Endpoint Protection

Has Symantec heard of PUP.Optional.MyWordTool.A?

One of our users was infected with malware that was re-directing her browser. She ran Symantec scans and powereraser but found nothing. Then she ran malwarebytes and found PUP.Optional.MyWordTool.A. Unfortunately she was unable to get the malicious files to upload to Symantec.

Here is information on PUP.Optional.MyWordTool.A

http://www.malwareremovalguides.info/pup-optional-mywordtool-a/

Just an FYI

If SEP didn't catch it with the latest defs than it probably doesn't have anything for it.

The key here is PUP which is Potentially Unwanted Program

I'm not sure what the program is but Symantec MAY see it as legit hence there is no signature.

The only thing you can do it submit and let Symantec determine.

Some quick research shows that its adware and not necessrily malicious but is an annoyance. It's bundled with other programs and the user may not have even known it was installed. During install, they may have missed a checkbox to not install it.

 i can think it may fall under Potentially Unwanted App

http://www.symantec.com/security_response/glossary/define.jsp?letter=p&word=potentially-unwanted-application

however submitting file is best way.

Hi RSASKA,

Difference companies have different names for the same threats/PUA's.  It's not possible to say without knowing the MD5's of the files involved.

Different vendors also have different criteria for what merits detection of a PUP/PUA.  Symantec has  detections as PUA.Gen (and many others) for a large number of programs.  Do submit the files if you encounter them again.

Many thanks!

Mick

Do you need more assistance with your problem or were you able to get it resolved?

If you could post an update for followers of this thread that would be most helpful.

Thanks and take care,
Brian

This has been a while, I believe someone submitted malicious files to symantec.