Endpoint Protection

Hi guys. My work has been plagued with this virus infection on our servers and computers. It's causing a lot of chaos and is giving the Symantec antivirus a hard time to cure. Any tips or solutions. I really need help.

check if the URL can help you to take care of the threat

http://www.symantec.com/security_response/writeup.jsp?docid=2010-072310-4337-99&tabid=3

you can submit the file to Symantec for the analysis even though it has detected as threat.

Already tried that solution. Didnt help. I really need to solve this probelm

Do you think file is clear?

have you submitted the file to Symantec for the second look?

First of all, if the situation is that urgent, better to call support and get help, as against raising it on forum..

Secondly, what is the action taken by SEP? What is the scan that is detecting this? Post the risk logs, if  possible..

Also, since, it looks like more and more  of your servers are  getting infected, disable auto-play, default shares. Make sure Network scanning  is enabled.

Hi Tech King,

Bloodhound.Exploit.343 is a heuristic detection for files attempting to exploit the Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability (BID 41732).  I recommend ensuring that the corrsponding patch against this vulnerability is deployed to all servers and computers.  Bringing patch levels up-to-date will prevent many threats from functioning.
 

"Thumbs up" for VKalani's advice, above- please do contact Technical Support if there is urgent assistance needed with an outbreak.  The following document is also highly recommended: Security Best Practices for Protecting a Business Environment from Common Threats (http://www.symantec.com/docs/TECH105236)

What Symantec product are you using (exact version) and what is the exact action shows in the risk logs?  (Deleted, quarantined, left alone, etc?)

Thanks and best regards,

Mick