If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
msn virus?
I am using windows xp with norton 360 2.0.A few days ago i got a medium level
alert for something called bloodhound. Everyday i scan my computer its back there. I was prompted to close all open programs to fix the problem but i couldnt shut down messenger. A few days later people from my contact list were recieving strange requests sent out apparently by me,such as accept these backgrounds or send pics. I have spoken with norton support staff and done full system scans with them as well as by myself.I have also ran spy and malware with a different program. The full scan showed nothing was wrong with my computer.I have changed my password 3 times. What can it be and what can i do? -- lifes like that |
Ads |
#2
|
|||
|
|||
msn virus?
In one breath you say Bloodhound is there every scan; then a full scan shows
Nothing! Which is it???? Either it is there, or it isn't. Install the 2 Programs below, and scan your System with them (and Norton), in Safe Mode. One scan at a time! http://www.spybot.info/en/index.html Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program. Download, install, update, and immunize your System with it. Then SCAN with it. Update it, and scan your System once a fortnight. http://www.malwarebytes.org/mbam.php Malwarebytes is as the name says, a Malware Remover! For the Free version scroll down their page to either download from Download.com, or Major Geeks.com Download, install, and update. Important Safe Mode If you happen to find a problem that you can’t uninstall / delete, reboot the computer, and go into Safe Mode. To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow key to get to Safe Mode from list of options, then hit ENTER. RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D while in Safe Mode. -- Mad Mike "kirsty" wrote: I am using windows xp with norton 360 2.0.A few days ago i got a medium level alert for something called bloodhound. Everyday i scan my computer its back there. I was prompted to close all open programs to fix the problem but i couldnt shut down messenger. A few days later people from my contact list were recieving strange requests sent out apparently by me,such as accept these backgrounds or send pics. I have spoken with norton support staff and done full system scans with them as well as by myself.I have also ran spy and malware with a different program. The full scan showed nothing was wrong with my computer.I have changed my password 3 times. What can it be and what can i do? -- lifes like that |
#3
|
|||
|
|||
msn virus?
"kirsty" wrote in message
... I am using windows xp with norton 360 2.0.A few days ago i got a medium level alert for something called bloodhound. Everyday i scan my computer its back there. I was prompted to close all open programs to fix the problem but i couldnt shut down messenger. A few days later people from my contact list were recieving strange requests sent out apparently by me,such as accept these backgrounds or send pics. I have spoken with norton support staff and done full system scans with them as well as by myself.I have also ran spy and malware with a different program. The full scan showed nothing was wrong with my computer.I have changed my password 3 times. What can it be and what can i do? -- lifes like that Do a thorough check for malware, following all of the steps at one of these Web pages, including HijackThis. Help with malwa All MS-MVP Sites. http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://www.elephantboycomputers.com/...moving_Malware http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/darnit.html http://www.mvps.org/sramesh2k/Malware_Defence.htm Unexplained computer behavior may be caused by deceptive software. http://support.microsoft.com/kb/827315 So How Did I Get Infected Anyway? For quite a few people it's by installing programs like Messenger Plus, whose ads for malware don't identify the malware as such and try to convince you that you owe it to the author. See also: http://www.wilderssecurity.com/showthread.php?t=27971 Don't ever do a "default" install of anything. Always choose Custom and see what else is being carried along. Don't install any extras you're not sure of. -- Frank Saunders MS-MVP IE,OE/WM Do not reply with email |
#4
|
|||
|
|||
msn virus?
Sorry for my confusion.Norton support ran a full security scan that showed
nothing, yet when i ran my own scans i came up with bloodhound. Anyway. I installed the programs you suggested and with malware anti malware i found a trojan called Trojan.FakeAlert.H that had the same registry keys and values as bloodhound. In the items column it had value:daneza,which i dont understand but i know that was in the bloodhound registry also. It cleaned up everything except it could not clean up C:\windows32\bassy.exe. should i be worried or is it ok? One last thing should i immunise everything that is already checked or will that change settings on my computer. Thanks for all your help so far. -- lifes like that "Mick Murphy" wrote: In one breath you say Bloodhound is there every scan; then a full scan shows Nothing! Which is it???? Either it is there, or it isn't. Install the 2 Programs below, and scan your System with them (and Norton), in Safe Mode. One scan at a time! http://www.spybot.info/en/index.html Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program. Download, install, update, and immunize your System with it. Then SCAN with it. Update it, and scan your System once a fortnight. http://www.malwarebytes.org/mbam.php Malwarebytes is as the name says, a Malware Remover! For the Free version scroll down their page to either download from Download.com, or Major Geeks.com Download, install, and update. Important Safe Mode If you happen to find a problem that you can’t uninstall / delete, reboot the computer, and go into Safe Mode. To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow key to get to Safe Mode from list of options, then hit ENTER. RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D while in Safe Mode. -- Mad Mike "kirsty" wrote: I am using windows xp with norton 360 2.0.A few days ago i got a medium level alert for something called bloodhound. Everyday i scan my computer its back there. I was prompted to close all open programs to fix the problem but i couldnt shut down messenger. A few days later people from my contact list were recieving strange requests sent out apparently by me,such as accept these backgrounds or send pics. I have spoken with norton support staff and done full system scans with them as well as by myself.I have also ran spy and malware with a different program. The full scan showed nothing was wrong with my computer.I have changed my password 3 times. What can it be and what can i do? -- lifes like that |
#5
|
|||
|
|||
msn virus?
