I am on a PC using XP Pro, with the service pack 2. My computer (Wednesday evening) was infected with Aurora, aka ABI. I could not remove it using Panda (latest version) or Spy Sweeper. I googled Aurora and found you guys.
I read your description on what to do, however, because of the constant closing of dreaded pop-ups (about one every two to three seconds - unbelievable!), I was unable to download the software that you guys described for the fix, and certainly wasn't able to run it!
Ran a quick search on how many files were "new files' created that day, and the file list simply kept growing before my eyes. Even though I was scared to shut off my machine, I also knew that I could not stop the constant pop-ups and files that were being created. The question then was which would be worse, more new files or turning off my machine? Also, since I had no clue how I had GOTTEN this Trojan/virus (via email, download, hacking), I was afraid that if I left my machine on that other people would become infected via my email. How does it spread, anyway? Unplugging from the Internet meant that others would not be able to use the system, and that I would not be able to use a different machine to search for answers.
It was getting very late (1:30 AM), and the new files being created continued to grow, so I turned off my system. Mistake. BIG mistake.
Next morning, turned on system, and computer went into constant reboot cycle. First it would boot up, then the computer would have an error message that said it was sorry for the inconvienance (blahhaha), but that it could not boot up, and which way did I want to continue, offering: Safe Mode, Safe mode with control prompt, Last known good setting, and another item which I can't remember. I chose ALL of them at different bootups. Nothing, just continued to reboot no matter what I did.
Thankfully, I have an alternate Windows on my D drive (courtesy of my son!) and I was able to choose the alternate Windows before the reboot cycles began. This worked, but it is a virgin Windows, with none of my software installed.
I worked on a different computer, and downloaded the software and printed out the steps steps outlined for getting rid of this pesky Aurora, etc. The software I used in the following order was: CleanUp, Ad-aware SE, CWShredder, Spybot S&D, Ewido Security Suite, HiJackThis. I saved the logs as requested.
However, I still cannot boot back into my old C drive Windows. I am OK with reinstalling all my software (&*%$#!!!! Arrggghhh), but there are a few files that I would like to save that are on my Desktop in the old Windows.
1. Is there a way to STOP the constant rebooting when using the old Windows?
2. If not, is there a way to reclaim 2 files from the old Desktop from the C drive Windows? All other files have been backed up, previously.
3. How is this DANG trojan spread? Does it come from an email, or hacking, or what? I have spyware, Panda Antivirus AND a hardware firewall. HOW did it make it through?
4. Can we SUE these blankety blank blanks!!
Once again, I do have the HiJackThis log, if it would help.
BTW, THANKS so much for your efforts for all of us users out here.