C is the fairly recent version and the one that blocks the security sites.
Not that folks should not be prepared, etc. -always err on the safe side, however, this one almost reminds me of the 1990s and the McAfee "the sky is about to fall" "press releases" where the next HUGE threat was really hyper-hyped to the press in the guise of "press releases" which were more marketing and promotional gimicks than anything. The sky never fell.
As I expected, we've not seen nor heard of a single instance of this beast from other agencies, and we were clean. This at worst would have probably downloaded and installed some SPAM bots....... not good, but I suspect little physical damage or file loss. Just a guess.......
HOWEVER, today SEP did pick up some other suspect files when a couple of our folks visited innocent web sites - in each case, it tried to create an EXE on their DESKTOP. In each case, SEP stopped it before the job was done, but the EXE was there......... or at least most of it.
Submitted two samples - only heard back on one, and the response was "this file is corrupt, restore if from a clean copy." Uh, OK, we'll reinstall the virus, sure........
I will tell ya, I've seen MORE activity in the last month to 6 weeks than I've ever seen since I started doing this 20+ years ago. I can hardly keep up with all the re-scans and follow-up forensics and all. I mean, constant alerts that someone has gotten some alert or that SEP is blocking an address because of some "malware" or attempt to install some phoney AV thing. I've never seen so much, it's escelated like crazy in the last few weeks - I have to suspect the Symantec honeypots are getting hammered. Maybe not, as MOST of these come via visits to web sites, most of them legit sites, many to do with jobs and rehab and training!