aurora still in system?

[Tedster]

Trying to get rid of some remnants of Aurora. I have elminiated most of the files, and registry entries, but when I run ad-aware, my norton anti virus picks up A0008361.exe and A0011673.exe as part of the aurora virus/adware. I boot into safe mode and when I try to locate these files, they don't exist!

 

[Vigilante]

Do you have hidden and system files viewable? From My Computer, click Tools-Folder Options-View.

Not only delete these files, but search for and delete references to them in the registry as well. If the files truly are gone, something is likely still in there, reinfecting you. This one is tuff to remove, that's for sure.

If you don't see the files in Windows, you might try Recovery Console perhaps.

 

[Tedster]

found the virus in the C:\system volume information\_restore80F20A1D-752F-4198-BF folder. But windows does not allow me to access this folder!

 

[howard_hopkinso]

Hiya Tedster.

You need to turn off system restore. See how HERE.

This will delete all your restore points.

Run a full antivirus scan, and once you are happy that your system is clean, just re-enable system restore.

Regards Howard :grinthumb

 

[Tedster]

did just that. Now virus-Free. Thanks a bunch.

I really want to report that company to the authorities for crapping my system up like they did.

 

[RealBlackStuff]

This might help:

Meet the makers of Aurora:
Domain name: WWW.ABETTERINTERNET.COM
as well as
Domain name: WWW.DIRECT-REVENUE.COM
Registrant:
Thinking Media LP
275 Madison Avenue
New York, NY 10016
US
+1.8668396164

Sock it to 'em, YEAH!

 

[Tedster]

I have reported this company to the federal trade commission. I will report them to the FBI later today.

Trojan horse programs are illegal under United States malicious computer code ACT.

I encourage others to do the same:

www.FBI.gov (Federal Bureau of Investigation)

and www.FTC.gov (Federal Trade Commission) - has authority to enforce interstate computer crimes involving "businesses"

 

[Tedster]

I submitted a complaint to the FBI as well.

 

[Vigilante]

Now we just need solid proof that this program installs without our consent. And that it does something harmful to our system. Or prove that it collects personal information and sends it somewhere.

 

[Tedster]

Well we know it collects info and sends it.

It also doesn't completely remove itself. This is a clear violation of the ACT.
The removal program by the company is bogus. it only partially removes it.
I know, I tried it.