Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Bloodhound.boot.string virus

59 views
Skip to first unread message

Shirley Harms

unread,
Jul 26, 1998, 3:00:00 AM7/26/98
to
Configuration Information:
Version: 4.0
------------------------------------------------------------

Recent virus update produced a message saying I had the
Bloodhouse.boot.string virus in my Master Boot Record. System was
unable to clean. Attempts at rescue / restore disabled my modem and
did not get rid of the virus. Obviously I was able to restore the
modem since I am leaving this message.

Also I have read conflicting information about this virus on the web
site. At the dictionary location this was described as a generic
term for an unknown virus, while in the chat area it was referred to
as a specific virus. Which is correct? How harmful is it? and how
do I get rid of it?

I tried to create a virus sample disk, but the virus does not show up
when I scan the diskette.

Any help???

Steve Topilnycky <S.S.V.>

unread,
Jul 27, 1998, 3:00:00 AM7/27/98
to
Shirley,
Thanks for visiting the Norton AntiVirus Online Support area.

Bloodhound is a technology exclusive to Norton Antivirus software. It does
not
detect "known viruses." In an effort to located unknown infections, this
technology recognizes patterns of code that are typically used by viruses.
Because the Norton Bloodhound technology detects potential viral code, we
cannot know exactly what is being detected without taking a closer look and
we
do not do repairs until we know it is an actual virus exists. Bloodhound may
be
detecting an unknown virus as designed, but it could be virus fragments left
over from a previous incomplete repair or broken virus, or Bloodhound may be
barking at an unfamiliar custom boot record.

Bloodhound has proved to be a success in that we have received several
samples
that are actual viruses and we will be creating new virus definitions to
repair
these viruses. As mentioned above, we might occasionally run into virus
fragments and code left behind from improperly removed boot managers.

Part of Bloodhound's training is to gather information regarding the MBR of
those systems that it is triggering on. It would be most helpful if we
could
get a sample of your Master Boot Record. I will send you a file and
instructions that will assist you in creating the sample. Please let me
know
if you have not received this file by the end of today.

Another thing you may wish to do in the meantime is to format a diskette and
copy the system files to it: FORMAT A: /S. Then scan the floppy with NAV.
It
Bloodhound isn't detected, there's a good chance you don't have a virus.

Please don't hesitate to let me know if I may be of any further assistance.


--
Steve Topilnycky
Symantec Norton AntiVirus Support Volunteer
================================================================
Please continue to post your messages to the public discussion group as
Symantec does not provide support via private e-mail. Thank you.

If you have difficulty getting a response, please read the following
article:

http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/1998527114414

Home Brewed Computing Solutions (My Home Page):
http://ourworld.compuserve.com/homepages/steve_topilnycky/
=================================================================


Shirley Harms wrote in message <980626010148.3268721863@servicenews>...

0 new messages