Contents of the 'Scheduled Tasks' folder . 2011-12-06 c:\windows\Tasks\FileCure Default.job - c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2011-03-01 23:00] . 2012-01-14 c:\windows\Tasks\FileCure Startup.job - c:\program files (x86)\ParetoLogic\FileCure\FileCure.exe [2011-03-01 23:00] . 2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-2-9 430080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . The scan may take some time to finish,so please be patient. are you thinking this could be something else that is not related to malware? 01-24-2012, 03:26 PM #9 Ried AdministratorManagement Team, Security Center & TSF Academy Expert Analyst, Moderator, navigate here

Let me know what you want me to do next...regards, srrsue wed. 5/15/2013 at 10:37 pm edstComboFix 13-05-15.01 - Ed and Sue 05/15/2013 22:09:21.2.1 - x86Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1982.865 thanks so much in advance Dmitri ----------------------- . My PC is acting really slow and lethargic in going site to site, When I turn on my PC this morning (I got a chance to run ADWCLEANER last night) and C:\Program Files (x86)\Object\config.ini (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Did Kaspersky detect or alert you to anything? Would it likely be the item PUP.FCTPlugin that is causing the problem or is it also possible there are other problems that could cause this? Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note) Please save the log to a location you will remember.

If an update is found, it will download and install the latest version. Computer Running Slow Mbam log shows PUP.FCTPlugin Started by daveky , Oct 01 2012 03:54 AM Page 1 of 2 1 2 Next Please log in to reply 21 replies to R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> After the download: Close any open browsers.

Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E879077EB6765D5532AC92 (Malware.Trace) -> Data: -> Quarantined and deleted successfully. Antimalware programs like Malwarebytes pop up warnings when they detect "potentially unwanted programs" you might want to remove. For example, browser toolbars that clutter your browser, track your web browsing, and show additional advertisements to you are "potentially unwanted programs." A Bitcoin-mining program like the one uTorrent once included http://www.techspot.com/community/topics/lots-of-virus-malware-in-my-computer.184134/ Once the program has loaded, select Perform Quick scan, then click Scan.

uSearch Page = hxxp://www.google.com uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9 uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=e627&r=273602100835l0374z1k5r48523258 mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&m=e627&r=273602100835l0374z1k5r48523258 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mWinlogon: Userinit=userinit.exe BHO: &Yahoo! v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? user_pref('extensions.dealply.sampleGroup', '3'); . Select the restore point created just before the Windows Updates began.

i clicked on FOLLOW and IMMEDIATE email reply BUT OUR TOPIC IS NOT SHOWING UP FOR ME ..what do I need to do to get so I don't have to go http://www.howtogeek.com/232791/pups-explained-what-is-a-potentially-unwanted-program/ I have been able to help myself and friends because of your site. Ecobee3 vs. If the machine does not have a password, simply click Enter.

Close Spybot S&D. >>> During this cleanup,Please DO NOT run, install and/or uninstall any tools/ programs other than those I suggest to you because some programs can interfere with others and/ check over here Inc.)O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()O2 - BHO: (no C:\Program Files (x86)\Object\status.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully. Kevin kevinf80, Nov 6, 2012 #7 BeAlLsTaR13 Thread Starter Joined: Nov 17, 2007 Messages: 197 ComboFix 12-11-06.03 - user1 11/06/2012 20:48:48.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.451 [GMT -5:00]

scanning hidden processes ... . Click Start > Run and copy/paste, or type the following bolded text into the Run box and click OK: ComboFix /uninstall -------------------------------------------------------------------- Should you wish to contribute to the ongoing development Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. his comment is here If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal If after running Combofix you receive any type of warning message

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. It was stuck on this message for about 5 minutes and then goes to the regular WINDOWS sign in. Started by srrsue, May 14, 2013 PUP.FACETHEME PUP.FCTPLUGIN TROJAN.BHO 69 posts in this topic Prev 1 2 3 Next Page 1 of 3 srrsue    New Member Topic Starter Members

Aug 13, 2012 #2 muddie TS Rookie Topic Starter Posts: 45 I have Microsoft Security Essentials but when I click it, it won't open.

As i ran combofix......at COMPLETED STAGE 15, a microsoft error pop up appeared and said: PEV.exe has stopped working - windows checking for a solution to the problem. Can anyone help? This is a discussion on SLOW OR SO SLOW... HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> Quarantined and deleted successfully.

It is important to rename ComboFix before the download. Please re-enable javascript to access full functionality. C:\Program Files (x86)\Object\chromeaddon.crx (PUP.FCTPlugin) -> Quarantined and deleted successfully. weblink You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and

Be sure that everything is checked, and click Remove Selected. That may cause it to stallNote 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer"information and logs"In Files Detected: 4 C:\Program Files (x86)\Object\status.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts.

thanks 01-23-2012, 05:59 PM #3 Ried AdministratorManagement Team, Security Center & TSF Academy Expert Analyst, Moderator, Security Team Rangemaster, Moderator, TSF Academy Join Date: Jan 2005 Location: I do not need to see my previous instructions. If this takes it back to the restore point that ComboFix created, then turn off Windows Updates and run ComboFix again. :) __________________ Member of UNITE since 2006 Microsoft MVP - I read your FAQ and ran malwarebytes.

How is the machine behaving now? Win 7,64 bit 3Gb RAM, 40Gb free disk space Kaspersky AV Ran CCLeaner and Thread Tools Search this Thread 01-15-2012, 03:42 PM #1 dmitriny1 Registered Member Join Date: Malwarbytes is frozen when I try to open it. 5.Computer freezes constantly I tried restoring computer to a earlier time but it freezes when I open the window for that. Uninstall Startnow Toolbar and reboot.

Processes listed in the status message are: svchost.exe, winupd.exe, and temp:winupd.exe. I will make sure I print your message off for future downloads. Thanks for your time. There was no mention of a family member in the same household so when we looked up the IP address and it showed the same that typically indicates that someone is