pop ups

Not sure if that has to do with how old it may be or not..the create date is july 10th of this year (not to old) but, maybe thats why nothings happening...... Still hasn't said anything about combofix being to old of a version though and i've read that on several other sites stating the same thing that you did....hmm i wonder why.

 

a new version of combofix is ready.
you can delete your old version like this:

go to start>run and type in combofix /u

hit the space bar after typing the x and before the /
---------------------
then get and run the updated version of combofix and post the new log:

http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe

 

seems like it picked up all those files this time take a look.






ComboFix 07-11-19.3 - Cyrus 2007-11-21 20:58:05.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1499 [GMT -5:00]
Running from: I:\ComboFix.exe
* Created a new restore point
.

Unable to gain System Privileges

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\qttss.ini
C:\WINDOWS\system32\qttss.ini2
C:\WINDOWS\system32\ssttq.dll

.
((((((((((((((((((((((((( Files Created from 2007-10-22 to 2007-11-22 )))))))))))))))))))))))))))))))
.

2007-11-20 18:30 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-11-20 18:16 <DIR> d-------- C:\VundoFix Backups
2007-11-18 21:03 <DIR> d-------- C:\COMBOFIX OLD LOGS
2007-11-18 19:30 <DIR> d-------- C:\Documents and Settings\Cyrus\Application Data\vlc
2007-11-18 18:42 1,690 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-18 15:07 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-11-17 23:15 36,352 --a------ C:\WINDOWS\system32\ssqnkjg.dll
2007-10-31 19:37 <DIR> d-------- C:\Program Files\Xtreme Desktop
2007-10-31 19:37 554,776 --a------ C:\WINDOWS\system32\olelib.tlb
2007-10-31 19:37 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2007-10-31 17:35 <DIR> dr-h----- C:\Documents and Settings\Cyrus\Application Data\SecuROM
2007-10-31 17:35 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-10-31 17:09 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-10-31 17:09 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-10-31 17:09 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-10-28 12:30 <DIR> d-------- C:\Program Files\Skype
2007-10-28 12:30 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-10-28 12:30 <DIR> d-------- C:\Documents and Settings\Cyrus\Application Data\Skype
2007-10-28 12:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-10-27 19:24 5,387 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-22 03:31 184,694,816 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-22 02:03 2,169,596 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-22 01:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-21 22:40 --------- d-----w C:\Documents and Settings\Cyrus\Application Data\AVG7
2007-11-18 03:26 --------- d-----w C:\Documents and Settings\Cyrus\Application Data\BitTorrent
2007-11-15 00:22 --------- d-----w C:\Program Files\Soulseek
2007-10-28 00:24 --------- d-----w C:\Program Files\Java
2007-10-20 01:30 --------- d-----w C:\Documents and Settings\Cyrus\Application Data\Ventrilo
2007-10-20 01:28 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-10-20 01:02 --------- d-----w C:\Documents and Settings\Cyrus\Application Data\Azureus
2007-10-16 00:20 --------- d-----w C:\Program Files\Abandoned Castle Studios
2007-10-13 00:59 --------- d-----w C:\Program Files\SpywareBlaster
2006-11-04 20:49 1,355,912 ----a-w C:\Program Files\install_flash_player.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBB05D9E-0297-404D-A6BF-D8F2876B84A6}]
2007-11-17 23:15 36352 --a------ C:\WINDOWS\system32\ssqnkjg.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-10-24 16:10]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-16 09:15]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 12:31]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 20:42 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"WinampAgent"="C:\Winamp\winampa.exe" [2006-06-21 12:14]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-17 18:18]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 20:54]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-28 12:06]
"NvCplDaemon"="RUNDLL32.exe" [2006-02-28 07:00 C:\WINDOWS\system32\rundll32.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-28 12:06]

[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{BBB05D9E-0297-404D-A6BF-D8F2876B84A6}"= C:\WINDOWS\system32\ssqnkjg.dll [2007-11-17 23:15 36352]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\ssttq.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2006-08-14 00:07 102400 --a------ C:\Program Files\Roxio\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-07-31 08:00 1116920 --a------ C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2006-08-10 11:10 221184 --a------ C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

R1 BIOS;BIOS;\??\C:\WINDOWS\system32\drivers\BIOS.sys
R1 BS_I2cIo;BS_I2cIo;\??\C:\WINDOWS\system32\drivers\BS_I2cIo.sys
R1 DLARTL_M;DLARTL_M;C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-21 22:31:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-21 22:32:49 - machine was rebooted
.
--- E O F ---

 

hi,

ok, all looking good on your end now?

echoreply

 

Seems like everythings working pretty good again, pop ups have stopped although coincedentaly i'm having problems with my pc just shutting off randomly...seems to be linked to when i'm using alot of processes or using "heavy pc usage" processes..this may be a hardware issue such as my powersupply or whatever i'll check it out.

I guess i'll just run a few other scans for any remaining viruses maybe pick up panda virus scan i've heard alot of good things about it and have been recommended it a few times.

I appreciate your help echo many thanks and i'll post up one last HJT log just to make sure you don't see anything else between that and the previously posted combo fix log.

Well nvm on that HJT log...won't work for some reason keeps freezing up..really having some power problems i'll have to buy an new power supply or something...

Thanks though for the help