Video Screencast Help

Has Symantec heard of PUP.Optional.MyWordTool.A

Created: 18 Dec 2013 | 5 comments

Has Symantec heard of PUP.Optional.MyWordTool.A?

 

One of our users was infected with malware that was re-directing her browser. She ran Symantec scans and powereraser but found nothing. Then she ran malwarebytes and found PUP.Optional.MyWordTool.A. Unfortunately she was unable to get the malicious files to upload to Symantec.

 

Here is information on PUP.Optional.MyWordTool.A

http://www.malwareremovalguides.info/pup-optional-mywordtool-a/

 

 

Just an FYI

Operating Systems:

Comments 5 CommentsJump to latest comment

_Brian's picture

If SEP didn't catch it with the latest defs than it probably doesn't have anything for it.

The key here is PUP which is Potentially Unwanted Program

I'm not sure what the program is but Symantec MAY see it as legit hence there is no signature.

The only thing you can do it submit and let Symantec determine.

Some quick research shows that its adware and not necessrily malicious but is an annoyance. It's bundled with other programs and the user may not have even known it was installed. During install, they may have missed a checkbox to not install it.

pete_4u2002's picture

 i can think it may fall under Potentially Unwanted App

http://www.symantec.com/security_response/glossary...

however submitting file is best way.

Mick2009's picture

Hi RSASKA,

Difference companies have different names for the same threats/PUA's.  It's not possible to say without knowing the MD5's of the files involved.

Different vendors also have different criteria for what merits detection of a PUP/PUA.  Symantec has  detections as PUA.Gen (and many others) for a large number of programs.  Do submit the files if you encounter them again.

Many thanks!

Mick

 

With thanks and best regards,

Mick

_Brian's picture

Do you need more assistance with your problem or were you able to get it resolved?

If you could post an update for followers of this thread that would be most helpful.

Thanks and take care,
Brian

RSASKA's picture

This has been a while, I believe someone submitted malicious files to symantec.

The Enemy's greatest fear is that you'll discover who you really are, what you're really worth, and where you're headed.