Word 2010 false positives?

For the last 2 days while working in Word 2010 on Windows 7 Pro I'm getting computer freezes and only way to shut down is to push the power button.  Upon reboot, Norton 360 v4 reports through File Insight "~wrdXXXX.tmp (Bloodhound.Exploit.232) This Heuristic Virus has been removed. No further action is needed."  These are Word temporary files stored in c:\users\mike\appdata\roaming\microsoft\word\.  This is similar to what was reported and "solved" last June through a Norton update:

 

http://community.norton.com/t5/Norton-Internet-Security-Norton/Word-2010-and-False-Positives/td-p/234078/highlight/true

 

For now, I've excluded the folder from real time scans.

 

Any other suggestions would be appreciated?

Thanks.  I have already submitted the false positive form.

I am having the identical problem, starting yesterday, although I am running Vistas, not 7.  Every time Word 2010 starts writing an Autorecovery file, it gets hung up and then Symantec comes up saying the tmp file is bad.  Sometimes I am able to get Task Manager to kill Word, other times I have to hit the power button.  Sure would be nice to know if I have a real problem.

Hi WTW,

 

this detection is kind of a known error by using Office 2010. But as far as I know it has been added to the virus definitions as a false positive (so not to detect any of these types in the future) about months ago....

 

Can you please confirm that you use the latest, fully updated Office 2010 RTM version (not any beta version!), and your Norton product is up to date. Thanks.

Hi Norton Fighter,

 

Months ago, it was about bloodhound.exploit.106, now 232 is reported.

 

I encountered the same 232 problem for days and now I am crazy.

 

Willem 

 

 

My version of Office 2010 is OEM, fully activated RTM version, downloaded from MS as part of Office 2010 upgrade program.  Norton 360 v4 is also up to date.  Both products are set for automatic updates.

 

I have not had a problem since I excluded from Norton realtime scans the folder where Word .tmp files are saved by Autosave.

I'm getting the Bloodhound Exploit 232 and have Windows 7 and Office 2010. It moved from appdata\roaming\microsoft\word\ to appdata\local\temp and is now DWH~~~~.tmp. Is this a virus or a false positive? How do I submit to Norton? How can I remove Bloodhound Exploit 232?

Thank you all!

AlohaAloha:

 

Navigate to the files beig identified if they are not in quarantine and submit them here.

 

https://submit.symantec.com/websubmit/retail.cgi

 

https://submit.symantec.com/dispute/false_positive/

 

If they are in your quarantine, click on it and an option to submit to Symantec will be available.  Please stay on your own thread to prevent confusion and the hijacking of someone else's thread.

Norton Fighter,

 

I'm using the OEM Office Professional Plus 2010 that came with my HP laptop earlier this year and Symantec Endpoint Protection Version 11.0.5002.333, automatically updated daily. 

 

Thanks.

 

WTW

Hello WTW

 

Welcome to the Norton Community Forum

 

You are using the Corporate version of Symantec. You need to post your problem over in their Forum which you can find here. You will get better exposure over there. Thanks.

 

http://www.symantec.com/connect/

 

Hi,

 

I had one of these cases the other day.  Norton also seemed to detect the same temporary file several times, at least it had the same name (number). The files still resided in the folder even after that Norton claimed to having removed them but they were 0 KB in size.

 

What I did was deleting the 0 KB files from %userprofile%\appdata\roaming\microsoft\word and then cleared out %userprofile%\appdata\local\temp.

 

Since there was a similar issue a couple of years ago with the corporate edition where it got this detection on its own files when rescanning the previously quarantined files (Symantecs KB-article) I also went into the history log of N360 and cleared out the quarantine.

 

So far this seem to have done the trick.

 

jAW

For the last 2 days while working in Word 2010 on Windows 7 Pro I'm getting computer freezes and only way to shut down is to push the power button.  Upon reboot, Norton 360 v4 reports through File Insight "~wrdXXXX.tmp (Bloodhound.Exploit.232) This Heuristic Virus has been removed. No further action is needed."  These are Word temporary files stored in c:\users\mike\appdata\roaming\microsoft\word\.  This is similar to what was reported and "solved" last June through a Norton update:

 

http://community.norton.com/t5/Norton-Internet-Security-Norton/Word-2010-and-False-Positives/td-p/234078/highlight/true

 

For now, I've excluded the folder from real time scans.

 

Any other suggestions would be appreciated?