sarahw

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Probably best to take out the memory and see if you have the same symptoms. Did you burn test the memory? Vista has a tool in 'Administrator Tools' or memtest.

Hi, I did want you to run both files (I looked and I accidentally omiited that part), but it seemed to have worked anyways. There is more to remove. Can you please post a fresh Hijack This log.

hi so you ran both files ok? can you please post a hijack this log please

the first on is like how it is two posts up. The last one starts with REGEDIT4. There is a line between each entry. No blank line above REGEDIT4. There are three lines in the first file There are four lines in the second file with a gap between each line. Does that make sense?

REGEDIT4 [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo] [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_MANG] [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Mang]

SWReg ACL HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo /GA:F SWReg ACL HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_MANG /GA:F SWReg ACL HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Mang /GA:F

Hi, Can you please run combofix again. Note: Post the log in the forum (Copy and paste the notepad contents into this thread, do not upload the txt file.

You are still infected, there are more things to do. Actually, to be more specific, you have a chinese rootkit. So it will take a few more posts. We need to delete a few entries from the registry. This can be dangerous so first we need to do a backup. Go to Start > Run Type: regedit Click OK. On the leftside, click to highlight My Computer at the top. Go up to "File > Export" Make sure in that window there is a tick next to "All" under Export Branch. Leave the "Save As Type" as "Registration Files". Under "Filename" put backup [*]Choose to save it to C:\ or somewhere else safe so that

Hi, Try this link: How To Speed Up Your PC

Hi, There are still some things we have to clear up Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Looks clean How is the computer running for you? Anthing out of the ordinary?

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below. O4 - HKCU\..\RunOnce: [spybotDeletingB9158] command /c del "c:\autorun.exe" O4 - HKCU\..\RunOnce: [spybotDeletingD8296] cmd /c del "c:\autorun.exe" O4 - HKCU\..\RunOnce: [spybotDeletingB1939] command /c del "C:\WINDOWS\wt\webdriver.dll" O4 - HKCU\..\RunOnce: [spybotDeletingD9138] cmd /c del "C:\WINDOWS\wt\webdriver.dll" O4 - HKCU\..\RunOnce: [spybotDeletingB1896] command /c del "C:\WINDOWS\wt\data.wts" O4 - HKCU\..\RunOnce: [spybotDeletingD2061] cmd /c del "C:\WINDOWS\wt\data.wts" Now close all windows

The worlds problems as I see them date back to the years immediatly after second world war with the Palestinian repartitioning and with the British pulling out of India creating a problem in areas like Kashmir. Then the French in Vietnam, and etc etc. With the British and French removing themselves from most of the world and the collapse of the Soviet Union the United States is now inserting itself into these countries in much the same fashion, economically with western buisnesses; military, with more than a hundred countries with US troops and bases and politically, with many puppet regimes s

Hi, Can you please read this article here and post a Hijack This log: http://www.besttechie.net/forums/index.php?showtopic=12175

Hi, Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected.

Hi, We'll have a look at both machines. We'll deal with the one stated above first. We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review.

Hi, Yes those files are important, only a couple are Malware. Can you please uninstall Spybot Search and Destroy. It is a good program but may impede our fix. We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review.

Hi, The post is old but still applies today. I will look into updating it a bit. Do you have any specific suggestions? Thanks,

Please download the Killbox by Option^Explicit. Note: In the event you already have Killbox, this is a new version that I need you to download. Save it to your desktop. Please double-click Killbox.exe to run it. Select: Delete on Reboot then Click on the All Files button. [*]Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy): C:\PROGRA~1\SUPPOR~1\Ping second.dll c:\windows\system32\dllreg.exe [*] Return to Killbox, go to the File menu, and choose Paste from Clipboard. [*]Click the red-a

Hi, Can you please uninstall Spybot Search and Destroy. Its a good program, but I want to remove it as it can affect our fix. Post back with a fresh Hijack This log when you have done this.

Hi, We seem to have removed a bit with that scan. Can you please rescan with Hijack This and post another log.

Hi, Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems Upgrading Java: Download the latest version of Java SE Runtime Environment (JRE) 6 Update 11. Click the "Download" button to the right. Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.". Click on Continue. Click on the link to d

Hi, If it is malware, it sounds like you are sending spam or ddos'ing something. We'll have a look around with a scan then running a tool: Please download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When