How to enable, disable, or configure Bloodhound(TM) heuristic virus detection in Symantec Endpoint Protection.

Article:TECH92424  |  Created: 2009-01-17  |  Updated: 2011-05-11  |  Article URL http://www.symantec.com/docs/TECH92424
Article Type
Technical Solution


Environment

Issue



How do you disable Bloodhound(TM) heuristic virus detection or change the level of protection it uses?

 


Solution



In the Symantec Endpoint Protection Manager Console:

  1. Select Policies
  2. Select Antivirus and Antispyware
  3. Right-click the desired Antivirus and Antispyware policy from the list of policies in the right hand window pane and click Edit
  4. Select File System Auto-Protect in the Antivirus and Antispyware Policy window
  5. Under the Scan Details tab click the Advanced Scanning and Monitoring... button
  6. Under Bloodhound(TM) Detection Settings you can check the setting to 'Enable Bloodhound(TM) heuristic virus detection' or disable it
  7. Next to Level of protection to use: you can increase (Maximum) or lower (Minimum) the Bloodhound(TM)'s level of protection from the Default setting

References
Configuring advanced scanning and monitoring options,
"Administration Guide for Symantec™ Endpoint Protection and Symantec Network Access Control"
ftp://ftp.symantec.com/public/english_us_canada/products/symantec_endpoint_protection/11.0/manuals/ru6/Administration_Guide_SEP11.0.6.pdf


Technical Information
Bloodhound(TM) Detection Settings

Bloodhound isolates and locates the logical regions of a file to detect a high percentage of unknown viruses. Bloodhound then analyzes the program logic for virus-like behavior.

By default, the level of protection is set to 2.
 



Legacy ID



2009021714114248


Article URL http://www.symantec.com/docs/TECH92424


Terms of use for this information are found in Legal Notices