FPXW.exe

I need help getting rid of this.

more info…explain your problem

A program keeps popping up on start up and i can’t get rid of it. It is also keeping me form doing a system restore.

Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0

adw log

Couldn’t update Malware bytes bet here are the results.

after results

see if you are able to update it now after you removed that… or you can try update Malwarebytes from safe mode

if no success, just continue with attaching all logs… then help will arrive here later

Please download Farbar Recovery Scan Tool and save it to your desktop.

[color=green]Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Under Optional Scan ensure “List BCD” and “Driver MD5” are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

I’ll use it right away. In the mean time here are the OTL results

FarBar Results

Should i still use the aswMBR? I’m about to download it.

while waiting for argus to be back, you can do that, it is just a rootkit diagnostic log

  1. Open notepad and copy/paste the text present inside the code box below.
    To do this highlight the contents of the box and right click on it. Paste this into the open notepad.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system


Start
U3 a5vt2zih; C:\Windows\System32\Drivers\a5vt2zih.sys [0 ] (Advanced Micro Devices)
C:\Windows\System32\Drivers\a5vt2zih.sys
HKCU\...\Run: [Java (TM) Platform SE Auto Updater] - C:\ProgramData\jre70\cpfpdndnn.exe [2737664 2013-08-07] (NoVirusThanks Company Srl)
HKLM-x32\...\Run: [Java (TM) Platform SE Auto Updater] - C:\ProgramData\jre70\cpfpdndnn.exe [2737664 2013-08-07] (NoVirusThanks Company Srl)
C:\ProgramData\jre70\cpfpdndnn.exe
CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\tony\AppData\Local\Temp\ccex.crx
End


  1. Save notepad as fixlist.txt
    NOTE. It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

  2. Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.

Note: If the tool warned you about the outdated version please download and run the updated version.

Re-run FRST, click on Scan button and attach here fresh FRST.txt logreport.

Fix Results and re-scan results.

I still can’t restore but the pop up has disappeared. I checked if system restore was on and said it was on, but still no dice.

Re-run FRST

HKCU\...\Run: [Java (TM) Platform SE Auto Updater] - "C:\ProgramData\jre70\cpfpdndnn.exe" [x]
C:\ProgramData\jre70\cpfpdndnn.exe
HKLM-x32\...\Run: [Java (TM) Platform SE Auto Updater] - "C:\ProgramData\jre70\cpfpdndnn.exe" [x]
C:\ProgramData\jre70\cpfpdndnn.exe
IMEO\hijackthis.exe: [Debugger] igtbcps_.exe
IMEO\housecalllauncher.exe: [Debugger] udlzjdy_.exe
IMEO\rstrui.exe: [Debugger] safpdnd_.exe
IMEO\spybotsd.exe: [Debugger] ueutwmy_.exe
U3 a5drv4s3; C:\Windows\System32\Drivers\a5drv4s3.sys [0 ]
C:\Windows\System32\Drivers\a5drv4s3.sys 

Save notepad as fixlist.txt

Run FRST/FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.

Re-run Results

Just tried system restore and it worked. Thank you very much.

Great :slight_smile:

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[
] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.


Please download TFC by OldTimer to your desktop

[*]Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
[*]It will close all programs when run, so make sure you have saved all your work before you begin.
[*]Click the Start button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
[*]Once it’s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.