Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

scan engine detect toujours des Bloodhound.exploit.343

Jump to Best Answer

1. scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
Migration User
Posted Nov 13, 2012 09:03 AM

Reply Reply Privately
Bonjour,

Aprés l'installation des différents client Symantec Endpoint 12.1 et aprés avoir effectuer une analyse complete des différents PC du parc informatique certain client continue à détécter des virus heuristique Bloodhound.exploit.343.

Je voulais savoir si il y a une solution pour en finir completement avec ce genre de threat (des symantec tools, une stratégie a suivre...) surtout que ca devient génant pour les utilisateurs des postes surlesquels se trouve le client Symantec Endpoint 12.1.

Merci d'avance pour votre aide.

Cordialement,
2. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
ℬrίαη
Posted Nov 13, 2012 09:10 AM

Reply Reply Privately
What is the action being taken on the alert? Deleted? Cleaned? Quarantined?
3. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
Migration User
Posted Nov 13, 2012 09:16 AM

Reply Reply Privately
Hi Brian81,

The action being taken on the alert is Deleted.
4. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
ℬrίαη
Posted Nov 13, 2012 09:20 AM

Reply Reply Privately
Is the file path being referenced?

Is your conern that this may be a false positive or that it is re-occuring?

Since the infection is being deleted, this is a good thing but it sounds like it may continue to come back?

Have you run a full scan with latest definitions in safe mode?
5. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
Migration User
Posted Nov 13, 2012 09:41 AM

Reply Reply Privately
yes the file path is being referenced, actually it's the same folder but the threat its subfolder location every time.

I have run a full scan with the lastest definitions but not in safe mode.
6. RE: scan engine detect toujours des Bloodhound.exploit.343
Best Answer

0 Recommend
Rafeeq
Posted Nov 13, 2012 10:15 AM

Reply Reply Privately
run a full scan in safe mode.
7. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
Migration User
Posted Nov 14, 2012 04:36 AM

Reply Reply Privately
Bloodhound.Exploit.343

http://www.symantec.com/security_response/writeup.jsp?docid=2010-072310-4337-99

MANUAL REMOVAL
The following instructions pertain to all current Symantec antivirus products.

1. Performing a full system scan
How to run a full system scan using your Symantec product

2. Restoring settings in the registry
Many risks make modifications to the registry, which could impact the functionality or performance of the compromised computer. While many of these modifications can be restored through various Windows components, it may be necessary to edit the registry. See in the Technical Details of this writeup for information about which registry keys were created or modified. Delete registry subkeys and entries created by the risk and return all modified registry entries to their previous values.
8. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
Broadcom Employee

Chetan Savade
Posted Nov 14, 2012 06:39 AM

Reply Reply Privately
Salut,

Il est important de savoir quelles mesures Symantec prend contre cette détection.

Pourriez-vous s'il vous plaît joindre journaux de risque à ce fil.

Aller à la SEP client GUI -> Voir les journaux - Virus> & Spyware Protection - journaux risques>

Comme tout le monde dit, passer par cette écriture aussi.

http://www.symantec.com/security_response/writeup.jsp?docid=2010-072310-4337-99&tabid=3

Si l'analyse du système ne résout pas le problème, vous pouvez essayer l'une des options disponibles ci-dessous.

Puissance guide de l'utilisateur gomme.

http://www.symantec.com/theme.jsp?themeid=spe-user ...

Voici l'emplacement de l'outil de Symantec Endpoint Protection soutien:

http://www.symantec.com/business/support/index?pag ...

Outil Symantec Endpoint Recovery (SERT) Télécharger vient comme une norme ISO (image disque). Comment puis-je l'utiliser?

http://www.symantec.com/docs/TECH131685

Toujours suivre les meilleures pratiques

http://www.symantec.com/docs/TECH122466
9. RE: scan engine detect toujours des Bloodhound.exploit.343

0 Recommend
Migration User
Posted Nov 21, 2012 03:20 AM

Reply Reply Privately
Thank you Rafeeq for your help, a full scan in safe mode has solve the problem.

Thank you Simpson Homer for your contribution this may be very helpful in some other problem with Bloodhound.Exploit.343.

Merci Chetan Savade pour vos conseils qui peuvent etre trés utils pour d'autres eventuels risques.

Cordialement,

Endpoint Protection

scan engine detect toujours des Bloodhound.exploit.343

Migration UserNov 13, 2012 09:03 AM

ℬrίαηNov 13, 2012 09:10 AM

Migration UserNov 13, 2012 09:16 AM

ℬrίαηNov 13, 2012 09:20 AM

Migration UserNov 13, 2012 09:41 AM

RafeeqNov 13, 2012 10:15 AMBest Answer

Migration UserNov 14, 2012 04:36 AM

Chetan SavadeNov 14, 2012 06:39 AM

Migration UserNov 21, 2012 03:20 AM

1. scan engine detect toujours des Bloodhound.exploit.343

2. RE: scan engine detect toujours des Bloodhound.exploit.343

3. RE: scan engine detect toujours des Bloodhound.exploit.343

4. RE: scan engine detect toujours des Bloodhound.exploit.343

5. RE: scan engine detect toujours des Bloodhound.exploit.343

6. RE: scan engine detect toujours des Bloodhound.exploit.343 Best Answer

7. RE: scan engine detect toujours des Bloodhound.exploit.343

Bloodhound.Exploit.343

8. RE: scan engine detect toujours des Bloodhound.exploit.343

9. RE: scan engine detect toujours des Bloodhound.exploit.343

6. RE: scan engine detect toujours des Bloodhound.exploit.343
Best Answer