TechSpot

aurora still in system?

By Tedster
Sep 7, 2005
  1. Trying to get rid of some remnants of Aurora. I have elminiated most of the files, and registry entries, but when I run ad-aware, my norton anti virus picks up A0008361.exe and A0011673.exe as part of the aurora virus/adware. I boot into safe mode and when I try to locate these files, they don't exist!
     
  2. Vigilante

    Vigilante TechSpot Paladin Posts: 1,666

    Do you have hidden and system files viewable? From My Computer, click Tools-Folder Options-View.

    Not only delete these files, but search for and delete references to them in the registry as well. If the files truly are gone, something is likely still in there, reinfecting you. This one is tuff to remove, that's for sure.

    If you don't see the files in Windows, you might try Recovery Console perhaps.
     
  3. Tedster

    Tedster Techspot old timer..... Topic Starter Posts: 6,000   +15

    found the virus in the C:\system volume information\_restore80F20A1D-752F-4198-BF folder. But windows does not allow me to access this folder!
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hiya Tedster.

    You need to turn off system restore. See how HERE.

    This will delete all your restore points.

    Run a full antivirus scan, and once you are happy that your system is clean, just re-enable system restore.

    Regards Howard :grinthumb
     
  5. Tedster

    Tedster Techspot old timer..... Topic Starter Posts: 6,000   +15

    did just that. Now virus-Free. Thanks a bunch.

    I really want to report that company to the authorities for crapping my system up like they did.
     
  6. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    This might help:

    Meet the makers of Aurora:
    Domain name: WWW.ABETTERINTERNET.COM
    as well as
    Domain name: WWW.DIRECT-REVENUE.COM
    Registrant:
    Thinking Media LP
    275 Madison Avenue
    New York, NY 10016
    US
    +1.8668396164

    Sock it to 'em, YEAH!
     
  7. Tedster

    Tedster Techspot old timer..... Topic Starter Posts: 6,000   +15

    I have reported this company to the federal trade commission. I will report them to the FBI later today.

    Trojan horse programs are illegal under United States malicious computer code ACT.

    I encourage others to do the same:

    www.FBI.gov (Federal Bureau of Investigation)

    and www.FTC.gov (Federal Trade Commission) - has authority to enforce interstate computer crimes involving "businesses"
     
  8. Tedster

    Tedster Techspot old timer..... Topic Starter Posts: 6,000   +15

    I submitted a complaint to the FBI as well.
     
  9. Vigilante

    Vigilante TechSpot Paladin Posts: 1,666

    Now we just need solid proof that this program installs without our consent. And that it does something harmful to our system. Or prove that it collects personal information and sends it somewhere.
     
  10. Tedster

    Tedster Techspot old timer..... Topic Starter Posts: 6,000   +15

    Well we know it collects info and sends it.

    It also doesn't completely remove itself. This is a clear violation of the ACT.
    The removal program by the company is bogus. it only partially removes it.
    I know, I tried it.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...