Gentlemen..I'm in Trouble!!! :(

While surfing the net, I somehow contracted a Virus called "Bloodhound.Exploit.17" that I can't seem to be able to get rid of. Everytime I log onto my computer, no matter what page I try to go to, I keep being switched to pages where people are trying to sell me things that I don't want. I've tried Norton Antivirus, Norton Systemworks, Hijack This,Webroot Spysweeper, and Antivirus, and so far nothing has worked. If anyone out there has had this problem in the past and found a way to get rid of it, please, any assistance will be highly appreciated!

[ 10-21-2004, 05:13 AM: Message edited by: garfield ]

Try to go to this site:

http://housecall.antivirus.com/housecall/start_frame.asp

It will scan your system online, i've used with good results in the past.....

Here's more info...

http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.17.html

Garfield, have you tried running any of these removal programs in safe mode? Usually trojans load when Windows starts and cannot be removed while they are running.

Reboot your PC and press F8 after your hardware posts to enter safe mode.

Uninstall Webroot Spysweeper
Download
http://www.safer-networking.org/files/spybotsd13.exe
and
http://www.safer-networking.org/files/spybotsd131tx.exe

Install 1.3, then install 1.31tx, then run Spybot and do a search for updates, check all the boxes and make sure it downloads all the available updates.
Reboot, press F8 during bootup to select Safe Mode
Run Spybot scan on your system, have it fix everything.
I also recommend running HiJackThis at this point in time and look thru for any weird dll files that might be loading, write down what you select to fix, then have hijackthis fix it.
Reboot back into normal mode.

Some spyware software is now getting so advanced that it employs root kits which can hide processes/files from the OS!! I've had a system with such a root kit that kept bringing his friends back after I would clean the system up a few days later. I then booted into recovery console and look at the system32 and windows folders and was able to identify the file and remove it so that it wouldn't load on bootup. Hit me up if the above instructions make it go away for a few hours or days but then comes back.

Another thing you can try is using another internet-explorer.
I had a similar problem with my computer, except when I was trying to go to a website to download software to 'kill' this problem(housecall,spybot, etc. etc.) I was redirected to other pages, and not able to leave them.
It seemed that these viruses needed MS Internet Explorer to work, so I installed the free Opera web-browser as new internet-explorer www.opera.com (http://www.opera.com) . It worked very fine, now I could download programs and delete the virus.

Goodluck

Thanks everyone smile.gif

Sorry it took me so long to get back. I started this thread on my computer at work, and since then haven't been able to get to you guys. I managed to re-install Norton Systemworks and ran all of their updates. I somehow managed to get rid of the BloodHound Virus , but noticed that I had caught a few other backdoor viruses with it. Each time I ran Norton Antivirus it seemed to catch them all one by one. My computer is running 90% better than it was at first, but
still not where she was origionally. I'm gonna try all that you guys suggested and if it fails I come back and post the results here.

Thanks everyone graemlins/thumbsup.gif

I had to run Ad-Aware to clean up my computer at work. Somehow a pop up window popped up just as I was clicking on a weather link and installed a bunch of crap on my computer. Ad-Aware is a pretty powerful program.

Ad-Aware and Spybot used together cleans just about everything out there.

I have added Giant Software's AntiSpyware tool to my kit in the battle against this crap. It does a fine job when used in conjunction with the others that have been mentioned.

www.giantcompany.com (http://www.giantcompany.com)

Trend Micro is the best AV software out there in my opinion. I would not use Norton even if it was the only one out there.

Garfield I had the same bloodhound.exploit virus on my sons machine that was running XP Pro. Nothing got rid of it for good. Webroot's Spysweeper managed to remove it, but also made XP unloadable. This is a very nasty virus and they seemed to have covered their tracks with it. I could install a program I downloaded from PCworld that prevents the hijacking of my homepage. However once I closed Internet Explorer and shut down the machine at the next reboot the virus would take over and redirect the homepage again.

Like I said Spysweeper did get rid of it. Spybot, adaware and all the others won't help on this one, I tried them all. But you are going to lose your operating system and of course it disables your last saved settings feature. One of the things it does is disables the autorun feature of your disc drives so you can't launch a program from them to sweep the virus. It also managed to prevent me from manually running Norton and of course reloading Norton. I ended up reloading the operating system from DOS during the post. It took a few hours, but the machine now functions like it did when it was new. I know a few other people who have gotten this virus including a co-worker who had his own PC business. No one I know has been able to save their machine without doing a system restore when this virus attacked them.

We need to build more prisons to "host" these people at who have nothing better to do with their time than send out viruses.


Spysweeper is very good, however not without problems. In it's original form it worked well. However once I updated the definitions and the program from Webroots site it now removes the DLL file needed to run Panicwares Pop-up blocker. It doesn't tell you or show the file on the list of items it is about to remove. It just shows up on the next reboot that the file HOOK.DLL is missing. So everytime you run Spysweeper in it's revised updated form you now have to redownload Panicware's Popup blocker and install it. There's probably a fix, but I haven't got the time for it.
Good Luck.

I have WeBroot Spysweeper and it seemed to get rid of some of the problems, but my system still didn't run the way it did at first. One of my buddies gave me a CD that is loaded with almost every type of anti-virus, anti-worm and spyware you could imagine. Before I used anything, everytime I tried going to a selected website I kept getting sent to several different ones that were all trying to sell me something. I still have the same problem now, but the unwanted websites I keep getting sent to have been narrowed down to just two. I've been advised to run one called CWShredder that's supposed to be very good at killing hi-jack programs and viruses. Tomorrow when I get home from work I'm gonna try this one and see if this will get rid of this trouble for good!

Another way to stop the redirection is to hit ctrl alt del and check your running processes in the task manager. You'll have to experiment with ending some of the programs displayed to determine which are redirecting your browser. If you can get the malware/ trojans to terminate from the system tray (sometimes they auto restart) you can edit the registry to remove the start commands. Not easy, but works most every time.

this same thing happened to my computer at home , I have been without my home computer for over a month I tried everything , spy bot ,, some spyware remove programs , tried norton , I was unable to even search the net at all , mine even took over my address bar I could not type in a link to go to , it just changed on it's own ,,
I finally got all my paperwork out from when me and my long since gone credit card bought my computer ,, I found that hey gave me a CRASH DISK ,I read how to do it and went for it , it erased everything that was ever on my computer and reloaded the original programs like when it was new ,,, and here I am again ,, I know that is drastic but I was sick and tired of that crap ,,,

Well guys...

I tried everythnig I knew "all in vain" to get this thing back to its origional point of operation. After trying everything that was suggested to me, I finally decided to just re-format the entire hard drive and reinstall Windows all over again. There was nothing on here of any real importance that I couldn't reload anyway, so I didn't lose any valuable data.

anyway.. she's up and running full speed now!!!

Thanks everyeone graemlins/thumbsup.gif