• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
JMMD

Bloodhound.Overpacked detected in Ad-aware.exe

8 posts in this topic

Anyone else getting this? When norton scanned today it showed Ad-aware.exe as have the Bloodhound.Overpacked trojan and Quarantined it. Symantec's info on the trojan does really help much.

 

Discovered: January 19, 2004

Updated: January 20, 2004 10:12:08 AM PST

Type: Trojan Horse, Virus, Worm

Infection Length: various

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

 

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

 

Disable System Restore (Windows Me/XP).

Update the virus definitions.

Run a full system scan and delete all the files detected as Bloodhound.Overpacked.

 

Symantec antivirus products exclusively use the virus name Bloodhound.Overpacked when a potentially unknown virus is found using Symantec Bloodhound technology. Bloodhound technology consists of heuristic algorithms used to detect unknown viruses. The actual file detected under Bloodhound.Overpacked is likely to be infected with a new, packed, 32-bit Windows virus.

 

Bloodhound.Overpacked is only detected in Portable Executable (PE) files. Bloodhound.Overpacked can detect any file that has been packed many times.

 

ProtectionVirus Definitions (LiveUpdate™ Weekly) January 21, 2004

Virus Definitions (Intelligent Updater) January 19, 2004

Threat AssessmentWildWild Level: Low

Number of Infections: 0 - 49

Number of Sites: 0 - 2

Geographical Distribution: Low

Threat Containment: Easy

Removal: Easy

DamageDamage Level: Low

DistributionDistribution Level: Low

Edited by JMMD

Share this post


Link to post
Share on other sites
Anyone else getting this? When norton scanned today it showed Ad-aware.exe as have the Bloodhound.Overpacked trojan and Quarantined it. Symantec's info on the trojan does really help much.

 

Discovered: January 19, 2004

Updated: January 20, 2004 10:12:08 AM PST

Type: Trojan Horse, Virus, Worm

Infection Length: various

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

 

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

 

Disable System Restore (Windows Me/XP).

Update the virus definitions.

Run a full system scan and delete all the files detected as Bloodhound.Overpacked.

 

Symantec antivirus products exclusively use the virus name Bloodhound.Overpacked when a potentially unknown virus is found using Symantec Bloodhound technology. Bloodhound technology consists of heuristic algorithms used to detect unknown viruses. The actual file detected under Bloodhound.Overpacked is likely to be infected with a new, packed, 32-bit Windows virus.

 

Bloodhound.Overpacked is only detected in Portable Executable (PE) files. Bloodhound.Overpacked can detect any file that has been packed many times.

 

ProtectionVirus Definitions (LiveUpdate™ Weekly) January 21, 2004

Virus Definitions (Intelligent Updater) January 19, 2004

Threat AssessmentWildWild Level: Low

Number of Infections: 0 - 49

Number of Sites: 0 - 2

Geographical Distribution: Low

Threat Containment: Easy

Removal: Easy

DamageDamage Level: Low

DistributionDistribution Level: Low

What year of norton do you have (2004 2005 2006 2007?), do you have the plain anti-virus, internet security, or system works? Also, what is the date on the virus definitions that detected this? (or your current definition’s date, if you are uncertain of the date of the definitions that detected it)

Share this post


Link to post
Share on other sites

norton has also detected this on ad-aware.exe on my pc

i have norton internet security 2005, the virus definitions i have is dated 13/12/2006

it didnt detect the bloodhound.overpacked through a scan. i got a popup message from norton.

i have full system scanned the pc and nothings come up

some pics:

log.gif

pop-up.gif

Edited by kwai

Share this post


Link to post
Share on other sites

Hmm.... 2005 is the older scan engine, but it should be functionally equivalent to 2006 in terms of detections. Also the 2005 version only updates once a week, so it won't change in detection till Wednesday. Please go into your norton quarantine and get details for the backup of this file, find the exact file size an post back here. While you are there, you may also want to try choosing to submit the file to symantec (be sure to include your email address so you can receive a reply), if they reply, post it here.

Share this post


Link to post
Share on other sites

Adaware.exe is being quarantined by my anti-virus also. I have the Enterprise Edition of Symantec Antivirus, V10. This has happened twice now. The first time I reinstalled ad-aware. Submitted to Symantec.

 

 

 

Type: Trojan Horse, Virus, Worm

Infection Length: various

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

 

Symantec antivirus products exclusively use the virus name Bloodhound.Overpacked when a potentially unknown virus is found using Symantec Bloodhound technology. Bloodhound technology consists of heuristic algorithms used to detect unknown viruses. The actual file detected under Bloodhound.Overpacked is likely to be infected with a new, packed, 32-bit Windows virus.

 

Bloodhound.Overpacked is only detected in Portable Executable (PE) files. Bloodhound.Overpacked can detect any file that has been packed many times.

Share this post


Link to post
Share on other sites
Adaware.exe is being quarantined by my anti-virus also. I have the Enterprise Edition of Symantec Antivirus, V10. This has happened twice now. The first time I reinstalled ad-aware. Submitted to Symantec.

This may be a sign that ad-aware is infected with a file infector virus, let us know when symantec emails you back with their analysis.

Share this post


Link to post
Share on other sites

Here is the automated response from Symantec, but not explanation on why the file is being quarantined, or how to make it stop:

 

 

 

 

Below is a status update on your virus submission:

 

Date: December 29, 2006

 

 

Dear ,

 

We have analyzed your submission. The following is a report of our findings for each file you have submitted:

 

filename: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe

machine: M-OFFICE

result: This file is clean

 

Developer notes:

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe is clean and non-malicious.

 

 

We have determined that no virus exists on the samples provided.

Share this post


Link to post
Share on other sites
Here is the automated response from Symantec, but not explanation on why the file is being quarantined, or how to make it stop:

Below is a status update on your virus submission:

 

Date: December 29, 2006

Dear ,

 

We have analyzed your submission. The following is a report of our findings for each file you have submitted:

 

filename: C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe

machine: M-OFFICE

result: This file is clean

 

Developer notes:

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe is clean and non-malicious.

We have determined that no virus exists on the samples provided.

I suggest you contact symantec tech support, use the email or live chat, as they are free. Be sure to mention the reference number from the submission email.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0