Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Aurora/ABI pop-ups and more junk


  • This topic is locked This topic is locked

#1
damaged cat

damaged cat

    New Member

  • Member
  • Pip
  • 3 posts
Hi. I've downloaded the software from the start page and had my computer scanned multiple times today, but I'm still having problems with the Aurora/ABI pop-ups. They won't go away.

Anyway, here's my recent HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 1:26:57 PM, on 7/21/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\aim.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\mswkst32.exe
C:\WINDOWS\System32\aim.exe
c:\windows\system32\pkhctor.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\Alxe.exe
C:\WINDOWS\System32\NhfK.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\qube\My Documents\HijackThis software\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [AOL Instant Messanger] aim.exe
O4 - HKLM\..\Run: [CvJ] c:\documents and settings\qube\local settings\temp\CvJ.exe
O4 - HKLM\..\Run: [HqqvY.exe] c:\windows\system32\HqqvY.exe
O4 - HKLM\..\Run: [N6Gwt3P3] c:\windows\system32\N6Gwt3P3.exe
O4 - HKLM\..\Run: [36QAG5A3@WTFA4] C:\WINDOWS\System32\HotElc.exe
O4 - HKLM\..\Run: [XfA] C:\documents and settings\qube\local settings\temp\XfA.exe
O4 - HKLM\..\Run: [WXnznTA] C:\windows\system32\WXnznTA.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [sdajrq] c:\windows\system32\pgrmhtp.exe
O4 - HKLM\..\Run: [Microsoft Updat3] mswkst32.exe
O4 - HKLM\..\Run: [kenerb] c:\windows\system32\pkhctor.exe r
O4 - HKLM\..\RunServices: [AOL Instant Messanger] aim.exe
O4 - HKLM\..\RunServices: [Microsoft Updat3] mswkst32.exe
O4 - HKCU\..\Run: [AOL Instant Messanger] aim.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

Edited by damaged cat, 21 July 2005 - 06:00 PM.

  • 0

Advertisements


#2
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Welcome to GTG.

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP, or Service Pack 4 if you are running Win2k. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here
Apply the update, reboot, and post a fresh Hijack This log.

Also, did you read the sticky topic yet? If not:
Please read the first link in my signature and follow the steps outlined there. When you are ready, post the HijackThis log here.
  • 0

#3
damaged cat

damaged cat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
But I DID follow the sticky, and I read over it four times, too.

I tried to install the Service Pack 1a for Windows XP (twice), but it wouldn't work. "Invalid product key"? LOVELY.

See screenshot:

Posted Image

If the image above doesn't show up, it's at

http://www.geocities..._screenshot.JPG

I guess I can't really do anything about the infections on my computer, then. Sorry to waste your time like that.
  • 0

#4
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Don't worry too much about that. We are required to ask users to update to XP SP1 first and if it gives them problems (like in your case), you may do the following instead:

Please go HERE (Microsoft website) using Internet Explorer (not Firefox or any other browser as they won't work)
  • Click on Windows Validation Assistant
  • Click on the Validate Now button.
  • Be patient while the ActiveX loads, do not click on any links.
  • Read the instructions on this page while it's loading. You will be prompted to install - click YES.
  • Enter your product key then click continue
  • When it says "Validation Complete" please click Continue to return to your previous activity
  • Copy what it says and paste it here.
We can remove this and I see the files that are causing the problems here. Just do the above (should be quick) and we'll get right to the fix.
  • 0

#5
damaged cat

damaged cat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Okay, I went to that URL in Internet Explorer, but while I was waiting for the Active X to load, the page redirected me to another page and it said in bold, red letters:

"It appears that your Windows Product Key is not valid. Please contact your system administrator or retailer immediately to obtain a valid Product Key."

I don't have the Certificate of Authentication, and I don't know the Product Key. My computer was given to me by my brother, so he might know. If he doesn't, what else is there to do?
  • 0

#6
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
OK, the Windows OS you have may not be a legitimate one. I suggest asking your brother whether he bought Windows XP or downloaded it somewhere because according to this, you don't have a legal copy of it.

You should have the product key since it seems like you entered it but it's not a valid one.

Sorry, because of this we will not be able to assist you. Get a legal copy of Windows (or get the correct product key from your brother) and we will begin from there.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP