Bloodhound detection in Defwatch file
I am seeing quite a lot of bloodhound detections on a few of my servers-the latest one is this:
Risk Filename Original Location Status
Bloodhound.Exploit.139 DWHC61.tmp c:\Documents and Settings\All Users\Application Data\Symantec\DefWatch.DWH\ Infected
I'm assuming this tmp file was written during the definition update process of the SEP11 client.
This is the latest bloodhound detection on a group of my servers, and the only common factor between them is they are all running Double Take - but I have no idea how that would cause an issue with the SEP11 update process.
Any suggestions as to what I can check to see what us going on?