Hey there I have recently found out that my computer is infected with a virus, or so i think... I initially used a virus scanner called STOP. (By a company called eACCELERATION.) After I scanned my computer it said that I had two viruses, all called Trojan.pws.banker.5760. And some other cookie spyware things... The viruses were on two different files. One was a file called Claro.exe. Another was on the Windows\System32\windows32.exe file. I deleted the Claro.exe file as i was just sitting by itself on the C:\ However, I haven't touhed the other one as I'm guessing thats a fairly important file to muck around with/delete. Anyway, after trying to do a bit o research on it I decided to check whether the virus was still there and used a different virus scanner Spyware Doctor. After doing a check it didn't mention anything about the trojan.pws.banker virus but it mentioned that some of my registry keys were a bit strange and identified them as software from Hong Kong. Thinking this was strange I ran STOP again and i gave me the same results as before. So my first question, (and there will be others so please bear with me!) is: 1) Can two different virus scanners produce two different results? 2) Can they also be wrong with their results? (IE First scan said that I have this trojan.pws.banker.5760 in the system32\Windows32.exe file, could it have made a mistake about this?) So thinking there may be something wrong with the registry, I then downloaded registryfix which is supposed to tell you things that have gone wrong with the registry. So I ran this, and there were a lot of problems, (although a big amount came from programs trying to link to the desktop(?) but not findingthe program.) There were some ofthe others mentioned before in the spyware results so I thought about trying to gt into my registry. Mii-muurrrhhh! Not going to happen, (tried regedit, regedt32, regedit.exe in the run box, it would briefly open and then close again, which further reading said was a sure sign of a virus, but another one, but no scan hus far has produced signs of another one.) 3) How can I access my registry again, or fix the problem there is? This has all happened over the last couple of days? So I started again today looking for solutions to my problem, and I came across www.bitdefender.com which had a whole list of virus fixers for different types of viruses. I tried a couple of those, and as far as I could see, they scan then fix. The scans they cameup with showed no problem which really started to annoy me as I'm starting t think Im paranoid now. I then come across The Cleaner by the moo company. I download and run that but no success and doesn't state that there is any problem with any of the files on my machine thus far. 4) Is there a freebie and reliable piece of software that can fix this sort of virus? You maybe thinking "Cheeky sod, he wants to fix it and not pay anything!" but thats not the case. I just don't want to cough up 50 - 100 gbp for a scan to say nothing is wrong. And there definitely is something wrong. i) Machine takes ages to load up IE and IE and shuts it down for no apparent reason sometimes. ii) The ctrl-alt-delete functionality doesn't work now, although it did approximately 1 week ago and I have done nothing to it to change that. iii) It won't let me switch off the computer from a user screen, and has now even taken that functionality away from the start menu. I either have to do it by the actual switch on the computer or log off the user and do it from the user menu screen. iv) Before I ran the intial scan, I could never delete all these temporary files that would be created in the C:\ (as it looks, no sub folders after the \). I could delete them all apart from one. After I deleted the Claro.exe folder whcih was in the same place I could delete all the temporary files, and whatsore none appear now, although a lot used to after using the internet quite a bit.) To finish, I was a numpty and did not have any sort of anti-viral software before this, which will change if things gt fixed. I am not a techie either but I do learn about these sort of things pretty quickly so if anyone can help me and answer the questions above I wouldbe most grateful! (Any computer techies in SE London PM and we may even sort out sme sort of payment!) Thanks
Spyware Doctor is crap it's just about spyware itself. Run the other one in safe mode and see what happens.
A virus may be known by different aliases to different companies so what seems like two separate problems may be different names for the same thing. In this case it seems like you have two distinct issues although one problably downloaded and installed the other. Here's some info: Troj/Dloadr-AQJ is a Trojan for the Windows platform. The Trojan includes functionality to access the internet and communicate with a remote server via HTTP. When installed, the Trojan may attempt to download a file to C:\claro.exe, and sets the following registry entry HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ecko C:\claro.exe
Did you ever fix your problem? (I noticed this thread is almost a month old). If not, I have plenty of ideas to try out.
