Results 1 to 5 of 5

Thread: Aurora pop up

  1. #1
    Frustrated Mad Scientist
    Join Date
    Dec 2004
    Posts
    1,152

    Aurora pop up

    Morning all,

    I was removing some spyware from my mates Dad pc last night.
    I ran the usual tools, AAW6, Microsoft Anti spyware etc. Ran them in Safemode etc.

    I came across a couple of bits of spyware I couldn't get. None of the antispyware flagged them up. I only caught them because either the pop ups continued or Zonealarm caught the process trying to get out.

    One of them was Aurora, a pop up program the others I don't know what they were I only got the process name from ZA. The process names seemed to be [random string of characters].exe

    I followed intructions similar to this

    Eliminate the Aurora pop-up spyware:

    1. Go to start/run and type CMD press ok
    2. When it opens type CD and press return and then when you see the C: prompt type CD/WINDOWS press return
    3. Type NAIL.EXE /FullRemove press return


    Note: Make sure that there is a space between NAIL.EXE and the /

    Go to TechGuy for a full explanation of the situation - only needed if you want additional information about the Aurora problem.
    Upon further research Aurora comes from. Direct Revenue LLC. AKA Offeroptimizer and Abetterinternet.com.
    This seemed to get rid of aurora but I'm not confident. The others I blocked and left just because I wanted to go home. The crap has screwed up IE quite badly and XP is a little unstable now but Firefox works ok.

    Any idea if this was the right way to shift Aurora and any idea how to get rid of the others?
    I don't have access to the machine right now so I can't post a Hijackthis log.

    If the machine is still screwing around I'm going to reformat it but I was wondering how best to tackle these for future reference.

  2. #2
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    might consider doing some antivirus scans in safe mode with networking turned OFF. you didnt mention if the PC was windows XP or not but I would also turn off the system restore run hijack this and your adaware tools again. When you do get a chance please post that hijack this log and dont forget to clean out msconfig and ALL temp files including the Prefetch as things like to hide in these folders and present themselves in the most inoppourtune times
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  3. #3
    Frustrated Mad Scientist
    Join Date
    Dec 2004
    Posts
    1,152
    Should have made that clearer. It was an XPhome PC with some patches but not SP2.

  4. #4
    Senior Member
    Join Date
    Feb 2004
    Posts
    201
    There is also a service installed by this "ick" that needs to be taken care of.

    Ewido seems to take care of most of the infection with minimal clean-up needed.

    edit: run Ewido in safe mode.

    Or you could run the uninstaller provided so kindly by those who infected you.

  5. #5
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    You stated AdAware 6 ?

    if so, go and upgrade to AdAware SE NOW

    Try other cleaners, some will hit what was missed.

    Although Meeeeeee does this stuff for a living, and therefore is to be considered 'odd enough' to take REAL serious
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •