big fatso worm & kelvir A or variant

My son's computer keeps freezing.
We have run stinger antivirus, trend pcillin, amd mcafee. AVG freezes before completing its run.
We have deleted xp and installed xp2 but the system still freezes.
Can you help?
Many thanks-nypdblue

 

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Hi..I'm back.
Hijack this log attached as requested.
I really appreciate you taking the time to look at this for me.
Kind regards, nypdblue

 

You did the three things I just said dont do!

First:
Please update your version of Hijack This.

• Hijack This 1.99.1

Second:
Please EXTRACT HijackThis from the ZIP File to a Safer location. Here's how:

To create a new folder:
Click START > My Computer > Local Disc C: > Program Files
Now, RightClick on an Empty Area and select New > Folder & name it HijackThis and ENTER

To Extract HijackThis:
Now, Right Click your HijackThis ZIP File and select Extract All > Next > and browse to your newly created HijackThis Folder
(C:\Program Files\HJT) and click Next.

The reason HJT needs its own safe folder is so that backups will be safely preserved. That way, if a mistake is made in the removal process, the mistakenly deleted entry can be restored.

Third:
You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

• C:\DOCUME~1\jenny\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

After doing ALL of the above, scan with HJT and attach a new log using the new version.

 

Hi again.

Please bear with me on this as I am not very computer literate. I have tried follow your instructions and I hope I got it right this time.

Many thanks for you patience, understanding and assistance.

nypdblue

 

Please pay attention to my post, you did not do what I requested. Read the second step.

C:\DOCUME~1\MICHAE~1.MIC\LOCALS~1\Temp\Temporary Directory 7 for hijackthis.zip\HijackThis.exe


Please EXTRACT HijackThis from the ZIP File to a Safer location. Here's how:

To create a new folder:
Click START > My Computer > Local Disc C: > Program Files
Now, RightClick on an Empty Area and select New > Folder & name it HijackThis and ENTER

To Extract HijackThis:
Now, Right Click your HijackThis ZIP File and select Extract All > Next > and browse to your newly created HijackThis Folder
(C:\Program Files\HJT) and click Next.

The reason HJT needs its own safe folder is so that backups will be safely preserved. That way, if a mistake is made in the removal process, the mistakenly deleted entry can be restored.

After doing this, attach a fresh HJT log.

 

Greetings from down under,

Hopefully I got it right this time.

Thank you so much again for your patience and assistance.

nypdblue

 

Scan with HijackThis and Check the Boxes for the following:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://payloadz.com/go/sip?id=51811

Make sure All Browser Windows are Closed when you Click FIX.

You log isnt bad at all, are you still having those problems?

If you still think its a virus, run these online scans posting you results.


TrendMicro Online Scan
Bitdefender online scan
RavAntivirus online scan <-- select Auto Clean then click Scan My PC
TrojanScan online scan

 

Sorry to be so long getting back to you and thanks again for all your help to date. I am satisfied that I have removed all viruses but the computer still keeps crashing. My son suggested it might be a hardware problem and decided we should reformat the hard drive and do a fresh reinstall of xp2. I did that but the system still crashes sporadically. The information on the xp2 disc was 38163mb and the partition size was 38162.2mb - Could this what is causing the problem?

 

I'm sorry to hear you had to format and start over. This will be a question for the Hardware Forum. Please post your problem in there and those guys will get you fixed up. If you like I can move this thread there for you.

Let me know!

 

Thank you so much for your help to date. Please redirect this thread to the hardware forum as per your kind offer. "You are a tank!" Kind regards from Sydney.

 

Okay! Just so the users in the Hardware Forum can get an idea of whats going on, drop them a message letting them know whats going on.

Moved as per your request!

Good Luck!

 

Hi nypd,can you post the system specs of your comp in as much detail as possible and describe the freeze in as much detail as possible.what happens on screen,is there a particular program that it always freezes in,is the amount of time different between freezes,does it freeze when left idle on the desktop,how long have you had the comp,when did the prob start,did you install any hardware when the problem started.

Did the problem start after installing SP2,have you tried running it without SP2?

 

The problem started after my daughter downloaded some music. This was some time ago.

I did a complete clean and reinstall but the system continues to freeze sporadically. There is not a particular program that causes it to freeze. I am attaching system specs to see if this will help..

Many thanks for your time and input. It is appreciated.
Kind regards,

nypdblue

 

have a look at this thread,do as shaodowputer dude says on disabling auto restart

http://forums.majorgeeks.com/showthread.php?t=73217

I see you have quite a bit of software installed,have you tried removing them one by one to root out the problem?Did you have the problem in a basic xp sp2 install/

I also cant see a firewall there,dont use the built in windows firewall,disable it and install one of these

http://forums.majorgeeks.com/showthread.php?t=44525