Weird Issue with Internet security [Bloodhound.mbr]

Weird Issue with Internet security

Hi, I have the following thing happen, and I find it weird, Norton Antivirus detects tha I have a MBR Virus in disc drive 130, it ids it as Bloodhound.mbr, but I have read that, in fact bloodhound.mbr is nothing more than a generic name give to a non identified virus by norton, which is somewhat confusing.

I have checked with Other Antivirus Programs and I can't find any infected Master boot record, but I am wondering if it may be that Norton got something no other has ID'd either.

Any ideas?

 

Not all AV programs check the MBR of the hard drives. A non identified virus sounds more like a file found to be infected by the use of scanning heuristics, (called Bloodhound in Norton) which is a search for code similiar to the code stored in the AV definition tables, in an attempt to find undiscovered viral code.
The term Bloodhound.MBR as defined by Norton means your MBR is infected by an unknown virus, or is a false positive.
This one appears to be stored on your Master Boot Record, which means it is loaded into computer memory before the operating system (Windows) is loaded.
Why not repair the MBR?
Two methods of repair, depending on your OS.

If you have a dual boot system, skip this paragraph. If 9x/ME, boot the computer with a boot floppy, have write protection enabled (you can see through both holes), choose without CD support, and do this command three times, it will appear to do nothing each time.
fdisk /mbr

If XP, boot with your MS XP CD, boot into Recovery Console, log onto the Administrator account, and use this command.
fixmbr

 

The first time, if I remember, the existing MBR is moved to another location, the second time you would end up moving the previously created MBR to the other location, overwriting the 'original'. The third just to be sure. Not a bad idea for a possible MBR virus.

 

Thanks Guys, I also sent an e-mail to the Symantec people and this is what I received:

Hello Adrian,


Thank you for contacting Symantec Online Technical Support.

I understand from your message that your Norton Antivirus (NAV) detects Bloodhound.MBR.

Adrian, this detection occurs when the scanner heuristics have been set to the highest level and Symantec Ghost is installed with PC Restore enabled. This does not mean that the computer has been infected by a virus.

Please reset the NAV Bloodhound heuristics to the default level to fix the problem.

We have a document in the Symantec Online Knowledge Base, which will provide you with the necessary information on the subject. Please click on the link below, which takes you to the document:

Title: 'Bloodhound.MBR detected when scanning with Norton AntiVirus'
Document ID: 2003082010515706
> Web URL:
http://service1.symantec.com/Support/nav.nsf/docid/2003082010515706?Open&src=con_ols_nam

Please let me know if the issue has been resolved. ​