Behaveslike:win32.explorerhijack Not Removed
Hi,
BitDefender keeps detecting this malware. Sometimes it is removed, sometimes it is not - however, it keeps coming back on the next scan.
1) How do I permanently remove this from my system (ie so I don't detect it every day)?
2) How do I handle the infections which BitDefender could not remove?
3) What is known about the impact of this virus? I've been having major system problems with my new Dell Laptop (could be related to the graphics card/driver/nView applet) and I don't know if they're related.
Note: I'm not very knowledgeable about virus/AV theory - I'm a hardware guy.
Thanks,
S.
-----------------------------------------------------------------------------------------------------------------------
BitDefender Log File !!!!!
Product : BitDefender Antivirus 2008
Version : BitDefender UIScanner v.11
Log date : 07:40:46 07/09/2008
Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\full_scan\1220798446_1_02.xml
Scan Paths:Path0000: C:\
Path0001: E:\
Path0002: F:\
Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes
Target selection options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : No
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :
Target ProcessingDefault action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None
Scan engines summaryNumber of virus signatures : 1731299
Archive plugins : 43
Email plugins : 6
Scan plugins : 12
Archive plugins : 43
System plugins : 4
Unpack plugins : 7
Overall scan summaryScanned items : 769882
Infected items : 3
Suspicious items : 0
Resolved items : 2
Individual viruses found : 1
Scanned directories : 54587
Scanned boot sectors : 22
Scanned archives : 1192
Input-output errors : 31
Scan time : 00:03:31:46
Files per second : 60
Scanned processes summaryScanned : 64
Infected : 0
Scanned registry keys summaryScanned : 388
Infected : 0
Scanned cookies summaryScanned : 0
Infected : 0
Remaining issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP74\A0019760.exe BehavesLike:Win32.ExplorerHijack No action was possible
Resolved issues:Object Name Threat Name Final Status
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP74\A0019775.exe BehavesLike:Win32.ExplorerHijack Moved to Quarantine
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP74\A0019841.exe BehavesLike:Win32.ExplorerHijack Moved to Quarantine
Objects that were not scanned:Object Name Reason Final Status
Comments
-
Please read this: http://forum.bitdefender.com/index.php?showtopic=3575
0 -
Please read this: http://forum.bitdefender.com/index.php?showtopic=3575
Thanks for the info. Can I manually delete just the infected System Restore files, and still have access to my other, non-infected Restore points? Or do I need to blow away everything in System Restore?0 -
If you disable System Restore, all the restore points will be deleted....but the viruses will be deleted
0 -
Hello skyh,
You can remove all restore points except the latest. By doing this click on Start, All Programs, Accessories,System Tools,Disk Cleanup after the process is completed press on more options by the system restore section press on clean remove.
Kind regards,
Niels0
