Endpoint Protection

 View Only

  • 1.  Virus affected

    Posted Sep 21, 2015 10:33 PM

    I have a client infected virus which can be detected by SEP. The spam email contains a W ord file and em bedded a V B S cript pretended to be an excel file.like below sample https://securelist.com/files/2015/05/Spam-report_Q1-2015_13.jpg
    I searched on internet , someone thing it belongs to V B S.Agent and someone said it is M S Word.Agent, and someone said it is Trojan horse f a m i l y.
    Anybody knows which f a m i l y this kind of virus belongs to?



  • 2.  RE: Virus affected

    Posted Sep 24, 2015 05:37 PM

    Each AV vendor has a specific naming convention so you will need to submit a sample to Symantec for them to tell you.



  • 3.  RE: Virus affected

    Trusted Advisor
    Posted Sep 25, 2015 03:08 AM

    If you get the Hash and url and it has been submited virus totals will tell you the variations of the different vendors call the risk

    https://www.virustotal.com/



  • 4.  RE: Virus affected

    Posted Sep 25, 2015 04:47 AM

    Hi SymQNA,

    Thanks for the post.

    I have a client infected virus which can be detected by SEP

    Check the Risk Logs to learn the detection name and hash of the file. From your brief description, it sounds like a W97M.Downloader.

    Ransomware: Return of the mac(ro)
    https://www-secure.symantec.com/connect/blogs/ransomware-return-macro

    Please keep this thread up-to-date with your progress!

    With thanks and best regards,

    Mick