUP. files it detected and fixed. Computer still seems to have some issues though so I ran through the gauntlet of scans you ask for. They are attached below as requested.

I am also getting a wow.dll error when I tried to start a couple of these programs. HitmanPro seemed to pick it up as well.

TimW · Sep 2, 2013

Start with this:

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these detections:

[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : ShopAtHomeWatcher (C:\Users\wallace\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [7]) -> FOUND
[HJ INPROC][SUSP PATH] HKCR\[...]\InprocServer32 : (C:\Users\wallace\AppData\Local\Temp\srosqks\sfdcvym\wow64.dll [-]) -> FOUND

Place a checkmark each of these items, leave the others unchecked.
Now press the Delete button.

Now delete this item:
¤¤¤ Startup Entries : 1 ¤¤¤
[wallace][SUSP PATH] NexDef Plug-in.lnk : C:\Users\wallace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk @C:\Users\wallace\AppData\Local\Autobahn\nexdef.exe [-][-] -> FOUND

Now run Hitman and remove this item:
C:\Users\wallace\AppData\Local\Temp\srosqks\sfdcvym\wow64.dll

And remove all of the PUP's.

http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Attach JRT.txt to your next message.

Now reboot and rescan with both RogueKiller and Hitman and attach the new logs as well.

Then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Attach the new C:\MGLogs.zip.

chaslang · Sep 2, 2013

First step should be to uninstall the below programs! ( yes McAfee too since it is being installed as addons to other programs )
Ask Toolbar
LyricsPal
McAfee Security Scan Plus
ShopAtHome.com Helper
ShopAtHome.com Toolbar

Thornbreaker · Sep 4, 2013

Thanks guys. I followed your directions. Attached are the new logs.

TimW · Sep 4, 2013

Is this something you created?:
[RUN][SUSP PATH] HKLM\[...]\Run : Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5} (C:\Windows\test.bat [x]) -> FOUND

If not, run RogueKiller and delete it.

You do not need to clean your registry, so delete this:
C:\Users\Default\Desktop\Clean Registry for Free!.lnk

Now you just need to clean your temp folders. So run CCleaner and clean out those temps.

Tell me how things are running now.

Log in or Sign up

Mom's PC is having a few issues.

Thornbreaker Private E-2

Attached Files:

HitmanPro_20130902_1335.log

mbam-log-2013-09-02 (13-19-51).txt

RKreport[0]_S_09022013_131806.txt

MGlogs.zip

TDSSKiller.2.9.2.0_02.09.2013_13.25.00_log.txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Thornbreaker Private E-2

Attached Files:

RKreport[0]_S_09042013_140041.txt

HitmanPro_20130904_1404.log

MGlogs.zip

JRT.txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member