Ciao a tutti da un po' di tempo a questa parte ho in grembo un bel troiano che antivr, nonostante individui, non riesce a togliere (incollo la parte finale del file di log generato da Antivir)

counter.cab
ArchiveType: CAB (Microsoft)
--> counter.exe
[DETECTION] The Trojan horse TR/Drop.Agent.AZ
hiberfil.sys
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
pagefile.sys
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\Programmi\WinRAR
rarnew.dat
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
Error! Could not change directory: System Volume Information
C:\WINDOWS\SoftwareDistribution\EventCache
{25C0A1D3-9077-4C9D-AA9F-B94BFB7DE15B}.bin
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
{85D4A3BE-7D91-45AC-8D05-FE8B87392642}.bin
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\WINDOWS\system32\config
default
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!

End of scan: giovedì 18 novembre 2004 02:02
Time taken: 17:22 min


1668 directories were scanned
18688 files were scanned
9 warning messages were issued
0 files were deleted
0 files were repaired
1 detection

Sapete dirmi come posso fare ad eliminarlo?
Ciao e grazie

Prova con Trojan remover......

Qui c'e' la versione di valutazione che funzia per 30 gg:
http://www.simplysup.com/tremover/download.html

Bye

mandami il file infetto counter.cab o counter.exe a inviaqui@email.it, poi fai uno scan con hijackthis, salva il log e copia-incollalo qui

ciao

Originariamente inviato da guia
Ciao a tutti da un po' di tempo a questa parte ho in grembo un bel troiano che antivr, nonostante individui, non riesce a togliere (incollo la parte finale del file di log generato da Antivir)

counter.cab
ArchiveType: CAB (Microsoft)
--> counter.exe
[DETECTION] The Trojan horse TR/Drop.Agent.AZ
hiberfil.sys
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
pagefile.sys
Access denied! Error during file opening!
This is a Windows swap file. This file is locked by Windows.
Error code: 0x000D
WARNING! Access error/file locked!
C:\Programmi\WinRAR
rarnew.dat
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
Error! Could not change directory: System Volume Information
C:\WINDOWS\SoftwareDistribution\EventCache
{25C0A1D3-9077-4C9D-AA9F-B94BFB7DE15B}.bin
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
{85D4A3BE-7D91-45AC-8D05-FE8B87392642}.bin
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\WINDOWS\system32\config
default
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!

End of scan: giovedì 18 novembre 2004 02:02
Time taken: 17:22 min


1668 directories were scanned
18688 files were scanned
9 warning messages were issued
0 files were deleted
0 files were repaired
1 detection

Sapete dirmi come posso fare ad eliminarlo?
Ciao e grazie




Eventualmente fai una scansione anche qui:

http://it.trendmicro-europe.com/consumer/products/housecall_launch.php

Installati Bitdefender free , non ha il modulo in real time funzionante , ma è buono nel togliere i trojan , poi eventualmente una volta pulito il computer lo puoi disinstallare.