bloodhound.mbr (Acer)

Hey guys!

Has anyone else noticed that when you've a laptop from Acer and a software Symantec Norton Internet Security that Antivirus (when bloodhound heuristic level = high) finds bloodhound.mbr from the master boot record area?

I didn't find any useful information from Symantec homepages about bloodhound.mbr, but there was said that if you have ibm recovery tools or symantec ghost, antivirus recognize recovery tools as a virus. I don't have symantec ghost or ibm recovery tools - but I have Acer eRecovery tools.

Well, when I scan manually my computer with NIS2004 and heuristic level = high, it always finds "bloodhound.mbr". When heuristic level is set to "default", antivirus doesn't find any viruses at all.

How can I be sure that I have no viruses on mbr-area??

 

I'm enccountered exactly the same problem.

I supose this:

When NAV detects a unknown suspicious file using Bloodhound technology in "high" mode, it names the file as "bloodhound.(anything)". But I'm not sure if it is a virus.

Optionally, you can check he computer with an online antivirus if you want to be sure.

Does anyone have a more specific knowlegde?

 

Hmm.. Interesting. Never seen that before.
Personally I don't think its a virus. I just think that Norton is being too restrictive.

 

I haven't seen that one. Just a thought have you check for the "definitins" on nortons web site, worth a shot.

Valsmere

 

If you're using the original OS load that came with the unit, it's possible it's detecting Acer's Hidden Recovery Partition info. Since it's not a standard Master Boot Record, it may have some additional info in there. NAV may just be detecting that it's a non-standard MBR and therefore thinks it's a virus.

-Vb-

 

I have an Acer to. And with Norton Antiv I've got the same virus type, but the f-prot also found an unnamed a virus in the masterboot.

 

And I have the same problem, and I also might have a solution. It so happens that really had this virus before, and I removed it with Antivir (which is a shareware) on another computer. But Antivir does not find bloodhound.mbr on my Acer notebook, although Norton Antivirus does. So I believe there is no virus really.

Bloodhound.mbr is a virus which modifies master boot record of the hard drive so that (sometimes, I think) the system sees additional drive which is not really there and which causes some problems. Now Acer notebooks are modified so that there really is one more disc than it is shown in My Computer folder. This disc is called PQSERVICE (not C:, not d: etc) and in my case it is 3 GB big. You can see it in control panel > administrative tools > computer management > hard drives (names may be little different, I don't really have English version of Windows).

It is my guess (and hope that Norton Antivirus sees this Acer's modification as a bloodhound.mbr virus.

 

Well I have a Acer PC, RC 500. It actually got infected by a virus so used the CDs provided. Found out that the package also included a Norton Antivirus cd and installed it.

Then, could this message when I scanned-
The Master Boot record of drive #0 is infected with Bloodhound.MDR virus.

Tried to remove it using Norton but to no avail. Thought of reformatting but decided to go on the internet first. Really glad that i did.

Did the suggested, and it worked ( lowered the setting and it was not found. Used Administrative tools and found a hidden drive, with no drive letter, 1.95 GB Fat32 and Healthy (EISA Configuration). Thank you "wworld" for saving a lot of my time. Internet and people you share rule.

 

So the best thing to do is to forget the virus exists and to "co-exist" with the virus?

 

Hi, I also have this same problem with the Acer Aspire Desktop pc. I've done a little research and and still not 100% sure if what im understanding is true. I have heared that bloodhound.mdr is a program created by symantec that sniffs for viruses and corrupt files. I'm on the phone right now with microsoft tech support. If they give me a solution to the problem I will post back.

 

Norton AV reported a problem with my pc's due to a bad definition. They never did admit they screwed up. By 4 days later they released another update which corrected the problem, after I had restored 5 pc over the weekend. Any company that will not publicly or privately admit they mad a mistake can not be trusted. Do to there lace of acknowledgment they load a 2000+ contract. Do you self a favor and uninstall Norton before it ruins you nb. If you let it expire your pc will never work right. Move to Avira AV (free) and Comodo FW, you machine will run a lot faster.