Symanec Protection Suites

This exploit was found on a Vista workstation and I'm running SEP 11.0.4202.75.  The possible virus was found under a profile for a user that no longer works here.  The profile should have been deleted but it wasn't.  From my research it seems Bloodhound.Exploit.52 is an Adobe Flash Player 7 vulnerability.  It is possible that this workstation may need a few patches but how could it appear under a user profile that's not being used?

Thank you.

I trust you had a full scan ran on the box a while ago and got that detection?

The issue was known to be False Positive and was remediated with 22 Feb 2011 revision 35 Rapid Release definition update.

Should the issue surface when you scan using a definition newer than that, please contact Symantec Support for further analysis.

Thank you so much for that information.  Yes, it was discovered during our daily scan on 22 Feb.  Is that information documented anywhere that this was a false positive?  I also had 1 workstation show Bloodhound.Exploit.353 was that a false positive as well?

Also, I don't see Bloodhound.Exploit.52 listed on rev 35 for the rapid release definition on 2/22.  I'm confused as to whether it was rally a false positive since it's not listed.

Unfortunately not. However you can ring the Support team and they should be able to assist you with that query.

For BHE.353, I dont think its an FP and best to submit the sample asap for us to check and update your Acrobat reader asap to plug http://www.securityfocus.com/bid/42203/references vulnerability. 

Unfortunately, the wk showing BHE.353 has already been reimaged, but thank you for that information.  I appreciate your help.