TROJAN.BHO, PUP.FACETHEME & PUP.FCTPLUGIN PROBLEMS - NEED HELP !

srrsue · May 14, 2013

Hello...I am a new user here and need some assistance in eradicating the trojan and malware that my malwarebytes scan uncovered. Attached are the two logs I have...the first one when I found the culprits and the second one that seems clean. My Laptop PC has really been sluggish and it seems performance is deteriorating. I would appreciate your expert advice and direction on what I can do to get rid of this bad stuff...and help return my PC to good operating efficiency. Thank you for your help srrsue Tuesday May 14, 2013 at 4:57 pm edst

mbam-log-2013-05-08 (12-16-08).txt

mbam-log-2013-05-12 (10-20-58).txt

Firefox · May 14, 2013

Hello and Welcome to Malwarebytes

Being that you are probably infected, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

srrsue · May 14, 2013

Hi Firefox: here are the TWO logs I was told to attach and forward...let me know what I need to do next...thanks for your help.....srrsue tuesday may 14, 2013 at 6:10 pm edst

attach.txt

dds.txt

AdvancedSetup · May 14, 2013

You have signs of a possible infection

==== Event Viewer Messages From Past Week ========
.
5/9/2013 2:01:25 PM, Error: Service Control Manager [7022]  - The Diagnostic Service Host service hung on starting.
5/9/2013 1:53:37 PM, Error: PlugPlayManager [11]  - The device Root\LEGACY_SMR322\0000 disappeared from the system without first being prepared for removal.
5/8/2013 8:49:36 PM, Error: EventLog [6008]  - The previous system shutdown at 8:47:38 PM on 5/8/2013 was unexpected.
5/8/2013 6:18:55 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  BHDrvx86 ccSet_NIS eeCtrl IDSVix86 spldr SRTSP SRTSPX SymIRON SYMTDIv Wanarpv6
5/8/2013 6:18:55 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
5/8/2013 6:18:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/8/2013 6:18:01 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv.dll Error Code: 21
5/8/2013 6:17:58 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/14/2013 10:49:06 AM, Error: Schannel [36874]  - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
.
==== End Of File ===========================

Also your TuneUp Utilities is actually probably causing your computer issues. You may want to consider not using it.

==== Image File Execution Options =============

.

IFEO: amazongsdownloaderservice.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: excel.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: finder.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: fixitcenter.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: frontpg.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: hpwucli.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: msaccess.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: mstore.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: mydvd9.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: offdiag.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: ois.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: onenote.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: outlook.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: powerpnt.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: pptview.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: presentationhost.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: roxwizardlauncher9.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: setlang.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: stax.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: unbind.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: unins000.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: videowave9.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

IFEO: winword.exe - "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

In any case please follow the directions below and someone will assist you with cleaning the computer.

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

srrsue · May 15, 2013

I am a bit confused here...somehow..I fidst started out explaining MY PROBLEM to Firefox...then to Advance Setup....then I followed Advanced Setup's suggestion to set up a NEW TOPIC for AVAILABLE ASSISTANCE....which I did...and THEN I HEARD from Gringo...and DID WHAT HE SAID....and now I don't seem to be getting any other kind of response ? Did I do something wrong here ? How do I get back on track here ? I sent the two logs that Gringo asked me to send him, and have not heard from him - is that usual ? A friend of mine who TOLD ME about malewarebytes forum help...told me she got help in a FEW MINUTES and she kept doing what the expert said, and her problems were FIXED in just a day ?? At the bottom of Gringo's email it says something about BUMPING the TOPIC if I do not hear from him within 48 hours...what does that mean ? Did I mistakenly BUMP my new topic when I contacted Gringo AFTER having started this request for help with Firefox and then Advanced Setup ? Where does my CASE now stand ? I SEE MY TOPIC wording NOW appering in TWO DIFFERENT parts of this forum ? PLEASE HELP. I am NEW here, so I really AM CONFUSED on how this whole help assistance takes place...and I appreciate YOUR HELP to clarify what is going on and what I have to do next....wait ? or do I need to BUMP......OR WHAT ? Thanks for your immediate help. srrsue Wed. 5/15/2013 at 1:57 pm edst

Porthos · May 15, 2013

Posted Today, 08:38 AM

I really AM CONFUSED on how this whole help assistance takes place...and I appreciate YOUR HELP to clarify what is going on and what I have to do next....wait ? or do I need to BUMP......OR WHAT ?

All the fixing will happen with gringo. All the helpers are Volunteers and help different people on sometimes on several different support forums. It can take 24- 48 hours between replies at times.

told me she got help in a FEW MINUTES and she kept doing what the expert said, and her problems were FIXED in just a day

Got very lucky considering the workload the helpers have.

srrsue · May 15, 2013

thanks for the heads up Porthos.....I just called my friend and she said she had Mr. Charlie help her and he did a tremendous job !! I was just unsure of how the "system" works and how long between responses from Gringo and myself. My friend said she was going to make a contribution to Mr. Charlie once she opened a paypal account. What is the usual amount a person who was helped should CONTRIBUTE as she is on fixed income but is eternally grateful to Mr. Charlie. Thanks for your help with this ! srrsue

Firefox · May 15, 2013

Amounts of contribution is all depending on you and what you can afford. Remember we are all volunteers and any amount we/all receive is very appreciated. I for one and I can probably speak for the others, do it because I enjoy helping others, and I am not really looking for the contribution but helping to continue to learn and to help rid this world of Malware.

AdvancedSetup · May 15, 2013

Also helpers come from all regions of the Globe. While you're awake your helper may be asleep and vice-versa so yes getting the cleanup resolved can take a bit of time.

Thanks

AdvancedSetup · May 15, 2013

Actually this account will be deactivated as it is a duplicate account. Your real account is: yosoy4ever

TROJAN.BHO, PUP.FACETHEME & PUP.FCTPLUGIN PROBLEMS - NEED HELP !

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Important Information