aurora--gimmee a break-wtf???

I am so, so sick of all the so-called "solutions" to the Aurora/The Best Offers/b.s. crappola, I could spit (and, I have)!

This Spyware is a travesty, and needs to be dealt with on a Government level. I no longer will attempt to go through pages upon pages of "removal" procedures, only to realize complete and total failure to dessimate the horrific A virus from my personal computer!!!!!

This is Bullshit.

Anyone else sick of it? Sick of the long, drawn-out procedures to--supposedly--eliminate this goofy/computer-f'in/RAM-sucking software VIRUS???

I encourage you'all to join me in a PROTEST AGAINST THE ENTITY THAT HAS BEEN ALLOWED TO, LEGALLY, TAKE OVER OUR COMPUTERS!

NAMELY!!!! A - U - R - O -R - A - "the best offers," ETC., ETC., ETC. !!!!!!!!!!!!!!!!

We can do something about this, I truly believe it. This is a major SPAM/VIRUS attack on both personal computers and CORPORATE computers!!!!!!

Looking forward to hearing from other peeps who are TOTALLY FED UP WITH AURORA!!!! and ready to take some action!

thanx!
elj

 

You have already posted in the Spyware Specic Forum about this http://forums.majorgeeks.com/showthread.php?t=72724. There is no need to post anywhere else. Aurora/Nail/Best Offers is not that hard to get rid of.

 

oh, really....sorry to bother you with such a trivial madda....I believe i'll check it out....

 

Ya'all don't get it, do you?

Why should I have to go thru all the B.S. involved in removing this crap in the first place?

We are not all "computer GEEKS!" for god sakes! and, I don't have the time, nor the energy and desire, to go through all the different procedures again, and again, and again, and again, and again, AD NAUSEUM!!!!!

I'm far from stupid/ignorant, dudes! I certainly could, and have {Reference: Ad Nauseum} gone thru several Aur-o-ra-removal procedures, believe you me. They've always been for naught, despite your arrogant assertions to the contrary.

My point is, nip this SH*T in the bud! Make the ORIGINATORS of this GOD-AWFUL virus RESPONSIBLE for getting rid of it!!!!

This "A" spyware, in particular, has been kicking my butt--in fact, rears its' ugly head even when I google to your Website----hahaha---what kinda sick joke is that?

em

 

Your choice, but not following the directions given will result in your computer remaining infected. Once again your choice, I and the others volunteer our time to assist people in removing infections from their system. Often when your system is infected, there is more than one malware application on your system.

Following the instructions in our READ ME FIRST puts your computer in a known state, and the link I posted will remove Aurora/Nail/Best Offers, once again your choice to run this or not. If you enjoy having your computer infected then don't follow my advice; rants will not solve your problem.

NOW DO YOU WANT MY HELP OR NOT.

 

My most heartfelt and sincere apologies for being such an idiot/jerk in the past. Quite honestly, I'm an alky, and I quit drinking a short time ago (if that's any excuse, whatsoever). I'm not insane anymore (at least right now), so.....YES! I appreciate the help.

It seems I may have gotten rid of Aurora...used a procedure from this site (deleting nail.exe, etc.) and I think it's gone. I believe it came from sites such as American Idol, VH1 and other such similar ones. It didn't go exactly per instructions, and I don't remember the details, but--apparently--it was good enough...mission accomplished.

Again, I feel like a jerk (which I was) and I'm sorry.

Okay, so I was wondering if I could post a Hijack This for you to analyze??? I'm having trouble enabling my firewall (says ICS must be active/enabled); but, I'm getting error when I say "go" to that.

Also, on some occasions when trying to download software from "xxx" site, it doesn't recognize that I have Windows XP - prompts me that I need it for the download. Just thought you could identify any funky residuals lurking around...I have a ton of stuff in my start menu, I use "Security Suite" for virus control (always shows 27 or so resident), and Clean!Up...

Thank you, Shadow_puter_dude

elmarice

(p.s. - can I get my past posts deleted? thx)

 

Yes, post a HijackThis log as an Attachment.


Downloading, Installing, and Running HijackThis

 

Okay, thanx...here it is: (I started a new post {starting over} thinking maybe I should ask the general geeks...maybe admin. can delete it)

Just tried to upload .log file & attach to this post. Get a msg. saying replying to invalid post - contact administrator???

 

let's try this again...naw...this is the specific msg. I'm getting:

"...Invalid Post specified. If you followed a valid link, please notify the webmaster..."

 

If the log absolutely refuses to attach. go ahead and copy and paste the log into your post. I'll get one of the mods to convert it to an attachment.

