scan engine detect toujours des Bloodhound.exploit.343
Created: 13 Nov 2012 | Updated: 21 Nov 2012 | 8 comments
This issue has been solved. See solution.
Bonjour,
Aprés l'installation des différents client Symantec Endpoint 12.1 et aprés avoir effectuer une analyse complete des différents PC du parc informatique certain client continue à détécter des virus heuristique Bloodhound.exploit.343.
Je voulais savoir si il y a une solution pour en finir completement avec ce genre de threat (des symantec tools, une stratégie a suivre...) surtout que ca devient génant pour les utilisateurs des postes surlesquels se trouve le client Symantec Endpoint 12.1.
Merci d'avance pour votre aide.
Cordialement,
Discussion Filed Under:
Comments 8 Comments • Jump to latest comment
What is the action being taken on the alert? Deleted? Cleaned? Quarantined?
SEP Knowledge Base
Endpoint SWAT
Hi Brian81,
The action being taken on the alert is Deleted.
Is the file path being referenced?
Is your conern that this may be a false positive or that it is re-occuring?
Since the infection is being deleted, this is a good thing but it sounds like it may continue to come back?
Have you run a full scan with latest definitions in safe mode?
SEP Knowledge Base
Endpoint SWAT
yes the file path is being referenced, actually it's the same folder but the threat its subfolder location every time.
I have run a full scan with the lastest definitions but not in safe mode.
run a full scan in safe mode.
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Bloodhound.Exploit.343
The following instructions pertain to all current Symantec antivirus products.
1. Performing a full system scan
How to run a full system scan using your Symantec product
2. Restoring settings in the registry
Many risks make modifications to the registry, which could impact the functionality or performance of the compromised computer. While many of these modifications can be restored through various Windows components, it may be necessary to edit the registry. See in the Technical Details of this writeup for information about which registry keys were created or modified. Delete registry subkeys and entries created by the risk and return all modified registry entries to their previous values.
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Thank you Rafeeq for your help, a full scan in safe mode has solve the problem.
Thank you Simpson Homer for your contribution this may be very helpful in some other problem with Bloodhound.Exploit.343.
Merci Chetan Savade pour vos conseils qui peuvent etre trés utils pour d'autres eventuels risques.
Cordialement,
Would you like to reply?
Login or Register to post your comment.