Use that Immunise part of Spybot Search & Destroy against future infestation..
Any Malware on your computer is bad. Did you use Safe Mode to scan? Rescan with Malwarebytes in Safe mode, and tick the Radio button "Perform full scan" And scan with Spybot Search & destroy and Norton in SAfe mode as well. And try Frank's ones as well. No single Program will get rid of everything malicious. It becomes trail and error, and using a combination of Programs. -- Mad Mike "kirsty" wrote: Sorry for my confusion.Norton support ran a full security scan that showed nothing, yet when i ran my own scans i came up with bloodhound. Anyway. I installed the programs you suggested and with malware anti malware i found a trojan called Trojan.FakeAlert.H that had the same registry keys and values as bloodhound. In the items column it had value:daneza,which i dont understand but i know that was in the bloodhound registry also. It cleaned up everything except it could not clean up C:\windows32\bassy.exe. should i be worried or is it ok? One last thing should i immunise everything that is already checked or will that change settings on my computer. Thanks for all your help so far. -- lifes like that "Mick Murphy" wrote: In one breath you say Bloodhound is there every scan; then a full scan shows Nothing! Which is it???? Either it is there, or it isn't. Install the 2 Programs below, and scan your System with them (and Norton), in Safe Mode. One scan at a time! http://www.spybot.info/en/index.html Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program. Download, install, update, and immunize your System with it. Then SCAN with it. Update it, and scan your System once a fortnight. http://www.malwarebytes.org/mbam.php Malwarebytes is as the name says, a Malware Remover! For the Free version scroll down their page to either download from Download.com, or Major Geeks.com Download, install, and update. Important Safe Mode If you happen to find a problem that you can’t uninstall / delete, reboot the computer, and go into Safe Mode. To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow key to get to Safe Mode from list of options, then hit ENTER. RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D while in Safe Mode. -- Mad Mike "kirsty" wrote: I am using windows xp with norton 360 2.0.A few days ago i got a medium level alert for something called bloodhound. Everyday i scan my computer its back there. I was prompted to close all open programs to fix the problem but i couldnt shut down messenger. A few days later people from my contact list were recieving strange requests sent out apparently by me,such as accept these backgrounds or send pics. I have spoken with norton support staff and done full system scans with them as well as by myself.I have also ran spy and malware with a different program. The full scan showed nothing was wrong with my computer.I have changed my password 3 times. What can it be and what can i do? -- lifes like that |
#6
|
|||
|
|||
msn virus?
And update Malwarebytes, and Spybot search & destroy in normal Mode, before
you go into Safe Mode Updates for Malwarebytes come out about every 2nd day; Spybot, a couple of times a month. -- Mad Mike "kirsty" wrote: Sorry for my confusion.Norton support ran a full security scan that showed nothing, yet when i ran my own scans i came up with bloodhound. Anyway. I installed the programs you suggested and with malware anti malware i found a trojan called Trojan.FakeAlert.H that had the same registry keys and values as bloodhound. In the items column it had value:daneza,which i dont understand but i know that was in the bloodhound registry also. It cleaned up everything except it could not clean up C:\windows32\bassy.exe. should i be worried or is it ok? One last thing should i immunise everything that is already checked or will that change settings on my computer. Thanks for all your help so far. -- lifes like that "Mick Murphy" wrote: In one breath you say Bloodhound is there every scan; then a full scan shows Nothing! Which is it???? Either it is there, or it isn't. Install the 2 Programs below, and scan your System with them (and Norton), in Safe Mode. One scan at a time! http://www.spybot.info/en/index.html Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program. Download, install, update, and immunize your System with it. Then SCAN with it. Update it, and scan your System once a fortnight. http://www.malwarebytes.org/mbam.php Malwarebytes is as the name says, a Malware Remover! For the Free version scroll down their page to either download from Download.com, or Major Geeks.com Download, install, and update. Important Safe Mode If you happen to find a problem that you can’t uninstall / delete, reboot the computer, and go into Safe Mode. To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow key to get to Safe Mode from list of options, then hit ENTER. RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D while in Safe Mode. -- Mad Mike "kirsty" wrote: I am using windows xp with norton 360 2.0.A few days ago i got a medium level alert for something called bloodhound. Everyday i scan my computer its back there. I was prompted to close all open programs to fix the problem but i couldnt shut down messenger. A few days later people from my contact list were recieving strange requests sent out apparently by me,such as accept these backgrounds or send pics. I have spoken with norton support staff and done full system scans with them as well as by myself.I have also ran spy and malware with a different program. The full scan showed nothing was wrong with my computer.I have changed my password 3 times. What can it be and what can i do? -- lifes like that |
#7
|
|||
|
|||
msn virus?
