Enable, disable or configure Bloodhound heuristic virus detection in Endpoint Protection


Article ID: 177533


Updated On:


Endpoint Protection


You need to know how to enable or disable Bloodhound heuristic virus detection in Symantec Endpoint Protection Manager (SEPM), or change the level of protection it uses.


  1. In the SEPM, select Policies.
  2. Select AntiVirus and Antispyware.
  3. Right-click the desired AntiVirus and Antispyware policy from the list of policies in the right hand window pane and click Edit.
  4. Select File System Auto-Protect in the Antivirus and Antispyware Policy window.
  5. Under the Scan Details tab click the Advanced Scanning and Monitoring... button.
  6. Under Bloodhound(TM) Detection Settings you can check the setting to 'Enable Bloodhound(TM) heuristic virus detection' or disable it.
  7. Next to Level of protection to use: you can increase (Maximum) or lower (Minimum) the Bloodhound(TM)'s level of protection from the Default setting.

Technical Information

Bloodhound Detection Settings - Bloodhound isolates and locates the logical regions of a file to detect a high percentage of unknown viruses. Bloodhound then analyzes the program logic for virus-like behavior.

By default, the level of protection is set to 2.