|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
08-21-2009, 11:01 AM
|
#1 (permalink) |
|
Registered User
Join Date: Dec 2008
Posts: 55
OS: Windows Vista Service Pack 1
|
Viruses poping up every 5 minutes!
This happens frequently, either when I'm gaming or surfing the web. Most of the time it's Windows Explorer, just randomly stops responding and closes, I have to restart. Also some other unknown programs as well. I'll be sure to name the program that stops responding next time.
Also, I've been getting a lot of automatic CMD openings randomly, one was "soocks.exe"This only started happening because some prick port forwarded something to me via X-chat 2 using my open ports >.<(I use Torrent so that's why I got open ports) I located the file and deleted the .exe, it solved the problem but now some other CMD's open sometimes. It goes by a second, opens and closes really quickly. I think one was "win32.exe" So here's a screen shot of where all the Win23 viruses pop up and get blocked by Avast Home Edition. I move them to Chest. C/Windows/Temp:  I upload this picture and straight away I got this virus block pop up from Avast:  Another Avast pop up:  Is there some kind of other program virus that keeps duplicating these files. Most come from Temporary Internet Files\Content.IE5P\....... or C:\Users\Vengeance\AppData\Local\Temp There are necessary files attached, please download and have look through them. DDS.TXT: DDS (Ver_09-07-30.01) - NTFSx86 Run by Vengeance at 16:46:38.63 on 21/08/2009 Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_11 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2046.871 [GMT 1:00] AV: AVG *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: avast! antivirus 4.8.1229 [VPS 081122-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: AVG *enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: avast! antivirus 4.8.1229 [VPS 081122-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Windows\System32\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Tablet.exe C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hide My IP 2009\SecureSrv.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\WTablet\TabUserW.exe C:\Windows\system32\Tablet.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Chatango\Chatango.exe C:\Windows\msupdate32.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\client.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe c:\program files\windows defender\MpCmdRun.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Windows\system32\ctfmon.exe C:\Windows\msa.exe C:\Windows\explorer.exe C:\Users\VENGEA~1\AppData\Local\Temp\a.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Vengeance\Desktop\dds.scr ============== Pseudo HJT Report =============== uSearch Page = hxxp://www.google.com uStart Page = hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=ZRfox000&ptb=Jf7ndOBFbGLiCh2LiG9J_w uDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mDefault_Page_URL = hxxp://www.google.com mSearchAssistant = hxxp://www.google.com/ie BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No File BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: XML Class: {500bca15-57a7-4eaf-8143-8c619470b13d} - c:\windows\system32\msxml71.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - No File BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - No File BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll TB: Veoh Video Compass: {52836eb0-631a-47b1-94a6-61f9d9112dae} - c:\program files\veoh networks\veoh video compass\SearchRecsPlugin.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File TB: {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No File EB: {2AA2FBF8-9C76-4E97-A226-25C5F4AB6358} - No File uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [Windows Client] client.exe uRun: [Chatango] c:\program files\chatango\Chatango.exe uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet uRun: [RegistryMechanic] c:\program files\registry mechanic\rmtray.exe /H uRun: [Monopod] c:\users\vengea~1\appdata\local\temp\a.