Hi, could you please help me with removal of bloodhound.exploit.196 virus? Already ran scan by Symantec, but it seems to stay in the registers. Is there a manual way of removing it? Will be glad for your hints. Thanks

Follow: 1) Install, update database and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log, fix anything detected. 2) Run full Scan with SuperAntispyware : http://www.superantispyware.com/dow... . Fix what it detects and post summary scan log. If I'm helping you and I don't reply within 24 hours send me a PM.

Its still getting detected? If I'm helping you and I don't reply within 24 hours send me a PM.

hi jdk, I sent you a message with detection and the result form the softwares, thank you for your effort.

I got this from a website: Below is a list of Bloodhound.Exploit.196 manual removal instructions and Bloodhound.Exploit.196 components listed to help you remove Bloodhound.Exploit.196 from your PC. Backup Reminder: Always be sure to back up your PC before making any changes. To remove Bloodhound.Exploit.196, you must first stop any Bloodhound.Exploit.196 processes that are running in your computer's memory. To stop all Bloodhound.Exploit.196 processes, press CTRL+ALT+DELETE to open the Windows Task Manager. Click on the "Processes" tab, search for Bloodhound.Exploit.196, then right-click it and select "End Process" key. To delete Bloodhound.Exploit.196 registry keys, open the Windows Registry Editor by clicking on the Windows "Start" button and selecting "Run." Type "regedit" into the box and click "OK." Once the Registry Editor is open, search for the registry key "HKEY_LOCAL_MACHINE\Software\Bloodhound.Exploit.196." Right-click this registry key and select "Delete." Finally, to completely get rid of Bloodhound.Exploit.196, you must manually remove other Bloodhound.Exploit.196 files. These Bloodhound.Exploit.196 files can be in the form of EXE, DLL, LSP, TOOLBAR, BROWSER HIJACK, and/or BROWSER PLUGIN. For example, Bloodhound.Exploit.196 might create a file like %PROGRAM_FILES%\Bloodhound.Exploit.196\Bloodhound.Exploit.196.exe. Locate and remove these files. Some HELP in posting on Computing.net plus free progs and instructions Cheers

Hi, posting also here the outputs, thank you for you effort ! SuperAntiSpyware ================= SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 08/24/2009 at 05:37 PM Application Version : 4.27.1002 Core Rules Database Version : 4059 Trace Rules Database Version: 1999 Scan type : Complete Scan Total Scan Time : 01:56:29 Memory items scanned : 1179 Memory threats detected : 0 Registry items scanned : 8616 Registry threats detected : 3 File items scanned : 36575 File threats detected : 43 Browser Hijacker.Internet Explorer Zone Hijack HKU\S-1-5-21-1957994488-842925246-40105171-934998 \SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\compaq.com.br HKU\S-1-5-21-1957994488-842925246-40105171-934998 \SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\compaq.com.br#* HKU\S-1-5-21-1957994488-842925246-40105171-934998 \SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\compaq.com.br#http Adware.Tracking Cookie C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ media.adrevolver[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ad2.billboard[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ tribalfusion[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ doubleclick[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ collective-media[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ads.oxyonline[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ advertising[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ et.idnes[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ media.adrevolver[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ adrevolver[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ehg-techtarget.hitbox[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ serving-sys[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ at.atwola[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ insightexpressai[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ linuxquestions[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ interclick[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ads2.czc[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ content.yieldmanager[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ mediaplex[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ atdmt[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ idnes[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ invitemedia[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ revsci[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ads.stackoverflow[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ 2o7[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ad.yieldmanager[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ ads.sun[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ hitbox[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ tdstats[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ perf.overture[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ tacoda[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ bs.serving-sys[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ toplist[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ statcounter[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ questionmarket[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ apmebf[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ adserver.adtechus[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ apmebf[1].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ atdmt[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ doubleclick[2].txt C:\Users\gebeova\AppData\Roaming\Microsoft\Windows\Cookies\gebeova@ msnportal.112.2o7[1].txt Trojan.SVCHost/Fake C:\PROGRAM FILES\REMOTE TOOLS\MSRA-TEMP\SVCHOST.exe C:\PROGRAMDATA\MICROSOFT\NETWORK\CONNECTIONS\CM\MSRA- CA\SVCHOST.exe Malware Software ================= Malwarebytes' Anti-Malware 1.40 Database version: 2644 Windows 6.0.6002 Service Pack 2 8/24/2009 5:14:47 PM mbam-log-2009-08-24 (17-14-47).txt Scan type: Quick Scan Objects scanned: 101739 Time elapsed: 1 hour(s), 35 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

HI XpUser4Real, thank you for your suggestion, but I have no such services, no such registry at my PC :(, but the virus still producing lot of small files ... means my PC is still infected. Any other suggestion come to your mind ? thanks, gg