PDA

View Full Version : 9qqigqwf.exe problem ( With dds Log )



discjocky
2010-09-16, 18:31
Hi, For sure i got infected now with 9qqigqwf.exe my program stop to work when i click them saying "handle" something...

Here is the DDS log :


DDS (Ver_10-03-17.01) - NTFSx86
Run by n at 17:23:03.03 on Thu 09/16/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1255.972.1033.18.2039.1427 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\SPYWAR~3\SpywareTerminatorShield.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.il/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SpywareTerminator] "c:\progra~1\spywar~3\SpywareTerminatorShield.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [TrayServer] c:\program files\magix\movie_edit_pro_15_plus_download_version\TrayServer.exe
mRun: [FixCamera] c:\windows\FixCamera.exe
mRun: [snpstd3] c:\windows\vsnpstd3.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} - hxxp://www.tapuz.co.il/irc/main/launcher.cab
TCP: {969F9DD6-67FF-42F3-85AC-6A5DD183E460} = 212.143.212.143 194.90.1.5
Notify: igfxcui - igfxdev.dll
mASetup: {86F75A96-FEC0-DEEF-7E10-CBB57E594CE9} - c:\windows\system32\system32\system32.exe s

============= SERVICES / DRIVERS ===============

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-8-8 142592]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2010-2-3 12672]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-9-16 38224]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-25 1684736]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2010-2-27 1527900]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-2-3 42112]

============== File Associations ===============

regfile="regedit.exe" "%1"

=============== Created Last 30 ================

2010-09-17 00:22:56 525824 ----a-w- C:\dds.scr
2010-09-17 00:11:33 0 d-----w- c:\docume~1\n\applic~1\Malwarebytes
2010-09-17 00:11:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-17 00:11:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-17 00:11:23 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-17 00:11:23 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-09-17 00:09:31 6153352 ----a-w- C:\mbam-setup-1.46.exe
2010-09-17 00:02:37 3845701 ----a-w- C:\ComboFix.exe
2010-09-16 21:44:57 2133536 ----a-w- C:\avg_free_stb_all_9_115_cnet.exe
2010-09-16 00:04:20 74881388 ----a-w- C:\MCATP2009.rar
2010-09-15 00:56:57 0 d-----w- c:\windows\system32\NtmsData
2010-09-14 06:13:14 0 d-----w- c:\docume~1\n\applic~1\ProgSense
2010-09-14 06:13:08 0 d-----w- C:\downloads
2010-09-14 06:13:08 0 d-----w- c:\docume~1\n\applic~1\GrabPro
2010-09-13 21:57:17 0 d-----w- C:\install
2010-09-09 16:18:28 0 d-----w- c:\docume~1\n\applic~1\HotBounce
2010-09-09 16:18:25 0 d-----w- c:\program files\HotBounce
2010-09-08 05:11:10 0 d-----w- c:\program files\HeadOverHeels
2010-09-06 05:44:51 0 d-----w- C:\Disc Images
2010-09-06 05:44:48 0 d-----w- C:\My Record
2010-08-23 04:34:40 128 ----a-w- c:\documents and settings\n\default.pls
2010-08-21 02:15:39 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-21 02:15:39 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-21 02:15:39 0 d-----w- c:\program files\OpenAL
2010-08-21 02:15:20 0 d-----w- c:\docume~1\n\applic~1\flightgear.org
2010-08-21 02:11:43 0 d-----w- c:\program files\FlightGear
2010-08-20 01:54:04 0 d-----w- c:\program files\MyPlayCity.com
2010-08-20 01:32:18 0 d-----w- c:\program files\Sonic the Hedgehog

==================== Find3M ====================


============= FINISH: 17:24:20.37 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 08/08/2009 22:22:38
System Uptime: 16/09/2010 12:20:19 (5 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | 945GCM-S2L
Processor: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz | Socket 775 | 2200/200mhz
Processor: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz | Socket 775 | 2200/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 19 GiB total, 3.218 GiB free.
D: is FIXED (NTFS) - 38 GiB total, 1.519 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}
Description: Communications Port
Device ID: ACPI\PNP0501\1
Manufacturer: (Standard port types)
Name: Communications Port (COM1)
PNP Device ID: ACPI\PNP0501\1
Service: Serial

