HJT Log - Aurora (ABI Network)

here is my hijackthis log Logfile of HijackThis v1.99.1 Scan saved at 10:30:13 PM, on 8/28/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe

Then post a new HijackThis log to check what is left if anythig didnt get cleaned post the av log too =============== Post back a new log, and let me know Also, in the registry I find a regkey called: C:\windows\dfgkocjeuew.exe and the data is 'Buddy' in HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache I delete this, however with the exe it just comes back. Tech Support Guy is completely free -- paid for by advertisers and donations. This is a tough nut to crack.

Click "Config..." 2. Uncheck the Hide Protected Operating System Files (recommended) option.

Enable the Show Hidden Folders option, like this:Click Start. Click "Next" in the setup, then make sure "Run Nailfix" is checked and click "Finish". All the files which you said to delete if still in existence were not in existence.6. Eventually I learned well enough to hit it in all directions at one time by scanning with KAV, Microsoft Anti-spyware, Spybot S&D, and HiJackThis!That combo took it down finally.

fffddd Anon 2005-May-31 2:37 am the website works... Here is a short list of files it can create (my test computer):Upon running Aurora.exe, the following items are created:- Deletes Aurora.exe & creates C:\WINDOWS\Nail.exe, then a chain reaction:C:\WINDOWS\system32\Poller.exe, which creates navigate here Flaviuscrispus windows-virus flaviuscrispus 2 posts since Jun 2005 Newbie Member 2Contributors 2Replies 3Views 11 YearsDiscussion Span 11 Years Ago Last Post by dlh6213 0 Discussion Starter flaviuscrispus 11 Years Ago Here

Make sure your able to view system and hidden files/ folders: files... While ive yet to accidently infect my self or be infected by any thing untill recently about 6 months ago i had not installed any service packs on xp.

In Task Manager it is running through a process called dfgkocjeuew.exe, end tasking this works for a while. Register a free account to unlock additional features at BleepingComputer.com

