Trojan
i have 2 trojan stuck to my computer...
1. Trojan.Agent.AHCV
2. Trojan.Patched.BC
my bit defender cant seem to remove them from my computer...
can anyone help me...
Comments
-
Please post the path of the trojan files.
Cheers!0 -
Please post the path of the trojan files.
Cheers!
Please submit the infected files in a password protected zip archive. Please use "infected" as password.
Mihai Cimpoesu,
BitDefender AntiVirus Researcher0 -
\WINDOWS\system32\kdbg32.dll Infected: Trojan.Agent.AHCV
\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\sens.dll Infected: Trojan.Patched.BC
the bit defender cant seem to disinfect them... strange..0 -
Hello!
Please follow Mihai`s advice, and upload the files in an archive with the password infected.
Cheers!0 -
Hello ,
I'm having exactly the same problem.
My scheduled daily system scan reports me always I few infected files with Trojan.Patched.BC and Trojan.Patched.BD
I also have infected with these C:\Windows\System32\sense.dll
Won't let me access the files, the antivirus can't put them in quarantine, nor delete them nor clean them.
I can't even access them to put them in a ZIP, I'd appreciate some method to know how to at least upload the file.0 -
Dear Duncan Idaho,
Try this reboot your pc into safe mode. By rebooting your pc and press several times on the F8 button before the windows loading screen now select safe mode press enter. Log in with your account and try again to zip the detected files. Reboot your pc and upload the zip files.
Best regards
Niels0 -
Dear Duncan Idaho,
Try this reboot your pc into safe mode. By rebooting your pc and press several times on the F8 button before the windows loading screen now select safe mode press enter. Log in with your account and try again to zip the detected files. Reboot your pc and upload the zip files.
Best regards
Niels
Ok thanks for the advice. I've managed to compress and protect with a password the file (it's in rar format as I don't use winzip).
The password for the file is "infected" (without the ").
I also renamed the file to FILE01.DAT (the original path and name was C:\WINDOWS\SYSTEM32\SENS.DLL).
I actually don't know the cause of the infection as I don't download anything without previous scan , I haven't installed new software in a month and I use firefox with NoScript addon and adBlock.
I hope you this helps. If you need file compressed in other format let me know./applications/core/interface/file/attachment.php?id=1609" data-fileid="1609" rel="">infected.rar
0 -
I have this exact same problem, with the exact same vira names and paths.
BD seems to be blocking their effect flawlessly, but I am still curious as to what this is >.>
I first started getting these notifications after a recent run of Windows Update, installing online two items:
Update for Windows Live Sign-In Assistant (KB 947449)
and
Microsoft Silverlight 1.0 (KB946609)
Think they're related?0 -
Hello ,
I'm having exactly the same problem.
My scheduled daily system scan reports me always I few infected files with Trojan.Patched.BC and Trojan.Patched.BD
I also have infected with these C:\Windows\System32\sense.dll
Won't let me access the files, the antivirus can't put them in quarantine, nor delete them nor clean them.
I can't even access them to put them in a ZIP, I'd appreciate some method to know how to at least upload the file.
Is it sens.dll or sense.dll ? If it is sens.dll, don't remove it untill the virus researchers have studied the file. Because sens.dll (path= C:\windows\system32\sens.dll) is a lgit MS file and you should not delete it.0 -
Is it sens.dll or sense.dll ? If it is sens.dll, don't remove it untill the virus researchers have studied the file. Because sens.dll (path= C:\windows\system32\sens.dll) is a lgit MS file and you should not delete it.
Hello farbar
My post was actually mispelt, it was sens.dll .... I got rid of the virus but I did have to delete it. I'm aware is the dll responsible for the COM+ service, but I couldn't help but to delete it.
So far the OS works just fine, despite I deleted it.0 -
I have the exact same problem but have not deleted the file yet. I researched it, but it appears that it is a valid file.
0 -
Just wait until they research it more, because it's likely to be a false positive.
But for now locate:
C:\WINDOWS\SYSTEM32\SENS.DLL
Right click on it, and click properties. If the date of creation is new, then the file is most likely infected.0 -
These files (although originally legitimate MS dll's) have been modified by the given malware (they contain extra code injected by the malware). They should be restored from the original Windows install CD.
Best regards.0