Thread: Constant Ads And Trojans
View Single Post
Old 04-22-2007, 10:11 PM   #1 (permalink)
C0mputerl0ser
Registered User
 
Join Date: Apr 2007
Posts: 14
OS: Windows XP


Constant Ads And Trojans
Hi, and thanks for spending some time helping me. I have just started getting many ads every mintue or so. Also, I am using AVG and i am starting to get many virus trojan detected.

Here is my HiJackThis Log:

Quote:
Logfile of HijackThis v1.99.1
Scan saved at 9:00:01 PM, on 4/22/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\GoGoData.com\GoGoData Toolbar\GoGoTray.exe
C:\PROGRA~1\GoGoData.com\GOGODA~1\ADBUST~1.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wpabaln.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\HijackThis\analyse.exe.exe

O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\System32\frmkjctj.dll (file missing)
O2 - BHO: GoGoData AdBuster - {3EB9C349-7473-48AC-A59B-42F31751974B} - C:\PROGRA~1\GoGoData.com\GOGODA~1\TOMAHA~1.DLL
O2 - BHO: (no name) - {3F9D0C61-737D-44D1-BD80-91AF857061CC} - C:\WINDOWS\System32\fccaxya.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {AF495B35-1613-4F48-9DDF-F0A36ADFF83D} - C:\WINDOWS\System32\gebcb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: GoGoData AdBuster - {3EB9C349-7473-48AC-A59B-42F31751974B} - C:\PROGRA~1\GoGoData.com\GOGODA~1\TOMAHA~1.DLL
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\updater.exe 61A847B5BBF72810329B385473F001F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [GoGoTray.exe] C:\Program Files\GoGoData.com\GoGoData Toolbar\GoGoTray.exe
O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O9 - Extra button: (no name) - {7B6E4BB4-8464-47CF-9A5B-F82F6B408A6E} - C:\PROGRA~1\GoGoData.com\GOGODA~1\TOMAHA~1.DLL
O9 - Extra 'Tools' menuitem: GoGoData AdBuster - {7B6E4BB4-8464-47CF-9A5B-F82F6B408A6E} - C:\PROGRA~1\GoGoData.com\GOGODA~1\TOMAHA~1.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} (RRAAINAX_02.RRAAINAX) - http://www.in.honda.com/rraaapps/rra...X/RraainAX.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
O20 - Winlogon Notify: fccaxya - C:\WINDOWS\SYSTEM32\fccaxya.dll
O20 - Winlogon Notify: gebcb - C:\WINDOWS\System32\gebcb.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Here is my Panda ActiveScan: (Sorry if it looks all retarded)
Quote:
Incident Status Location

Potentially unwanted tool:application/winfixer2005 Not disinfected c:\windows\downloaded program files\UWA7P_0001_N91M0809NetInstaller.exe
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@ad.yieldmanager[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@com[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@errorsafe[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@hitbox[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@mediaplex[1].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@stats1.reliablestats[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@tribalfusion[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@winantispyware[2].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@winantivirus[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@www.errorsafe[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@www.winantiviruspro[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\LeetSauce\Cookies\leetsauce@zedo[1].txt
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Documents and Settings\LeetSauce\Local Settings\Temporary Internet Files\Content.IE5\OV0BAJG5\WinAntiVirusPro2007FreeInstall[1].cab[UWA7P_0001_N91M0809NetInstaller.exe]
Adware:Adware/Maxifiles Not disinfected C:\WINDOWS\b122.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\pvdjgjeh.dll
Thanks in advance, hopely you experts know how to solve this problem this loser doesn't know how to solve.
C0mputerl0ser is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here