TechSpot

Major Issues

By SwimChao
Aug 10, 2008
Topic Status:
Not open for further replies.
  1. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Like, do the other steps then tonight when I goto bed. Would it be smart to leave it to run throughout the night?
  2. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,214

    yes if you never done it, it can take a long time
  3. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Thanks alot, Daniel! Do you want me to post anything after I've completed all of the cleanings?

    Thanks to you too Dragon!
  4. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,214

    once you finish everything update your avast and run a full scan. Then post back what it finds to make sure we are done
  5. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Alright, when I started up after OTCleanit! msconfig DID startup and it had a quicktime thing called "qttask.exe". I went to uncheck it and apply, and it said this had to be done on an account with administrative abilities (Or something)

    Is this because, as Blind Dragon said, the old msconfig was not the real one (Or something like that..?) and that's why I could do things like that. If not, maybe you could have an explanation?

    Also, how would I make this account have said abilities to do that, it's the only account on the computer (Except admin in safe mode) and the only one I use.
  6. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Also, should I delete other tools used in this process?

    CWShredder and VirtumondoBegone <-- (Last one was suggested by someone before I came here)

    And any answer to the post above?
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    An exercise in patience would get you further. There are many who need help with problems. The helpers can't always get right back to you. You will be answered.
  8. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    I apologize. I actually meant the post to be about the existing tools left on my computer. I just threw the last part in so it wouldnt' be disregarding the above post.
  9. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,214

    yes OTMoveIt2 should remove all of that if not remove it by deleting it
  10. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Thanks, Daniel. Will do. Did you have any idea about the msconfig admin thing? (<- Very descriptive)
  11. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,214

    go to control panel and user accounts then change your account type to admin
     
  12. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    It says I am already admin. Weird why when I close msconfig it says "An access Denied error was returned while attempting to change a service. You may need to log on using an Administrator account to make the specified changes."

    I didn't even try to change anything.

    Sorry for so many problems, thanks in advance
  13. xxdanielxx

    xxdanielxx TS Rookie Posts: 1,214

    post a fresh hijackthis log something is not right
  14. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Daniel, I've attached the log.

    Standing by for future orders.
  15. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    java is out of date and I saw some things in CF that probably should have been removed
  16. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    I'm completely under control of the two of you, just tell me what to do to start/continue fixing the problem and I will do it
  17. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    [​IMG]Update your Java Runtime Environment

    • First try going to Start -> Control Panel -> double click Java
    • Select the Update Tab at the top of the Java console
    • Click the Check for Updates button at the bottom
    • If it finds the newer version (Java 6 Update 7) Follow the on screen instructions (uncheck the yahoo toolbar option)
    • After it installs the newest version Go back to Control Panel -> Add/remove programs (programs and features in vista)
    • Uninstall any older versions of Java

    ====================================================

    [​IMG]Combofix
    • Download Combofix to your desktop.
    • Double click combofix.exe & follow the prompts.
    • A window will open with a warning.
    • When the scan completes it will open a text window. Please attach that log back here
    Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

    Combofix will automatically save the log file to C:\combofix.txt
  18. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Blind Dragon, I've attached the log as asked.
    Waiting for your next orders.
  19. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    going through your log did you install mIRC yourself?
  20. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Yes, I haven't uninstalled it. I used it for a couple days, but left it. Only using it now and then.
  21. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    Ok, before I finish your script I need you to upload these and post the results back here

    C:\Documents and Settings\BESTBUY\LOCALSYSTEM\Temp\asbp2poa.sys
    C:\WINDOWS\System32\drivers\dqaohaqg.sys
    C:\Documents and Settings\BESTBUY\LOCALSYSTEM\Temp\osymids.sys
    C:\Documents and Settings\BESTBUY\LOCALSYSTEM\Temp\whidclas.sys



    Upload a File to Virustotal
    Please visit Virustotal found HERE
    • Click the Browse... button
    • Navigate to the file See each file listed above
    • Click the Open button
    • Click the Send button
    • Copy and paste the results back here please.
  22. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Blind Dragon, In my Documents and Settings folder, there is no BESTBUY, there is a Bestbuy but inside there is no LOCALSYSTEM folder. I will upload the system32 file while I wait for your response.
  23. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    Scratch that -- I can't find those folders/files where they say they are.. Any suggestions?
  24. Blind Dragon

    Blind Dragon TS Evangelist Posts: 4,048

    in XP click tools -> folder options -> view tab -> check show hidden files and folders
  25. SwimChao

    SwimChao TS Rookie Topic Starter Posts: 106

    I did as you've directed but I still don't said files.
    Waiting for your next orders.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.