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [toolbar_eula_launcher] c:\program files\packard bell\google_eula\EULALauncher.exe mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [ACTIVBOARD] c:\program files\packard bell\fiji\aboard.exe mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0" mRun: [TrayServer] c:\program files\magix\movie_edit_pro_14_plus_download_version\TrayServer.exe mRun: [Windows Client] client.exe mRun: [Windows Update Service] msupdate32.exe dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll LSP: c:\windows\system32\SecureNet.dll DPF: CabBuilder DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL,avgrsstx.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\vengea~1\appdata\roaming\mozilla\firefox\profiles\2thkeby0.default\ FF - prefs.js: browser.search.defaulturl - hxxp://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p= FF - prefs.js: browser.search.selectedEngine - MyWebSearch FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZVfox000&fl=0&ptb=ruPJyxdC.tbXDU6qOhKhTA&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor= FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ZangoSA.dll FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll FF - plugin: c:\users\vengeance\appdata\local\google\update\1.2.183.7\npGoogleOneClick8.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-3-5 12424] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-30 114768] R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2008-10-23 23832] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-3-5 96520] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-30 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-10-30 51792] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\system32\nvSCPAPISvr.exe [2009-6-10 232960] R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-5-6 185640] R3 SecureSrv;SecureSrv;c:\program files\hide my ip 2009\SecureSrv.exe [2009-8-4 1691648] S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe --> c:\progra~1\avg\avg8\avgemc.exe [?] S2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe --> c:\progra~1\avg\avg8\avgwdsvc.exe [?] S2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe --> c:\progra~1\avg\avg8\avgfws8.exe [?] S3 AvgWfpX;AVG8 Firewall Driver x86;c:\windows\system32\drivers\avgwfpx.sys [2008-10-28 67080] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2008-9-18 1527900] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2007-4-3 1131136] ============== File Associations =============== regfile="regedit.exe" "%1" =============== Created Last 30 ================ 2009-08-21 15:52 133,120 a------- c:\windows\msa.exe 2009-08-21 15:20 209,412 a------- c:\windows\system32\msxml71.dll 2009-08-21 12:31 506,368 a------- c:\windows\system32\msxml.dll 2009-08-18 20:49 <DIR> --d----- c:\program files\PacSteamT 2009-08-18 20:25 89,680 ---shr-- c:\windows\msupdate32.exe 2009-08-15 13:02 <DIR> --d----- c:\windows\lhsp 2009-08-15 13:02 <DIR> --d----- c:\program files\CFS-Technologies 2009-08-12 23:46 71,680 a------- c:\windows\system32\atl.dll 2009-08-12 23:46 160,256 a------- c:\windows\system32\wkssvc.dll 2009-08-12 23:46 2,066,432 a------- c:\windows\system32\mstscax.dll 2009-08-12 23:46 91,136 a------- c:\windows\system32\avifil32.dll 2009-08-12 23:46 313,344 a------- c:\windows\system32\wmpdxm.dll 2009-08-12 23:46 7,680 a------- c:\windows\system32\spwmp.dll 2009-08-12 23:46 4,096 a------- c:\windows\system32\msdxm.ocx 2009-08-12 23:46 4,096 a------- c:\windows\system32\dxmasf.dll 2009-08-12 23:46 8,147,456 a------- c:\windows\system32\wmploc.DLL 2009-08-12 23:46 43,520 a------- c:\windows\system32\msdxm.tlb 2009-08-12 23:46 18,432 a------- c:\windows\system32\amcompat.tlb 2009-08-11 12:02 42 a------- c:\windows\system32\AK083E209605E394C.lie 2009-08-11 12:02 <DIR> --d----- c:\program files\Perfect Uninstaller 2009-08-11 12:00 <DIR> --d----- c:\program files\Windows Installer Clean Up 2009-08-11 11:59 <DIR> --d----- c:\program files\MSECACHE 2009-08-10 21:20 <DIR> --d----- c:\program files\Chatango 2009-08-10 14:31 <DIR> --d----- c:\users\vengea~1\appdata\roaming\QQ Games Plugin 2009-08-10 14:27 <DIR> --d----- c:\programdata\Tencent 2009-08-10 14:27 <DIR> --d----- c:\program