Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Aurora/ABI pop-ups and more junk

Started by damaged cat , Jul 21 2005 02:26 PM

  • This topic is locked This topic is locked

#1
damaged cat
Posted 21 July 2005 - 02:26 PM

damaged cat

    New Member

  • Member
  • Pip
  • 3 posts
Hi. I've downloaded the software from the start page and had my computer scanned multiple times today, but I'm still having problems with the Aurora/ABI pop-ups. They won't go away.

Anyway, here's my recent HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 1:26:57 PM, on 7/21/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\aim.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\mswkst32.exe
C:\WINDOWS\System32\aim.exe
c:\windows\system32\pkhctor.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\Alxe.exe
C:\WINDOWS\System32\NhfK.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\qube\My Documents\HijackThis software\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [AOL Instant Messanger] aim.exe
O4 - HKLM\..\Run: [CvJ] c:\documents and settings\qube\local settings\temp\CvJ.exe
O4 - HKLM\..\Run: [HqqvY.exe] c:\windows\system32\HqqvY.exe
O4 - HKLM\..\Run: [N6Gwt3P3] c:\windows\system32\N6Gwt3P3.exe
O4 - HKLM\..\Run: [36QAG5A3@WTFA4] C:\WINDOWS\System32\HotElc.exe
O4 - HKLM\..\Run: [XfA] C:\documents and settings\qube\local settings\temp\XfA.exe
O4 - HKLM\..\Run: [WXnznTA] C:\windows\system32\WXnznTA.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [sdajrq] c:\windows\system32\pgrmhtp.exe
O4 - HKLM\..\Run: [Microsoft Updat3] mswkst32.exe
O4 - HKLM\..\Run: [kenerb] c:\windows\system32\pkhctor.exe r
O4 - HKLM\..\RunServices: [AOL Instant Messanger] aim.exe
O4 - HKLM\..\RunServices: [Microsoft Updat3] mswkst32.exe
O4 - HKCU\..\Run: [AOL Instant Messanger] aim.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

Edited by damaged cat, 21 July 2005 - 06:00 PM.

  • 0

Advertisements

#2
greyknight17
Posted 22 July 2005 - 12:10 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Welcome to GTG.

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP, or Service Pack 4 if you are running Win2k. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here
Apply the update, reboot, and post a fresh Hijack This log.

Also, did you read the sticky topic yet? If not:
Please read the first link in my signature and follow the steps outlined there. When you are ready, post the HijackThis log here.
  • 0

#3
damaged cat
Posted 22 July 2005 - 02:05 PM

damaged cat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
But I DID follow the sticky, and I read over it four times, too.

I tried to install the Service Pack 1a for Windows XP (twice), but it wouldn't work. "Invalid product key"? LOVELY.

See screenshot:

Posted Image

If the image above doesn't show up, it's at

http://www.geocities..._screenshot.JPG

I guess I can't really do anything about the infections on my computer, then. Sorry to waste your time like that.
  • 0

#4
greyknight17
Posted 22 July 2005 - 08:31 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Don't worry too much about that. We are required to ask users to update to XP SP1 first and if it gives them problems (like in your case), you may do the following instead:

Please go HERE (Microsoft website) using Internet Explorer (not Firefox or any other browser as they won't work)
  • Click on Windows Validation Assistant
  • Click on the Validate Now button.
  • Be patient while the ActiveX loads, do not click on any links.
  • Read the instructions on this page while it's loading. You will be prompted to install - click YES.
  • Enter your product key then click continue
  • When it says "Validation Complete" please click Continue to return to your previous activity
  • Copy what it says and paste it here.
We can remove this and I see the files that are causing the problems here. Just do the above (should be quick) and we'll get right to the fix.
  • 0

#5
damaged cat
Posted 22 July 2005 - 09:06 PM

damaged cat

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Okay, I went to that URL in Internet Explorer, but while I was waiting for the Active X to load, the page redirected me to another page and it said in bold, red letters:

"It appears that your Windows Product Key is not valid. Please contact your system administrator or retailer immediately to obtain a valid Product Key."

I don't have the Certificate of Authentication, and I don't know the Product Key. My computer was given to me by my brother, so he might know. If he doesn't, what else is there to do?
  • 0

#6
greyknight17
Posted 23 July 2005 - 03:01 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
OK, the Windows OS you have may not be a legitimate one. I suggest asking your brother whether he bought Windows XP or downloaded it somewhere because according to this, you don't have a legal copy of it.

You should have the product key since it seems like you entered it but it's not a valid one.

Sorry, because of this we will not be able to assist you. Get a legal copy of Windows (or get the correct product key from your brother) and we will begin from there.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP