Here is my Log

Discussion in 'adware, spyware & hijack cleaning' started by Lubbock, Jun 12, 2004.

Thread Status:
Not open for further replies.
  1. Lubbock

    Lubbock Registered Member

    Joined:
    Jun 12, 2004
    Posts:
    2
    Ok followed instructions and used Adaware and so forth tried many other things as well.

    Problem is a invisble folder named /Systemvolume that cant be deleted and even Formatting wont remove it, it will just stop the Formatting.
    other then that there has been many other strange behavior, computer freezes up and i get message that lsass has been shut down so i will reboot in 30 seconds, i tried all the tricks i could to try and get my comp back to its lovable old self, but im no expert so hope for some help from here :'(

    D:\WINDOWS\System32\nvsvc32.exe
    D:\WINDOWS\system32\pctspk.exe
    D:\Programmer\Fælles filer\Softwin\BitDefender Communicator\xcommsvr.exe
    D:\Programmer\Fælles filer\Softwin\BitDefender Scan Server\bdss.exe
    D:\Programmer\Internet Explorer\iexplore.exe
    D:\Documents and Settings\Søren Petersen\Lokale indstillinger\Temporary Internet Files\Content.IE5\PDYZXKMV\HijackThis[1].exe
    D:\Programmer\Internet Explorer\iexplore.exe
    D:\WINDOWS\System32\taskmgr.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
    O1 - Hosts: 64.91.255.87 www.dcsresearch.com
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [MS Sound Config 16bit] sndcfg16.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avserve2.exe] D:\WINDOWS\avserve2.exe
    O4 - HKLM\..\Run: [BDMCon] D:\Programmer\Softwin\BitDefender Free Edition\\bdmcon.exe
    O4 - HKLM\..\Run: [BDNewsAgent] D:\Programmer\Softwin\BitDefender Free Edition\\bdnagent.exe
    O4 - HKLM\..\Run: [Microsoft Services] lsrv.exe
    O4 - HKLM\..\Run: [MS Autoloader 32] MSAuto32.exe
    O4 - HKLM\..\RunServices: [MS Sound Config 16bit] sndcfg16.exe
    O4 - HKLM\..\RunServices: [Microsoft Services] lsrv.exe
    O4 - HKLM\..\RunServices: [MS Autoloader 32] MSAuto32.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "D:\Programmer\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MS Sound Config 16bit] sndcfg16.exe
    O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
    O4 - HKCU\..\Run: [Microsoft Services] lsrv.exe
    O4 - HKCU\..\Run: [MS Autoloader 32] MSAuto32.exe
     
  2. LoPhatPhuud

    LoPhatPhuud Spyware Fighter

    Joined:
    Jul 19, 2003
    Posts:
    45
    Location:
    Albuquerque, NM
    Please post a complete HijackThis log in this thread for review.
     
  3. Lubbock

    Lubbock Registered Member

    Joined:
    Jun 12, 2004
    Posts:
    2
    But when i use the log save function this is all it saves o_O
     
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Maybe it is all that you see in the Windows, but the top part and most likely a chunk at the bottom are missing.

    From what I can see I would urgently advise to do an online virusscan, you will find several listed here: http://www.wilders.org/free_services.htm

    Regards,

    Pieter
     
Thread Status:
Not open for further replies.