files\Tencent 2009-08-10 14:27 <DIR> --d----- c:\progra~2\Tencent 2009-08-10 14:25 <DIR> --d----- c:\programdata\AOL Downloads 2009-08-10 14:25 21 a------- c:\windows\atid.ini 2009-08-10 14:23 <DIR> --d----- c:\programdata\Viewpoint 2009-08-10 14:23 <DIR> --d----- c:\progra~2\Viewpoint 2009-08-10 14:23 <DIR> --d----- c:\program files\Viewpoint 2009-08-10 14:23 <DIR> --d----- c:\programdata\acccore 2009-08-10 14:23 <DIR> --d----- c:\progra~2\acccore 2009-08-10 14:23 <DIR> --d----- c:\programdata\AOL OCP 2009-08-10 14:23 <DIR> --d----- c:\programdata\AOL 2009-08-10 14:22 <DIR> --d----- c:\program files\common files\AOL 2009-08-10 14:21 <DIR> --d----- c:\program files\AIM6 2009-08-06 15:36 3,240,876 a------- c:\windows\system32\GameMon.des 2009-08-06 13:21 <DIR> --d----- c:\program files\gPotato.eu 2009-08-06 12:25 54,156 a---h--- c:\windows\QTFont.qfn 2009-08-06 12:25 1,409 a------- c:\windows\QTFont.for 2009-08-04 22:41 <DIR> --d----- c:\program files\Hide My IP 2009 2009-08-04 16:26 <DIR> --d----- c:\program files\Garena 2009-08-01 21:52 <DIR> --d----- c:\program files\SecondLife 2009-07-31 21:15 75,776 ---shr-- c:\windows\client.exe 2009-07-30 23:23 <DIR> --d----- c:\users\vengeance\VideosMagix Movies 2009-07-30 17:33 <DIR> --d----- c:\users\vengea~1\appdata\roaming\PeerNetworking 2009-07-29 14:56 <DIR> --d----- c:\program files\Audacity 2009-07-29 14:52 <DIR> --d----- C:\MyAudio 2009-07-29 14:44 <DIR> --d----- c:\program files\AoA Audio Extractor 2009-07-29 14:43 915,456 a------- c:\windows\system32\wininet.dll 2009-07-28 20:39 <DIR> --d----- C:\PacSteamTT 2009-07-28 18:12 <DIR> --d----- c:\programdata\SmartSound Software Inc 2009-07-28 18:12 <DIR> --d----- c:\progra~2\SmartSound Software Inc 2009-07-28 18:12 <DIR> --d----- c:\program files\SmartSound Software 2009-07-27 21:20 4,178,264 a------- c:\windows\system32\D3DX9_41.dll 2009-07-27 21:20 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll 2009-07-27 21:20 453,456 a------- c:\windows\system32\d3dx10_41.dll 2009-07-27 21:20 517,448 a------- c:\windows\system32\XAudio2_4.dll 2009-07-27 21:20 235,352 a------- c:\windows\system32\xactengine3_4.dll 2009-07-27 21:20 69,448 a------- c:\windows\system32\XAPOFX1_3.dll 2009-07-27 21:20 22,360 a------- c:\windows\system32\X3DAudio1_6.dll 2009-07-26 14:09 <DIR> --d----- c:\users\vengea~1\appdata\roaming\AVSMedia 2009-07-26 14:05 156,910 a------- c:\windows\WMSysPr8.prx 2009-07-26 14:05 413,760 a------- c:\windows\system32\mpg4c32.dll 2009-07-26 14:05 261,632 a------- c:\windows\system32\mcdvd_32.dll 2009-07-26 14:05 82,944 a------- c:\windows\system32\vct3216.acm 2009-07-26 14:05 81,920 a------- c:\windows\system32\AC3ACM.acm 2009-07-26 14:05 38,912 a------- c:\windows\system32\alf2cd.acm 2009-07-26 14:05 13,239 a------- c:\windows\system32\Scg726.acm 2009-07-23 14:18 <DIR> --d----- c:\program files\Codemasters 2009-07-22 21:15 <DIR> --d----- c:\users\vengea~1\appdata\roaming\AVS4YOU 2009-07-22 21:15 <DIR> --d----- c:\programdata\AVS4YOU 2009-07-22 21:15 <DIR> --d----- c:\progra~2\AVS4YOU 2009-07-22 21:08 <DIR> --d----- c:\program files\AVS4YOU 2009-07-22 21:07 <DIR> --d----- c:\program files\common files\AVSMedia 2009-07-22 21:07 974,848 a------- c:\windows\system32\mfc70.dll 2009-07-22 21:07 487,424 a------- c:\windows\system32\msvcp70.dll ==================== Find3M ==================== 2009-08-21 13:51 32,251 a------- c:\programdata\nvModes.dat 2009-08-21 13:51 32,251 a------- c:\progra~2\nvModes.dat 2009-08-03 19:30 34 a------- c:\users\vengeance\jagex_runescape_preferences.dat 2009-08-02 19:33 932 a------- c:\users\vengea~1\appdata\roaming\wklnhst.dat 2009-07-21 22:47 109,056 a------- c:\windows\system32\iesysprep.dll 2009-07-21 22:47 71,680 a------- c:\windows\system32\iesetup.dll 2009-07-21 21:13 133,632 a------- c:\windows\system32\ieUnatt.exe 2009-07-17 06:44 5,632 a------- c:\windows\system32\BReWErS.dll 2009-07-14 17:17 15,308,440 a------- c:\windows\system32\xlive.dll 2009-07-14 17:17 13,642,888 a------- c:\windows\system32\xlivefnt.dll 2009-07-11 12:40 51,200 a------- c:\windows\inf\infpub.dat 2009-07-11 12:40 143,360 a------- c:\windows\inf\infstrng.dat 