Dark Blade, I appreciate you trying to help, but please be careful. This sort of thing takes a certain amount of training for one to know what they're doing. It's very easy to get legitimate files and infections confused, and if we disable/remove the wrong ones, it can cause a lot of problems. My research gives me no reason to see the mentioned files as a threat. In fact, I believe they are related to the user's BIOS. Of course, this isn't concrete, so...
pleasehelp,
Please head over to
VirusTotal, and copy/paste and scan each of the below files (one at a time)...
C:\WINDOWS\system32\PhxPsSvr.exe
C:\WINDOWS\system32\PhxVtSvr.exeOnce you have done that, please post the results of each file.
Before proceding, download AVG Anti-Virus and AVG Anti-Spyware from the link provided by
street1 (you may want to
disable your CA Antivirus). These programs are free and don't require registration or activation. Update both of them (but don't scan yet).
And now, let's go over your log...
Once we start, you won't have access to this post anymore, so I recommend that you
print out this post or save it to a Notepad file. Open HijackThis and scan again. Check the following entries, but don't do anything to them yet...
O2 - BHO: MSVPS System - {218B7D50-BC37-4FA8-A57F-6E8DE692BD79} - C:\WINDOWS\vpsnetwork.dll
O21 - SSODL: vpssup - {17495F36-7D6D-4858-ADAA-8DCA6C203EE5} - C:\WINDOWS\vpssup.dll
O21 - SSODL: expro - {886C00DD-C91B-4046-83AE-B0FDA18CC0EE} - C:\WINDOWS\expro.dll
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm(This appears to be what's giving you trouble.)Now, close
all windows (including this one) besides HijackThis, then click Fix Checked. Close HijackThis and
reboot into Safe Mode and
enable hidden files and folders.
Navigate to and delete the following folder(s) if present...
C:\WINDOWS\privacy_dangerNavigate to and delete the following file(s) if present...
C:\WINDOWS\vpsnetwork.dll
C:\WINDOWS\vpssup.dll
C:\WINDOWS\expro.dllGo ahead and scan with both AVG programs, one at a time. If you run them both at the same time, it can cause problems. When your scan has completed, go to
Control Panel and open up the Display Properties. Click on the
Desktop tab and then click on the
Customize Desktop button. From there, click on the
Web tab and under
Web pages:, you will see a list of items. If you see anything with a name like
Privacy Danger, select it and click on the
Delete button. If it's not there, then simply exit.
Once you've done all of this, reboot into Normal Mode and post a new HijackThis log so we can see if there's any other junk we need to clean up. Let me know how everything's running now and if you had any problems following my steps.
