Serious problems after downloading a program

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

takka5734

Thread Starter
Joined
Dec 7, 2008
Messages
1
I recently downloaded a photo editing program from BitLord. The program was the one i wanted however after installing it, didnt dl anything else with it, my computer started to freeze up, got a blue screen a couple times, which never happened in the past year and a half. Then i would hear beeps, looked at task manager and saw IExplorer running, but no open windows. I heard music a few times. I then downloaded AntiSpywareBot, paid for the program, after it found over 400 infected files. Cleaned the files, rebooted, still having problems accessing the internet and just generally working on the computer.

I scanned again and found more infected files, i did this in regular windows mode and in safe mode, still issues. I then downloaded and installed Malwarebytes Anti-Malware, program and scanned found some files and deleted them. I remember when i helped others out that i used hijack-this and it helped. So far things seem ok but i saw stuff in the hijack-this log that didnt look so kosher, since I am not anywhere near an expert I just did a scan and created a log file and figured i would post it and see if there are still issues. This is the first time in the last few days i am able to get online and use the internet w/o the laptop freezing up. At one point i was also unable to access the registry, i got an error saying that the admin did not allow access, but i log in with admin priveledges, odd. Well i am now able to access the regedit function. But then i get a windows nt message saying the computer will shutdown in 30seconds, but it doesnt shut down, just locks up now and then.

I have Dell D505 laptop, running Windows XP, SP2. I hope this is enough information for someone to assist. If you need more info please let me know.

Here is the HijackThis log file:
--------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:21:55 AM, on 12/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [Npudehejonuquc] rundll32.exe "C:\WINDOWS\ajehezus.dll",e
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1116246682074
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://www.miamibehavioral.com/remote/misc/msrdp.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://www.delreyhotel.com/english/key_largo_bar/webcam/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{41B1ECA8-9033-4ADE-BE31-85133F2FFB31}: NameServer = 85.255.116.164;85.255.112.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{945B32C0-4D03-44E8-BCDF-C6200A6896B0}: NameServer = 85.255.116.164;85.255.112.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF196358-55AE-4E3F-B3EB-B6852047CF58}: NameServer = 85.255.116.164;85.255.112.131
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.164;85.255.112.131
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.164;85.255.112.131
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.164;85.255.112.131
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL quhoqw.dll
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 4157 bytes

--------------------------------------------------------------------------------------------------

Thank you in advance, your support is much appreciated.

Yitzi
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top