bwear

Members
  • Content Count

    31
  • Joined

  • Last visited

About bwear

  • Rank
    Full Member
  1. Thanks, Steamhead! Below is the activescan report. Incident Status Location Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Ben Wear\Cookies\ben wear@belnk[1].txt
  2. Hey Steamhead, First of all, thanks for the help. It seems that the AVG quarantining of various files has fixed the blue screen problem. I have been working now for about 2.5 hours without any issues. I would like to continue with anything else that you recommend just to be sure and clean everything out. Thanks again, Ben
  3. Both of these logs are from runs in Safe Mode... can't keep the computer in Normal Mode for long without the blue screen. Thanks! --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 8:46:35 AM 7/9/2007 + Scan result: C:\Documents and Settings\bwear\Local Settings\Temporary Internet Files\Content.IE5\7KR0G75E\file[1].exe -> Downloader.Small.evy : Cleaned. C:\WINDOWS\system32\~.exe -> Downloader.Small.evy : Cleaned. D:\ARCHIVE\Application Archive\system utils\NSW 2005\rar-ed\Nort
  4. My computer started locking up and going to the blue screen today. Below is a hijack this log. I ran spybot and adaware. Thanks so much for your help in advance!!! You guys rock! Logfile of HijackThis v1.99.1 Scan saved at 10:14:45 AM, on 7/5/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.ex
  5. I reinstalled both programs and that cleared up the problem. New Hijack Log below... Logfile of HijackThis v1.99.1 Scan saved at 8:03:46 AM, on 10/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\WLTRY
  6. I'll go ahead and reload both of those programs tonight.
  7. Removed "Search Assist", went back and tried, still got hijacked. Went back and removed "URL Assist" and that seems to have done the trick as far as the hijacking goes. Thanks!! Any ideas on the one program requesting Install CDs for another? I've never seen that before.
  8. OK, did that... Still getting hijacked. Tried www.cnn.com... goes to the proper website for a few seconds, then get's hijacked to the Dell Google Search site with this message "Sorry, we couldn't find http://ads.cnn.com/html.ng/site. Here are some related websites: "
  9. ACDSee 8 Ad-Aware SE Personal Adobe Acrobat 7.0.8 Standard Adobe Bridge 1.0 Adobe Common File Installer Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Stock Photos 1.0 ALPS Touch Pad Driver ArcGIS ArcInfo Workstation ArcGIS Desktop ArcGIS License Manager ArcGIS Tutorial Data AutoCAD 2007 - English Autodesk DWF Viewer AVG Anti-Spyware 7.5 AVI Codec Pack Azureus Broadcom Advanced Control Suite Broadcom TPM Driver Installer CC_ccStart ccCommon Conexant HDA D110 MDC V.92 Modem Dell Embassy Trust Suite by Wave Systems Dell Wireless WLAN Card Digital Line Detect Document Manager Lite DVD Shrink 3.2
  10. WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding. If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly. »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Logfile created on: 10/9/2006 7:47:42 AM WinPFind v1.5.0 Folder = C:\WinPFind\ Microsoft Windows XP Service Pack 2 (Version = 5.
  11. Yes, I did run the Smitfraudfix. My browser still seems to be getting hijacked, but only on certain websites and it tries to go somewere that's it can't find (Sorry, we couldn't find http://ad.doubleclick.net/adi/fandango.dart/homepage%3Bsz), so I get sent to Dell Google page. Also, when I try to open one software package (ArcGIS), it asks me for the CDs for another software package (AutoCAD) before the first one will open....I feel I may need to reinstall both of these software packages. Thanks! Logfile of HijackThis v1.99.1 Scan saved at 4:36:00 PM, on 10/8/2006 Platform: Windows XP SP2 (Win
  12. Incident Status Location Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Ben Wear\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
  13. Hey Rock, thanks for the quick reply!! I ran some of the software that you suggested in another guys recent posting (vcodec-related, which is what I think got me) as well as what you had me do with the desktop... and deleted several directories that looked related to the problem. so I hoped I saved you some time. I'm scanning now...will post when done. Thanks again!
  14. Got the desktop cleaned up, now it's the laptop. Thanks in advance for any help! Logfile of HijackThis v1.99.1 Scan saved at 9:30:27 AM, on 10/8/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\WLTRYSVC.E