 Virus Infection, Norton Won't Run In Safe Mode |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.
To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.
  |
 Nov 24 2007, 12:57 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 7 Joined: 11-September 07 Member No.: 156,281  |
I'll try to find out what it is. What should we do? I have this computer and a flash drive. Thanks Edit: Found logs. Says bloodhound.exploit.109 and Downloader This post has been edited by tsukiok: Nov 24 2007, 01:01 PM |
 |
 
|
|
Nov 24 2007, 07:07 PM
Post
#2
|
|
 Bleepin' Janitor Group: Global Moderator Posts: 14,074 Joined: 9-July 05 From: Virginia, USA Member No.: 26,513 |
NAV has the ability to detect unknown viruses of various types using heuristic algorithms known as Bloodhound. This technology uses an expert system to analyze the cataloged behaviors and assess the likelihood of viral infection. Bloodhound is not the name of a virus, but a message displayed by NAV when it thinks it may have found a new virus. According to Symantec, Bloodhound detects up to 80% of new and unknown executable viruses, and 90% of new and unknown macro viruses.
Heuristic analysis is the ability of an anti-virus program to detect new viruses before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The techniques involves inspecting the code in a file to see if it contains virus-like characteristics. If the number of these characteristics/instructions exceeds a pre-defined threshold, the file is flagged as a possible virus. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as malicious. With heuristics, there is always a potential risk for a "False Positive" if virus detection technology (AutoProtect Settings) are set to High for Bloodhound and the heuristic analysis flags a file as suspicious or infected that contains no malware. You may want to Reset Bloodhound to default settings and try scanning again. Did your anti-virus provide a specific file name associated with Downloader and where is it located (file path) at on your system? You can also do this: Download Sysclean Package and the latest Virus Pattern Files - (Pattern files are usually named lptxxx.zip, where xxx is the pattern file number).
-------------------- "THE BAD GUYS DON'T NEED A SEARCH WARRANT. ARE YOU PROTECTED?"
Microsoft MVP - Windows Security 2007-2009  |
|
|
|
|
Nov 30 2007, 05:43 PM
Post
#3
|
|
|
New Member Group: Members Posts: 7 Joined: 11-September 07 Member No.: 156,281 |
Word doesn't work, and I don't understand a word of the previous post, and I'm well versed in computer lingo.
The Viewpoint toolbar also installed itself (maybe my brother did it). Today, I've managed to convince Norton to scan. |
|
|
|
|
Nov 30 2007, 06:49 PM
Post
#4
|
|
|
Forum Addict Group: Members Posts: 3,550 Joined: 14-April 06 Member No.: 64,042 |
You can uninstall all Viewpoint related programs from the Add/Remove list.
If you can download a program, install Super Antispyware free in normal mode and run it in safe mode. If you can't stay online long enough to download Super Antispyware then you will need access to another computer to download SAS to a CD and then install it on the infected computer. http://www.superantispyware.com/ How to Start Windows in Safe Mode: http://www.bleepingcomputer.com/tutorials/tutorial61.html This post has been edited by buddy215: Nov 30 2007, 09:23 PM |
|
|
|
|
Nov 30 2007, 10:08 PM
Post
#5
|
|
|
Bleepin' Janitor Group: Global Moderator Posts: 14,074 Joined: 9-July 05 From: Virginia, USA Member No.: 26,513 |
QUOTE I don't understand a word of the previous post Did you click on the underlined blue links which provide more detailed information? Norton detection's of bloodhound exploits can actually be a false detection (untrue) because of how it works. You need to get a second opinion when getting alerts about such exploits which is why I asked you to run the Sysclean Package. You did not answer my question. Did your anti-virus provide a specific file name associated with Downloader and where is it located (file path) at on your system? -------------------- "THE BAD GUYS DON'T NEED A SEARCH WARRANT. ARE YOU PROTECTED?"
Microsoft MVP - Windows Security 2007-2009 |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 9th January 2009 - 01:24 AM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.