Symantec AV 2003

  • Thread starter Thread starter cabrooks
  • Start date Start date
C

cabrooks

Hi All,

I have recently been tasked with cleaning a system of a
ton of spyware. I installed the MS Antispyware and it
seems to do a pretty good job of finding and removing the
spyware. The reason for this post is that the system is
running Symantec Antivirus 2003 and it keeps flagging the
clean.log file with this nmessage:

"C:\Program Files\Microsoft AntiSpyware\cleaner.log
Click for more information about this virus :
Bloodhound.Exploit.6"

I receive this message about 20 to 30 times per scan. I
have found nothing on the Symantec website so I thought
to seek some assistance here.

Thanks!
 
Hi CA,
Are you sure you don't have some critters running around in there also? I
would suggest running an online AV scan thru PandaSoftware or TrendMicro to
determine if the unit is squeaky clean.

Ron Chamberlin
MS-MVP
 
http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.6.html

If I am recalling correctly, this is one of those critters that is diagnosed
solely on the basis of ascii text strings that are taken to be improper
HTML.

If you want another opinion, and your log file isn't too large, you could
try submitting to:

http://www.virustotal.com
http://virusscan.jotti.org

and see what current definitions from multiple vendors have to say.

You might want to bring the definitions current in both scanners--consider
downloading the new .509 build just made available February 16th.--and
restart in safe mode and scan separately with each app. Even turn off NAV's
real-time protection during the Microsoft Antispyware scan.

I haven't had other reports of this happening, but can imagine that this
could be caused by strings written to the log file in relation to actual
threats found on the machine. This kind of detection is prone to false
positives.

In any case, if you are patched to date--i.e. have MS04-013 in place, you
are protected and this detection is of no consequence.
 
Hi Ron,

Thanks for the suggestion. I'll make sure to hit most of
the online scanners to make sure all is clean.
 
Back
Top