2009-07-11 12:40 86,016 a------- c:\windows\inf\infstor.dat 2009-07-09 20:17 107,888 a------- c:\windows\system32\CmdLineExt.dll 2009-07-09 19:01 2,174 a------- c:\windows\system32\ealregsnapshot1.reg 2009-06-15 16:24 156,672 a------- c:\windows\system32\t2embed.dll 2009-06-15 16:20 72,704 a------- c:\windows\system32\fontsub.dll 2009-06-15 16:20 10,240 a------- c:\windows\system32\dciman32.dll 2009-06-15 13:52 289,792 a------- c:\windows\system32\atmfd.dll 2009-06-10 08:35 1,194,528 a------- c:\windows\system32\nvcplui.exe 2009-06-10 08:35 1,296,928 a------- c:\windows\system32\nvsvs.dll 2009-06-10 08:34 3,123,744 a------- c:\windows\system32\nvwss.dll 2009-06-10 08:34 4,045,344 a------- c:\windows\system32\nvvitvs.dll 2009-06-10 08:34 4,028,960 a------- c:\windows\system32\nvdisps.dll 2009-06-10 08:34 3,516,960 a------- c:\windows\system32\nvgames.dll 2009-06-10 08:34 1,288,736 a------- c:\windows\system32\nvmobls.dll 2009-06-10 08:34 211,488 a------- c:\windows\system32\nvvsvc.exe 2009-06-10 08:34 195,104 a------- c:\windows\system32\nvmccss.dll 2009-06-10 08:34 13,785,632 a------- c:\windows\system32\nvcpl.dll 2009-06-10 08:34 768,544 a------- c:\windows\system32\nvsvc.dll 2009-06-10 08:34 143,360 a------- c:\windows\system32\nvshext.dll 2009-06-10 08:34 92,704 a------- c:\windows\system32\nvmctray.dll 2009-06-10 06:33 244,736 a------- c:\windows\system32\nvStInst.exe 2009-06-10 06:33 467,968 a------- c:\windows\system32\nvstlink.exe 2009-06-10 06:33 3,953,152 a------- c:\windows\system32\nvstwiz.exe 2009-06-10 06:33 141,824 a------- c:\windows\system32\nvStereoApiI.dll 2009-06-10 06:33 171,520 a------- c:\windows\system32\nvStereoApiI64.dll 2009-06-10 06:33 232,960 a------- c:\windows\system32\nvSCPAPISvr.exe 2009-06-10 06:32 257,536 a------- c:\windows\system32\nvSCPAPI.dll 2009-06-10 06:32 301,568 a------- c:\windows\system32\nvSCPAPI64.dll 2009-06-10 06:32 3,293,184 a------- c:\windows\system32\nvstres.dll 2009-06-10 06:32 5,847 a------- c:\windows\system32\oglstreg.reg 2009-06-10 06:31 167,424 a------- c:\windows\system32\nvstreg.exe 2009-06-10 06:31 1,718,272 a------- c:\windows\system32\nvsttest.exe 2009-06-10 06:31 1,034,752 a------- c:\windows\system32\nvstview.exe 2009-06-10 06:31 89,088 a------- c:\windows\system32\nvimage.dll 2009-06-10 06:29 1,656 a------- c:\windows\system32\nvstdef.reg 2009-06-10 06:03 10,379,264 a------- c:\windows\system32\nvoglv32.dll 2009-06-10 06:03 7,611,904 a------- c:\windows\system32\nvd3dum.dll 2009-06-10 06:03 3,148,288 a------- c:\windows\system32\nvwgf2um.dll 2009-06-10 06:03 1,704,960 a------- c:\windows\system32\nvcuda.dll 2009-06-10 06:03 1,317,408 a------- c:\windows\system32\nvcuvenc.dll 2009-06-10 06:03 989,696 a------- c:\windows\system32\nvapi.dll 2009-06-10 06:03 678,432 a------- c:\windows\system32\nvcuvid.dll 2009-06-10 06:03 457,248 a------- c:\windows\system32\nvudisp.exe 2009-06-10 06:03 151,552 a------- c:\windows\system32\nvcod155.dll 2009-06-10 06:03 151,552 a------- c:\windows\system32\nvcod.dll 2009-06-04 16:39 457,248 a------- c:\windows\system32\NVUNINST.EXE 2008-06-11 15:33 665,600 a------- c:\windows\inf\drvindex.dat 2008-05-29 16:29 174 a--sh--- c:\program files\desktop.ini 2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat 2008-10-28 13:15 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2008-10-28 13:15 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2008-10-28 13:15 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat ============= FINISH: 16:47:20.00 =============== Last edited by OverDoseD; 08-21-2009 at 11:03 AM. |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
08-22-2009, 07:27 AM
|
#2 (permalink) |
|
Registered User
Join Date: Dec 2008
Posts: 55
OS: Windows Vista Service Pack 1
|
Bump.
Great, now it's in my system 32 and Avast is telling me to do a full boot scan and reboot. That's going to take ages. I hate these automatic CMD that keep poping up. I can't stop them, I don't know what to do. I spotted what it said but it closed 2 seconds after. It ran some kind of "applicationwin32setup.exe" There was nothing in the cmd either, just that. |
|
|
|
|
| Thread Tools | |
|
|
