Member Panel

just recently bought a new computer (1month)
it was working fine for the first weeks. nothingh wrong
then computer started to get slower. and starts freezing and restarting randomly

i dont know if its my system or anything
help

system info :

Processor : Intel(R) Core(TM)2 CPU 6300 @ 1.8Ghz (2cpus)
Memory : 1022 MB Ram
Direct X : 9.0c

Display : GeForce 7600 GS (Dual)

my computer will randomy freeze or restart
when im just on AIM, Internet Explorer, or Photoshop.
any suggestions?

Hi
You have a few infection to remove.


Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe.Run the application.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd

Reboot your computer in Safe Mode.
If the computer is running, shut down Windows, and then turn off the power.
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe Mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
Login on your usual account.
Hi
You have a few infections....

Open the SmitfraudFix Folder, then double-click smitfraudfix.cmd file to start the tool.
Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection

The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.
A reboot may be needed to finish the cleaning process, if your computer does not restart automatically please do it yourself manually.
The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
===========================================
Download combofix from here.
**Save it directly to your desktop**
Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
=================================

Please download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.
Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".
Scan with DrWeb-CureIt as follows:

• Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
• Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
• Once the short scan has finished, Click Options > Change settings
• Choose the "Scan tab" and UNcheck "Heuristic analysis"
• Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
• Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
• When done, a message will be displayed at the bottom advising if any viruses were found.
• Click "Yes to all" if it asks if you want to cure/move the file.
• When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
  (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
• Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
• Save the DrWeb.csv report to your desktop.
• Exit Dr.Web Cureit when done.
• Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
• After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Please post:
c:\rapport.txt
combofix.txt
DrWeb.txt
A new HijackThis log
Your may need several replies to post the requested logs, otherwise they might get cut off

on the last steps
that program.

half way or not even close to it.
my computer keeps freezing
everytime

Ok.Lets see if we can get rid of a few of these bugs first

Open notepad and copy/paste the text in the quotebox below into it:

Save this as fix.bat Choose to "Save type as - All Files"
Double click on fix.bat & allow it to run
Then REBOOT! your system.



SHOW HIDDEN FILES AND FOLDERS.
To show hidden files instructions (WinXP)
Doubleclick My Computer | Tools | Folder Options | View tab
Select Show Hidden Files and Folders
Uncheck Hide extensions for known file types
Uncheck Hide protected operating system files (Recommended)
Select Apply to All Folders | Yes | Apply | OK

Open Windows Explorer and delete the following highlighted file/s
Also delete the following red folder/s

C:\Program Files\Common Files\{840E29A8-074A-1033-0713-061013060001}\Update.exe
C:\WINDOWS\system32\svchosts.exe
C:\WINDOWS\system32\zohgf.dll
C:\Program Files\Ipwindows\ipwins.exe
C:\PROGRAM FILES\COMMON FILES\fuzf\fuzfm.exe
C:\Program Files\Network Monitor\netmon.exe

Reboot and post a new HJT log