Snapview.ocx is a control that comes with Access. It used to silently download and automatically itself in the background, being a Microsoft-signed control. At which point, vulnerabilities in snapview.ocx would be used to exploit a user's machine.
This mode should outdated for these reasons:
1) the vulnerabilities are (in theory) fixed for any user with updates past mid-August 2008, or anyone who has XP SP3 or Vista
2) If your security settings for MIE are properly setup, you should be prompted to download the control
3) The average user has no use for it, so you don't have to download it when prompted.
Bloodhound.Exploit is a generic Symantec label for the file (or files) which downloads and open a pdf via the Adobe Reader. The pdf then loads a site which infects your computer; in this case, the malware in question is Vundo, a well-known and prolific trojan that, while not particularly dangerous, is extremely annoying, causes severe system degradation, and hard to remove.
I've included some basic protection and removal instructions here. For downloading most of the files mentioned in this post, you may wish to use Tarun's Anti-Malware Toolkit. His company's wiki at Lunarsoft has a lot of good advice on more in-depth cleanup and security. If this post doesn't help you remove Vundo from your system, head over to the Technician's Corner.
The best way to protect yourself is:
Internet Explorer (if you must...): SpywareBlaster, Spybot: S&D (use immunization, disable TeaTimer)
Other useful protection:
Internet Explorer (if you must...): ZonedOut w/ IE-SpyAd
Make sure that you have the latest Windows and Java updates. Windows Defender is decent Real-Time Protection.
Get an Anti-Virus program. There are several free AVs that are okay:
Avira
Avast!
AVG
Also make sure your security is properly configured for:
1) FireFox: Tools -> Options -> Security:
- Warn me when sites try to install add-ons: Yes (in particular)
2) Internet Explorer (if you must...): Tools -> Internet Options -> Security -> Internet:
- ActiveX: Disable Everything. Use Trusted Sites for ActiveX functionality.
To remove Vundo:
CCleaner
Malwarebytes' Anti-Malware
SuperAntiSpyware
Download and update each program. Restart into Safe Mode (F8).
Run CCleaner with these settings:
Cleaner -> Windows -> select everything except for:
- System -> select everything except Memory Dumps and Windows Log Files
- Advanced -> only select "Old Prefetch Data"
Note: selecting the Autocomplete Form history deletes your saved passwords.
Cleaner -> Applications -> select everything
You will need to close FireFox in order to clean its temporary files.
Registry -> select nothing
Tools -> ignore this part
Click "Run Cleaner."
Run SuperAntiSpyware, specifically with these settings under Preferences -> Scanning Control:
- Close browsers before scanning
- Scan for tracking cookies
- Terminate memory threats before quarantining
Note: These settings are targeted specifically for the removal of Vundo, not for more general scans.
Run a complete scan on your primary hard drive.
Run Anti-Malware, with every box enabled under Settings, including "Terminate Internet Explorer..."
Run a full scan on your primary hard drive.
If Anti-Malware prompts you to reboot to finish cleanup, do not reboot into Safe Mode; this will cause the next phase of cleanup to fail. Restart normally.
Finally, run a complete scan with your anti-virus program (using updated definitions).