"kirsty" wrote: Sorry for my confusion.Norton support ran a full security scan that showed nothing, yet when i ran my own scans i came up with bloodhound. Anyway. I installed the programs you suggested and with malware anti malware i found a trojan called Trojan.FakeAlert.H that had the same registry keys and values as bloodhound. In the items column it had value:daneza,which i dont understand but i know that was in the bloodhound registry also. It cleaned up everything except it could not clean up C:\windows32\bassy.exe. should i be worried or is it ok? One last thing should i immunise everything that is already checked or will that change settings on my computer. Thanks for all your help so far. -- lifes like that Yes, you need to worry about this process as it is a viral application and it will regenrate the infestation again! Use the Killbox to either delete in safe mode or on Boot, read the "How to use Killbox to know how to use it. I'm not sue about the path ods the application: C:\windows32\bassy.exe this not correct. But this is correct: C:\Windows\System32\bassy.exe Download Killbox from he http://killbox.net/downloads/KillBox.exe How to use Killbox: http://metallica.geekstogo.com/killboxexplanation.html Use the option for On Boot deletion by telling the Box the path for the App/Process to delete (C:\Windows\System32\bassy.exe) and it will delete it on Boot up. HTH, nass --- http://www.nasstec.co.uk |
#8
|
|||
|
|||
msn virus?
I ran killbox yesterday but had the virus on the computer again today except
it was back in the HKEY registry. The scans seemed to contain it to the bassy file. Should bassy still be on my computer after running killbox? should i run hkey and bassy through killbox? Thanks so far -- lifes like that "nass" wrote: "kirsty" wrote: Sorry for my confusion.Norton support ran a full security scan that showed nothing, yet when i ran my own scans i came up with bloodhound. Anyway. I installed the programs you suggested and with malware anti malware i found a trojan called Trojan.FakeAlert.H that had the same registry keys and values as bloodhound. In the items column it had value:daneza,which i dont understand but i know that was in the bloodhound registry also. It cleaned up everything except it could not clean up C:\windows32\bassy.exe. should i be worried or is it ok? One last thing should i immunise everything that is already checked or will that change settings on my computer. Thanks for all your help so far. -- lifes like that Yes, you need to worry about this process as it is a viral application and it will regenrate the infestation again! Use the Killbox to either delete in safe mode or on Boot, read the "How to use Killbox to know how to use it. I'm not sue about the path ods the application: C:\windows32\bassy.exe this not correct. But this is correct: C:\Windows\System32\bassy.exe Download Killbox from he http://killbox.net/downloads/KillBox.exe How to use Killbox: http://metallica.geekstogo.com/killboxexplanation.html Use the option for On Boot deletion by telling the Box the path for the App/Process to delete (C:\Windows\System32\bassy.exe) and it will delete it on Boot up. HTH, nass --- http://www.nasstec.co.uk |
#9
|
|||
|
|||
msn virus?
It looks like you still have the virus regenerate itself through a script/file somewhere on your HDD or it could be the system restore, did you done a system restore on your computer after the infection and how far? If you wish to send me your Hijackthis log I will be happy to help you further or send to one of many forums on the internet! Download Hijackthis and send me the log. (http://www.trendsecure.com/portal/en...hijackthis.php) my address is : to_you_ross(at remove this and repalce with the obvious)yahoo.co.uk ( _ is underscore) Run disk clean up on your Drive. You can download this tool o run clean up: http://www.ccleaner.com/download/bui...wnloading-slim HTH, nass --- http://www.nasstec.co.uk "kirsty" wrote: I ran killbox yesterday but had the virus on the computer again today except it was back in the HKEY registry. The scans seemed to contain it to the bassy file. Should bassy still be on my computer after running killbox? should i run hkey and bassy through killbox? Thanks so far -- lifes like that "nass" wrote: "kirsty" wrote: Sorry for my confusion.Norton support ran a full security scan that showed nothing, yet when i ran my own scans i came up with bloodhound. Anyway. I installed the programs you suggested and with malware anti malware i found a trojan called Trojan.FakeAlert.H that had the same registry keys and values as bloodhound. In the items column it had value:daneza,which i dont understand but i know that was in the bloodhound registry also. It cleaned up everything except it could not clean up C:\windows32\bassy.exe. should i be worried or is it ok? One last thing should i immunise everything that is already checked or will that change settings on my computer. Thanks for all your help so far. -- lifes like that Yes, you need to worry about this process as it is a viral application and it will regenrate the infestation again! Use the Killbox to either delete in safe mode or on Boot, read the "How to use Killbox to know how to use it. I'm not sue about the path ods the application: C:\windows32\bassy.exe this not correct. But this is correct: C:\Windows\System32\bassy.exe Download Killbox from he http://killbox.net/downloads/KillBox.exe How to use Killbox: http://metallica.geekstogo.com/killboxexplanation.html Use the option for On Boot deletion by telling the Box the path for the App/Process to delete (C:\Windows\System32\bassy.exe) and it will delete it on Boot up. HTH, nass --- http://www.nasstec.co.uk |
Thread Tools | |
Display Modes | |
|
|