Re: Virus called bloodhound.exploit - how to remove

From: N. Miller (anonymous_at_discussions.microsoft.com)
Date: 08/21/04


Date: Sat, 21 Aug 2004 11:58:47 -0700

In article <318f01c48742$271845f0$a301280a@phx.gbl>, V says...

> How do I remove the virus? I have Norton Anti virus and
> Spy sweeper but that's not helping. Thanks.

"Bloodhound" is Symantec's generic term for an probably infectious file
detected by heuristics, but not in the virus database. If Norton actually
found it, Norton should have quarantined it; that is the way it works on my
system. While it is in quarantine, it is not able to infect anything.

There are two things you can do. One is to try and submit the item. There
should be an option, through the Norton menus, to submit a quarantined
bloodhound file. The other is to use the Symantec "IntelligentUpdater" to
force installation of the latest virus definitions instead of waiting for
the next "LiveUpdate" download. If there are more recent definitions
available, the "IntelligentUpdater" will pick them up.

If the file is the result of a browser hijack, and many anti virus programs
have begun to detect browser hijacks, removal can be trickier. There are
varieties of the Cool Web Search hijacker which are highly resistant to
removal, and the one guy who was trying to keep on top of them has had to
stop updating his program, CWShredder, because it was taking up too much of
his time. Currently, the best approach, if Ad Aware, Spybot S&D, and similar
programs can't delete it, is to grab Hijack This. You can try to get it from
either of these links:

http://www.spywareinfo.com/~merijn/downloads.html
http://www.spychecker.com/program/hijackthis.html

...or see if Google can find other sources.

This site seems to offer decent instructions on how to use it:

http://www.tomcoyote.org/hjt/

Finally, you need to learn how to secure your browser better. With MSIE it
can be done, at the expense of some functionality, or annoyance. That is
why, after all these years, it has finally begun to slip in "popularity".
People are beginning to notice that there are better browsers than the
flagship of the Microsoft Internet venture.

-- 
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint