Hi,
Any idea to stop this virus come in to our network..
1000+ virus come in n/w
Bloodhound.Exploit.343 Bloodhound.Olexe
Trojan.Gen Trojan Horse
Regard
Sumit G.
ensure all the systems in the network are updated with latest AV and Microsoft patches.
Disable autorun, sharing. Endure strong password is set.
View the virus writeup for these threat to remove.
It may be good you go through this article,
Best practices for troubleshooting viruses on a network http://www.symantec.com/business/support/index?page=content&id=TECH122466
The advice in this article will definitely help:
http://www.symantec.com/business/theme.jsp?themeid=stopping_malware&depthpath=0
Hello,
About the:
Bloodhound.Exploit.343
requires Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability (BID 41732).
Bloodhound.Olexe
Bloodhound.Olexe is a heuristic detection for reporting Microsoft Office files that contain an embedded executable file.
As it clearly specifies, you would need to make sure you have your MS updates installed on you machines.
whereas,
are the generic detection for many individual but varied Trojans or used by Symantec to identify malicious software programs that masquerade as benign applications or files.
Again, please go through the Security Best Practices of Symantec which would guide you with the same.
http://www.symantec.com/docs/TECH122466
Hope that helps!!
It's Autorun time...... just follow advice given above
you may want to limit USB disk usage, disable autorun..., limit folder sharing,.. patch OS.. & trace the original threat source..
If you have AV installed in all client it would the best
Thanks for sharing the document, I will read and then revert about the risk improvement..
To Harden your Network use these customized policies
Autorun.inf
http://www.symantec.com/docs/TECH104909
LNK files (stuxnet and other worms)
http://www.symantec.com/business/security_response/securityupdates/list.jsp?fid=adc
Trojan
http://www.symantec.com/business/support/index?page=content&id=TECH95124&locale=en_US
From the Risk report see which file is infecting the most then block it
http://www.symantec.com/business/support/index?page=content&id=TECH93451&locale=en_US
Also make sure SEP settings are as per Security Best Practise
http://www.symantec.com/business/support/index?page=content&id=TECH122943&locale=en_US
this will definitely improve number of risks.
However I would recommend using these policies on a Test Environment or just on a group will less clients before implementing it organization wide.
Hi Vikram/ Mithun Sanghavi,
I have tried your solution step at yesterday. both of the comment are helpful. Now I am going to close the forum. Thanks a lot for your kind help...