 

Can't do that either. Here's the message I get:

"... The following errors occurred when this message was submitted:

1. Please complete both the subject and message fields. Press the back button, correct the problem and try again.
2. The message you have entered is too short. Please lengthen your message to at least 4 characters..."

A new post page comes up, with blanks on subject and message fields.

hmmmm...????

ell

 

See if you can copy and paste the log into a PM to me, and then I'll attach it to the thread.

 

Nope...here's the message:

"...The following errors occurred when this message was submitted:

1. Please complete both the subject and message fields. Press the back button, correct the problem and try again.
2. Invalid recipient username. Please press the back button, enter the correct username and try again. Click Here to See the Members List


Send New Private Message
Recipients
Recipient Username(s):
You may send up to 1 messages at a time.
Separate multiple user names with ';'
Title:..."
*******

Obviously, I can reply normally, like I'm doing now - guess it doesn't like the log file. Do you think it's too large?

ell

 

OK, forget about that for now.

We'll go ahead with some scans and you can let be know what it found and was fixed and not fixed.

Follow the instruction for Running Spy Sweeper.

 

here's page 1 & 2:
________________________

• Edit by bjgarrick: Outdated, Inline HJT log attached to post #17!

 

that's the problem...file too big...wow
Here's page 3 & 4:
_________________________

• Edit by bjgarrick: Outdated, Inline HJT log attached!

__________________

this is huge...shall we continue tomorrow afternoon? think I need to hit it.

ell

 

Keep posting the log. I need to go through it.

 

It's definitely a .log file.

I downloaded latest version of HJT, and followed all other directions. The only thing I'm unsure about is disabling MSCONFIG. I went to the MSCONFIG.exe file, and I don't see it in the Startup menu. Is this the proper place to look?

 

You're not disabling anything with MSConfig, so skip that.

Your version of HijackThis is 1.98.2; the latest Version is 1.99.1

You need to download the latest version of HijackThis from the link provide in Downloading, Installing, and Running HijackThis

 

Done.

Wouldn't attach again...will attach (2) files. That won't attach either. I'll send it to your PM. I'm sorry, don't know why this is happening...

 

In Manage Attachments, are you clicking the Upload button before you close the Window.

 

yes...I've tried attaching from Notebook, then copied to Word & tried to attach; split it in two (2 pgs. each) when I last sent you the first (outdated) HJT, which--obviously--went thru. I think I may have condensed the file...I'll try again.

Told me there was a 1500 character limit on posts to PM's (my HJT is over 4,500).

Tried to attach just now...message =

"...vBulletin Message

Invalid Post specified. If you followed a valid link, please notify the webmaster..."

 

Save the log to your somewhere where you can find it; make sure the file extension is either .log or .txt. Then attach the file.

 

C & P to Wordpad with .txt extension, clicked on upload--got same message:

"...vBulletin Message

Invalid Post specified. If you followed a valid link, please notify the webmaster..."

 

here's 4kb worth...it's the size, Shadow...

 

Okay...attaching .001.txt

 

Attaching .002.txt

 

You have HijackThis installed incorrectly; install HijackThis to C:\HJT.

Uninstall MemTurbo it is uneccesary. Windows does an excellent job of managing memory.

Scan with HijackThis and fix the following:

Download
- Pocket Killbox

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click OK.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

"...Choose Tools -> Delete Temp Files and click OK..."

There is no "OK" to click on - Just "Exit"

Also, I use MemTurbo because my computer slows down to a crawl @ times, when I'm on various forums, or with certain applications...Memturbo shows free physical RAM to be less than 127M @ times. Scrubbing RAM brings my PC back up to high performance level. Is what I'm doing, per your instructions, going to fix this problem do you think?

thanx,

ell

 

Click the Red X.

If you have 256MB or more of system memory, a memory manager isn't necessary. Your choice to keep it or remove it.

 

ok, chaslang. I don't even know what you mean by "using a special editor," nor do I know how to manipulate the log files,so I don't believe I did that. The last .log, I followed the directions to the "T" so I don't know why there's a "whole bunch of stuff that doesn't belong there." mystery to me. There is a whole lotta information on this site, so, I suppose that's why I missed the sticky about the teatimer. Thank you for this information, chaslang.

I will try the procedure again later today. I must tell you, however, that what I did up to the point yesterday caused my computer to act very strangely. I had to restore to Dec. 3rd. anywho, will re-visit this afternoon.

thanx,
ell

 

System restore should be off if you are following the Sticky. By restoring your system you are bring the infection back. Turn off System Restore.

Post a fresh HijackThis log.

 

thanx, shadow...I'll be back around 4p.m. Eastern.

ell