Another Behaveslike:win32.explorerhijack Not Removed

Hello all,


First I need to how to find my log on Total Security 2009 so I can submit it. I appreciate it.


So I have Behaveslike:win32.explorerhijack in the quarrantine section.


I keep getting the popup that says it found it and protected me from it.


Its in,


C:\windows\system32\ntagent.exe


BitDefender says it cant be disinfected.


Up till a few days ago, I had been using the 2008 product.


I saw a post about this infection being resolved by disabling the restore function, but I dont think that applies for me, although I did try it.


Thanks in advance

Comments

  • I am also getting this error (about every 20 minutes - running vista ultimate sp1, bitdefender 2008).


    I sent in the files via the Quarantine screen. Is this a real virus? There is also an ntagent.web file in C:\windows\system32 directory (bitdefender does not detect that as a virus).


    regards,


    Gareth

  • rootkit
    rootkit ✭✭✭
    edited September 2008

    Please put this file : C:\windows\system32\ntagent.exe in a zip or rar archive with the password infected and attach it to you next post.

  • Thanks for the help crysty2k5,


    I ziped it but cant find how to PW it. Hope thats OK.


    Here it is.

    /applications/core/interface/file/attachment.php?id=3254" data-fileid="3254" rel="">ntagent.zip

  • Download Malwarebytes' Anti-malware from here:


    http://www.malwarebytes.org/mbam.php


    Once the download is complete, run the install program, and accept all of the default options. Make sure that the options to Update and Launch the software is checked when you click Finish.


    Now, let's make sure that it has all of the latest anti-spyware definitions: click on the Update tab and click the Check for Updates button.


    malwarebytes1.png


    After the updates have been loaded, click on the Scanner tab and choose the Perform Complete Scan option, then click the Scan button.


    a5163075fd548685aa01c10a88346d17.png


    When the scan is complete, it will show you all of the potentially harmful files on your computer - click the button to remove them automatically.


    Paste the scan log here. :)

  • I am also getting this error (about every 20 minutes - running vista, bitdefender 2009).


    Is this a real virus? What to do - very irritating!


    regards,


    Sammy

  • sammy
    edited September 2008

    I am also getting this error (about every 10 minutes - running vista, bitdefender 2009).


    Is this a real virus? What to do - very irritating!


    regards,


    Sammy

  • sammy
    edited September 2008

    Malwarebytes' Anti-Malware 1.28


    Database version: 1192


    Windows 6.0.6000


    9/22/2008 10:16:53 AM


    mbam-log-2008-09-22 (10-16-53).txt


    Scan type: Full Scan (C:\|)


    Objects scanned: 170257


    Time elapsed: 1 hour(s), 33 minute(s), 3 second(s)


    Memory Processes Infected: 0


    Memory Modules Infected: 0


    Registry Keys Infected: 0


    Registry Values Infected: 0


    Registry Data Items Infected: 0


    Folders Infected: 0


    Files Infected: 0


    Memory Processes Infected:


    (No malicious items detected)


    Memory Modules Infected:


    (No malicious items detected)


    Registry Keys Infected:


    (No malicious items detected)


    Registry Values Infected:


    (No malicious items detected)


    Registry Data Items Infected:


    (No malicious items detected)


    Folders Infected:


    (No malicious items detected)


    Files Infected:


    (No malicious items detected)