Jump to content


Photo

wow, cool web is amazing..


  • Please log in to reply
1 reply to this topic

#1 chester

chester

    Member

  • New Member
  • Pip
  • 2 posts

Posted 03 July 2004 - 11:31 PM

everyone has been posting about this new cool web variant. Im not gonna blast you with ihjack this logs cause its all the same thing, evetrything, except for the random names. I just need someone I can send a filemon log to so they can see what it is doing, and hopefully decipher what I cant.
I guess what im tryin to ask you is...what the fudge is this piece of crap doing on my computer..

109815 12:17:12 AM apibq32.exe:300 WRITE C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 65536
109816 12:17:12 AM apibq32.exe:300 WRITE C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 65536 Length: 25600
109817 12:17:12 AM apibq32.exe:300 SET INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS FileBasicInformation
109818 12:17:12 AM winlogon.exe:640 DIRECTORY C:\WINDOWS SUCCESS Change Notify
109819 12:17:12 AM apibq32.exe:300 CLOSE C:\WINDOWS\system32\crqa.dll SUCCESS
109820 12:17:12 AM apibq32.exe:300 CLOSE C:\WINDOWS\jqbqkz.dat SUCCESS
109821 12:17:12 AM apibq32.exe:300 OPEN C:\ SUCCESS Options: Open Directory Access: All
109822 12:17:12 AM apibq32.exe:300 DIRECTORY C:\ SUCCESS FileBothDirectoryInformation: windows
109823 12:17:12 AM apibq32.exe:300 CLOSE C:\ SUCCESS
109824 12:17:12 AM apibq32.exe:300 OPEN C:\WINDOWS\jqbqkz.dat SUCCESS Options: Open Access: All
109825 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Attributes: A
109826 12:17:12 AM apibq32.exe:300 SET INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS FileBasicInformation
109827 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109828 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 256
109829 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 64 Length: 256
109830 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 21318 Length: 256
109831 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 168 Length: 256
109832 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 24075 Length: 256
109833 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 31481 Length: 256
109834 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 4185 Length: 256
109835 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90203 Length: 256
109836 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 128 Length: 256
109837 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 77272 Length: 256
109838 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 4182 Length: 256
109839 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1552 Length: 256
109840 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 7174 Length: 256
109841 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 83136 Length: 256
109842 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 24289 Length: 256
109843 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 512 Length: 256
109844 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 9129 Length: 256
109845 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 200 Length: 256
109846 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90624 Length: 512
109847 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 84460 Length: 256
109848 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 84569 Length: 256
109849 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 63516 Length: 256
109850 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 78960 Length: 256
109851 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 43692 Length: 256
109852 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 80104 Length: 256
109853 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 69944 Length: 256
109854 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90106 Length: 256
109855 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 128 Length: 256
109856 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 15360 Length: 256
109857 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 4183 Length: 256
109858 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 86452 Length: 256
109859 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 83766 Length: 256
109860 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 88108 Length: 256
109861 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1026 Length: 256
109862 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 70400 Length: 256
109863 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90558 Length: 256
109864 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 85245 Length: 256
109865 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 89228 Length: 256
109866 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1156 Length: 256
109867 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 7564 Length: 256
109868 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 89473 Length: 256
109869 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 86412 Length: 256
109870 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90162 Length: 256
109871 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 43385 Length: 256
109872 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 42833 Length: 256
109873 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 3892 Length: 256
109874 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 39504 Length: 256
109875 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 43917 Length: 256
109876 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 6440 Length: 256
109877 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1099 Length: 256
109878 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 83197 Length: 256
109879 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 82136 Length: 256
109880 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 84992 Length: 256
109881 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90325 Length: 256
109882 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90306 Length: 256
109883 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 84547 Length: 256
109884 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 7172 Length: 256
109885 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 512
109886 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109887 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 64 Length: 512
109888 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 2
109889 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 256 Length: 2
109890 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109891 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 256 Length: 512
109892 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 504 Length: 40
109893 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109894 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 544 Length: 40
109895 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109896 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 584 Length: 40
109897 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109898 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 512
109899 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 256 Length: 1024
109900 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109901 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109902 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 504 Length: 40
109903 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 544 Length: 40
109904 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 584 Length: 40
109905 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 512
109906 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 89088 Length: 512
109907 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 512 Length: 512
109908 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90112 Length: 512
109909 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90624 Length: 512
109910 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 89600 Length: 512
109911 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90112 Length: 512
109912 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 59904 Length: 512
109913 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 60416 Length: 512
109914 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 65024 Length: 512
109915 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 64000 Length: 512
109916 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 7680 Length: 512
109917 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1024 Length: 512
109918 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1536 Length: 512
109919 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 2048 Length: 512
109920 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 2560 Length: 512
109921 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 87040 Length: 512
109922 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 87552 Length: 512
109923 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 88064 Length: 512
109924 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 88576 Length: 512
109925 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1024 Length: 512
109926 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90624 Length: 512
109927 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109928 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109929 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109930 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109931 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109932 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 4096
109933 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 87040 Length: 4096
109934 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 4096
109935 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 512
109936 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 256 Length: 1024
109937 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109938 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109939 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109940 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109941 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\WINDOWS\jqbqkz.dat SUCCESS Length: 91136
109942 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 64
109943 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 256 Length: 248
109944 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 504 Length: 120
109945 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 89376 Length: 2048
109946 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 0 Length: 1024
109947 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 1024 Length: 89088
109948 12:17:12 AM apibq32.exe:300 READ C:\WINDOWS\jqbqkz.dat SUCCESS Offset: 90112 Length: 1024
109949 12:17:12 AM apibq32.exe:300 OPEN C:\ SUCCESS Options: Open Directory Access: All
109950 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\ SUCCESS Attributes: DHSA
109951 12:17:12 AM apibq32.exe:300 QUERY INFORMATION C:\ SUCCESS FileFsAttributeInformation


sorry fer the spam..

-chest

#2 PGPhantom

PGPhantom

    Superman of SWI

  • Emeritus
  • PipPipPipPipPip
  • 3,494 posts

Posted 31 August 2004 - 12:32 PM

Due to the time passed ...
  • HijackThis ...
    • Double click on "My Computer" to open it.
    • Double click on the local "C-Drive" to open it.
    • Click on "File" => "New Folder" and name it HJT. i.e. The folder will be C:\HJT.
    • Please download HijackThis from any of the following locations:
    • spywareinfo.com
    • subratam.org
    • tools.zerosrealm.com
  • Install/Unzip it into C:\HJT.
  • Only run HijackThis from C:\HJT\HijackThis.exe. That way we can ensure that we have the backup files available in the event that they are needed.
  • Run HijackThis, click on scan and wait for the scan to finish.
  • The "Scan" button will change to "Save Log", click on it and simply press "Save" on the window that will appear.
  • Notepad will open with a copy of the log.
    • Click on "Edit" => "Select All".
    • Click on "Edit" => "Copy". This will copy the contents of the Notepad instance to the clipboard.
  • Please post your entire log here for analysis.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button