Unsolved
This post is more than 5 years old
4 Posts
0
2938
Bloodhound virus
Hi all.
I hope I'm on the rite place.
My issue is I have the Virus which my Norton Anti Virus detected.
Well I tried everything that I was supposed to do but couldn't get rid of it.
So, I went to the Norton site and talked to a tech there and this is the chat I had with him.
Now when it comes to cleaning the registree. I don't have a clue as what to do. I just figure with someones help, I can fix it for a bunch less then $99.95.
Am I dreaming or not?
Can you hepl me out?
Thank you.
I'm running a Demension 3000 with XP
Chat ID: bc83c5a1-8ff0-4bfd-ba6b-0da237db7962
Problem : I'm trying to submit a virus BloodHound.Exploit. It won't go so it tells me to contact Tech.
Ather: Hello Mr. mike stout. My name is Ather.
Ather: Thank you for contacting Symantec Technical Support.
Mr. mike stout: Hi there.
Ather:
Problem : I'm trying to submit a virus BloodHound.Exploit. It won't go so it tells me to contact Tech.
Ather: Hello Mr. mike stout. My name is Ather.
Ather: Thank you for contacting Symantec Technical Support.
Mr. mike stout: Hi there.
Ather:
Please make a note of the Chat Request Id [2849706] for this chat session.
Hi, how are you doing today? Please let me know if you are contacting us for the first time?
Mr. mike stout: First time yes
Ather:
I understand from your message that you want to remove Virus or trojans threats from your computer. Am I correct?
Mr. mike stout: You bet
Ather:
In order to remove Virus or trojhan threats from your computer we have separate department called Virus Removal department.
Please stay connected while I connect your session to Virus Removal department to remove Virus from your computer.
Please be on hold while I transfer this session.
Ather: SYMC_TRANS:ESCALATE
Abhilash: Welcome to Symantec Virus & Spyware Solutions.
Hi, how are you doing today? Please let me know if you are contacting us for the first time?
Mr. mike stout: First time yes
Ather:
I understand from your message that you want to remove Virus or trojans threats from your computer. Am I correct?
Mr. mike stout: You bet
Ather:
In order to remove Virus or trojhan threats from your computer we have separate department called Virus Removal department.
Please stay connected while I connect your session to Virus Removal department to remove Virus from your computer.
Please be on hold while I transfer this session.
Ather: SYMC_TRANS:ESCALATE
Abhilash: Welcome to Symantec Virus & Spyware Solutions.
Is this the first time you are contacting us or do you have a Priority ID?
Mr. mike stout: Hi.First time
Abhilash: I shall now create a new Priority ID for you. So I would like to gather certain information from you.
Mr. mike stout: Ok
Abhilash: May I verify your name as Mike Stout for our records?
Mr. mike stout: yes
Abhilash: May I know which country you are connected from?
Mr. mike stout: USA
Abhilash: Please let me know which Symantec product you are using and its version/year
(Product name like Norton Internet security or Norton Antivirus or Norton 360 and the version year is like 2005, 2006, 2007 or 2008 )
Mr. mike stout: Norton Internet secutity and anti virus.
Abhilash: Please open your Norton product and look at the lower right hand corner of the window to find the product name and version year, like Norton Anti Virus or Norton Internet Security 2005 or 2006 or 2007.
Mr. mike stout: 2006
Abhilash: May I know which Operating System do you have on the computer? (Operating System would mean Windows Vista, Windows XP, Mac OS, etc.)
Mr. mike stout: Internet security
Mr. mike stout: XP
Abhilash: As I understand from your description, you are trying to submit a virus BloodHound.Exploit . Am I correct?
Mr. mike stout: yes
Abhilash: Bloodhound.Exploit.is a heuristic detection for the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability
Mr. mike stout: ok
Mr. mike stout: now what?
Mr. mike stout: I don't have a clue what your telling me.
Abhilash: Are you chatting with me from the infected computer?
Mr. mike stout: yes
Abhilash: Once there is infection on your computer, they would normally try to spread to other files on your hard drive and to other computers/devices connected to your system. Most of the times, they create/manipulate entries and keys in your windows registry. In these cases we need to manually remove these registry entries and also remove the infected files.
Mr. mike stout: Hi.First time
Abhilash: I shall now create a new Priority ID for you. So I would like to gather certain information from you.
Mr. mike stout: Ok
Abhilash: May I verify your name as Mike Stout for our records?
Mr. mike stout: yes
Abhilash: May I know which country you are connected from?
Mr. mike stout: USA
Abhilash: Please let me know which Symantec product you are using and its version/year
(Product name like Norton Internet security or Norton Antivirus or Norton 360 and the version year is like 2005, 2006, 2007 or 2008 )
Mr. mike stout: Norton Internet secutity and anti virus.
Abhilash: Please open your Norton product and look at the lower right hand corner of the window to find the product name and version year, like Norton Anti Virus or Norton Internet Security 2005 or 2006 or 2007.
Mr. mike stout: 2006
Abhilash: May I know which Operating System do you have on the computer? (Operating System would mean Windows Vista, Windows XP, Mac OS, etc.)
Mr. mike stout: Internet security
Mr. mike stout: XP
Abhilash: As I understand from your description, you are trying to submit a virus BloodHound.Exploit . Am I correct?
