User Profile
Ok here goes.

I have emailed and pm'd admin

bloodhound is the name norton anti virus (nav) gives to anything it doesn't recognise. Nav will alsmost always bash this before it can even quarantine it.
Consequently only nav will ever find a bloodhound as it is nav's way of saying "dunno what it is but I killed it for you"

if you have nav or other anti virus software the chances are you are ok simply delelte any temporary files relating to it as the were created by nav as it bashed it.

Google is the culprit and unfortunately ehealth being a phpbb board has been swept along.

I run regular software and I haven't picked up anything although I am behind a firewall albeit a weak one.

The santy worm uses a flaw, announced last week, in the software that interprets web pages written in the widely used scripting language php: hypertext preprocessor (php). However, rather than attempt to infect all web sites running php, the worm instead targets a specific application--the php bulletin board (phpbb)--and searches google for vulnerable sites, antivirus firm kaspersky said in a statement.

Almost 40,000 sites may have already been infected. Using microsoft's search engine to scan for the phrase "neverevernosanity"--part of the defacement text that the santy worm uses to replace files on infected web sites--returns nearly 39,000 hits.
Did you find this post helpful?
|

User Profile
replied December 22nd, 2004
Community Volunteer
More research:-


"santy.A is spreading rapidly," antivirus firm kaspersky stated in a new release published tuesday. "however, this does not directly affect users. Although the worm infects web sites, it does not infect computers used to view those sites."

after it has taken over a site, the worm deletes all html, php, active server pages (asp), java server pages (jsp), and secure html pages, and replaces them with the text, "this site is defaced!!! This site is defaced!!! Neverevernosanity webworm generation x," according to kaspersky. For "x," the worm inserts a number representing how far the current instance of the program is descended from the original worm release. Msn searches have found 24th generations of the worm.
|
Did you find this post helpful?

replied December 22nd, 2004
Experienced User
Just trying to reply to this post norton came up and told me that there are 4 viruses on my computer. Yesterday I ran norton all day and had a total of 5-6 viruses and 75 threats. Norton deleted some but every time I get on this board I pick up more. Just had my computer completely re built. Yuk!!!!!
Les
|
Did you find this post helpful?

User Profile
replied December 23rd, 2004
Community Volunteer
I really can't say where they are coming from but these worms using google to spread are exploitative only to the forum and not the users.
The goal of the worm is to make the forum display "this forum is defaced" I mean how dumb is that. What a waste of brain power.

Only people with nav are seeming to get these viruses showing up and I am begining to wonder if nav has something going on right now.

I do not have anything except a weak firewall and I am on a lan. I have not stopped coming to ehealth and I haven't picked anything up.
I have tracked back the pages that are trying to open and some jerk has a whole pages that just displays "whazzup?" hmmmmmm

all I can say is run your checks, but nav should block any viruses anyway - after all that is the point of it.

Nav will tell you a virus threat each time it encounters something it doesn't know and it doesn't know these worms so that is possibly why you are getting these messages - do a search (pref not google right now) and find any nav updates.
|
Did you find this post helpful?

replied December 29th, 2004
Extremely eHealthy
I have bullguard and every now and then it will pop up several windows saying that it's caught a virus.. I have run it and ran a disk cleanup but that hasn't seemed to work.
|
Did you find this post helpful?

replied January 5th, 2005
Different Worm/virus
Everytime I come here anti-virus prg says exploit veryify and one other trojan have infected my computer. I have to run my scanner, find them and delete them.

Everytime I come here it infects me 2-4 times.

Exploit verify trojan makes a backdoor so hackers can do anything they want on your computer, so it does affect me-as a user.
|
Did you find this post helpful?

replied January 5th, 2005
Extremely eHealthy
Mine says exploit.Html.Mhtredir.Gen.. what is that?
|
Did you find this post helpful?

replied January 5th, 2005
the Other One
Thats teh other one besides verify that my virus scan says I get when I come to ehealth.
|
Did you find this post helpful?
Quick Reply