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

AAC Decoder
Ableton Live v7.0.1
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Premiere Pro Tryout
Adobe Reader 9.3.4
Adobe Shockwave Player 11.5
Adventure in Numberland
Anim-FX
Animal World
Antares Autotune VST v5.09
ASIO4ALL
AutoUpdate
Avanquest update
Blue Cat's Chorus VST 3.61
Blue Cat's Flanger VST 2.61
Blue Cat's Freeware Pack VST 1.21
Blue Cat's FreqAnalyst VST 1.51
Blue Cat's Gain Suite VST 2.41
Blue Cat's Phaser VST 2.61
Blue Cat's Stereo Chorus VST 3.61
Blue Cat's Stereo Flanger VST 2.61
Blue Cat's Triple EQ VST 3.51
Canon MX310 series
CCleaner (remove only)
ClubDJ ProDJ v2.2.4.1
CPUID CPU-Z 1.53.1
Data Access Objects (DAO) 3.5
Debut Video Capture Software
Digger XP
DivX Converter
DivX Plus DirectShow Filters
DivX Version Checker
eMedia
Firebird SQL Server - MAGIX Edition
First Steps
FL Studio 9
FlashFXP v3
FlightGear v1.9.0
Free DVD Burner version 3.0
GoldWave v5.52
H.264 Decoder
Hardcore
HijackThis 2.0.2
HostingDude.com Domain Name Analyzer
HotBounce Surprise Maker (3.5.0.0)
ICQ6.5
Icy Tower v1.4
IL Download Manager
IncrediFlash Intro and Banner Studio 2.0(remove only)
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 16
K-Lite Mega Codec Pack 5.7.0
LimeWire 5.4.8
MAGIX 3D Maker (embeded)
MAGIX Movie Edit Pro 15 Plus Download version 8.0.5.8 (UK)
MAGIX Screenshare 4.3.6.1987 (UK)
mako_LIVE Toolbar
Malwarebytes' Anti-Malware
Marble Lines 1.1.0
Media Downloader
Melodyne plugin
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - HEB
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MixMeister BPM Analyzer 1.0
MKV Splitter
Motorola Phone Tools
MP3 Remix for Windows Media Player
MSVCRT
MSXML 6.0 Parser (KB933579)
Nero 9.0.9.4 Lite
NeroVision Express 3
neroxml
NSIS HeadOverHeels (remove only)
OpenAL
PC Camera
PhotoFiltre Studio X
PoiZone
Prism Video Converter
RayV
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Reason 4.0
ReCycle 2.1.2
RegAlyzer
Renoise 1.9.0
Sakura
Samplitude 11
Sawer
Segoe UI
SolFileFinder
Sonic the Hedgehog
Sothink FLV Player
Spybot - Search & Destroy
Spyware Terminator
SpywareBlaster 4.2
Steinberg Cubase v4.1.3
T-RackS 3 Deluxe
Take It Easy
TLN eMule Booster MOD
Toxic Biohazard
TULI
USB PC Camera-168
VC80CRTRedist - 8.0.50727.762
Virtual DJ - Atomix Productions
Virtual Plastic Surgery Software - VPSS v1.0
VLC media player 1.0.2
WaveLab 6
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Imaging Component
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Encoder 9 Series
Windows Media Format Runtime
Windows Media Player 10
WinRAR archiver
WYSIWYG Web Builder 6
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
XviD4PSP 5.0
Yawcam v0.3.0
Zoo Tycoon 2

==== End Of File ===========================

Edit
[I]For future reference:
'attach.txt' should be zipped using Windows native zip utility and attached to your post ;)

shelf life
2010-09-21, 01:28
hi discjocky,

Your log is a few days old. If you still need help simply reply back.