Mr. mike stout: yes
Abhilash: Bloodhound.Exploit.is a heuristic detection for the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability
Mr. mike stout: ok
Mr. mike stout: now what?
Mr. mike stout: I don't have a clue what your telling me.
Abhilash: Are you chatting with me from the infected computer?
Mr. mike stout: yes
Abhilash: Once there is infection on your computer, they would normally try to spread to other files on your hard drive and to other computers/devices connected to your system. Most of the times, they create/manipulate entries and keys in your windows registry. In these cases we need to manually remove these registry entries and also remove the infected files.
Manipulating the registry is sometimes very precarious and is to be done with extreme care, since any incorrect changes could mean that the computer’s functioning could be altered maybe even unchangeably altered. Hence it is always recommended that only a trained expert do this for you.
Mr. mike stout: ok
Abhilash: Do not worry, in this situation, if you wish our expert consultants will do a complete diagnosis of your system, and troubleshoot any malware present on your computer. If required and if your system permits they can connect to your computer remotely and do all this for you directly.
Mr. mike stout: Yes
Mr. mike stout: I thuoght my antivirus was supposed to stop these problems.
Abhilash: There can be several possible reasons for this:-
Mr. mike stout: ok
Abhilash: Do not worry, in this situation, if you wish our expert consultants will do a complete diagnosis of your system, and troubleshoot any malware present on your computer. If required and if your system permits they can connect to your computer remotely and do all this for you directly.
Mr. mike stout: Yes
Mr. mike stout: I thuoght my antivirus was supposed to stop these problems.
Abhilash: There can be several possible reasons for this:-
1. The infected file is active on your computer;
2. It is sort of "embedded" into your browser (such as an Add-on) or into some other running softwares/applications;
3. The infected has "assumed" system file status/rights and hence it cannot be simply deleted.
Mr. mike stout: Is it being controled?
Abhilash:
These are possible reasons, but we can only know the actual reason once a detailed diagnosis is complete.
2. It is sort of "embedded" into your browser (such as an Add-on) or into some other running softwares/applications;
3. The infected has "assumed" system file status/rights and hence it cannot be simply deleted.
Mr. mike stout: Is it being controled?
Abhilash:
These are possible reasons, but we can only know the actual reason once a detailed diagnosis is complete.
Your Norton software attempts to override these; however it is not always possible, since we need to adhere to various software conventions/standards, some of which could be set by the Operating System.
Mr. mike stout: Ok
Abhilash: We are providing you the best technicians in the industry.
Abhilash: Before we proceed, I would like to inform you that this is a paid consultation service.
Mr. mike stout: Thank you.
Mr. mike stout: I hope so.
Mr. mike stout: Figures. How much?
Abhilash: The Consultation fee would be US $99.95.
Abhilash: For your computers safety, I would suggest you to let one of our experts to handle this delicate issue at the earliest as we provide 100% guarantee for the virus removal.
Mr. mike stout: I guess my new computer won't have Norton for it's protection.
Abhilash: Is there anything else I can help you with?
Mr. mike stout: nope
Mr. mike stout: Ok
Abhilash: We are providing you the best technicians in the industry.
Abhilash: Before we proceed, I would like to inform you that this is a paid consultation service.
Mr. mike stout: Thank you.
Mr. mike stout: I hope so.
Mr. mike stout: Figures. How much?
Abhilash: The Consultation fee would be US $99.95.
Abhilash: For your computers safety, I would suggest you to let one of our experts to handle this delicate issue at the earliest as we provide 100% guarantee for the virus removal.
Mr. mike stout: I guess my new computer won't have Norton for it's protection.
Abhilash: Is there anything else I can help you with?
Mr. mike stout: nope
Bugbatter
20.5K Posts
0
January 8th, 2008 21:00
** There is a list of trained analysts at the top of that board in the Announcements. If someone else replies, it will be your decision whether or not you want to take advice from them.
Please download HJT Installer from Here to your desktop.
If not available use this alternate link: Here
Click the Download button.
When the Trend Micro HJT install box appears, double click on the HJTInstall.exe.
Click on Install.
It will be installed by default here: C:\Program Files\Trend Micro\HijackThis
A shortcut to the application will also be placed on your Desktop.
The program will open automatically after installation.
You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder.
The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.
Close all open windows except HijackThis.
Click on " Do a system scan and save logfile" When the log pops up in Notepad copy and paste that file as a NEW MESSAGE on the HijackThis Board.
Before closing HJT, please click on the Analyze This button. "Analyze This" is for Trendmicro use, and does not mean "Analyze My Log". You must post on the forum in order to receive an analysis of your log.
Close the web page that appears and then close the program HJT.
Posting Your Log:
1. Just click the New Message button in the HijackThis forum here: http://www.dellcommunity.com/supportforums/board?board.id=si_hijack
to start your own thread requesting assistance.
2. In the Message Body window that opens, simply Right-Click and select Paste.
3. Please add text to describe your symptoms.
4. Include in the message subject line a description of your problem. For example, "Popups warning of infection".
5. Make certain you post the entire log by clicking the Preview Post link at the bottom of the window and comparing it to the log from your scan before you click Submit Post
** Note: "The box next to Automatically convert carriage returns to HTML line breaks" should be checked if that appears at the bottom of your Message Body when composing your post.
* DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or required.
davidearnest
71 Posts
0
January 8th, 2008 21:00
MikeStout55
4 Posts
0
January 8th, 2008 23:00