Hello Mr. Cheese,
Zepto is the new version of Locky. This has been distributed very aggressively via malicious spam emails in recent weeks. Known samples are detected by Symantec AV signatures as Trojan.Cryptolocker.AF as well as Trojan.Gen and similar broad signatures.
The best defense, really, is user education. Users need to open the unexpected, oddly-named attachment (a .wsf script file, recently) for the threat to work. The second best method of stopping it is to secure the mail gateway. Webmail seems to have avoided those defenses, here.... Signatures for SEP are constantly updated, but using technology to combatthe threat at the endpoint is the last line of defense.
Anyway, here are some articles and resources that have further info:
Support Perspective: W97M.Downloader Battle Plan
https://www-secure.symantec.com/connect/articles/support-perspective-w97mdownloader-battle-plan
A new white paper:
Special Report: Ransomware and Businesses 2016
https://www.symantec.com/connect/blogs/report-organizations-must-respond-increasing-threat-ransomware
A good article:
Ransomware protection and removal with Symantec Endpoint Protection
http://www.symantec.com/docs/HOWTO124710
Planning for recovery against ransomware or any other business disaster is crucial. With recent, accessible backups in place getting sabotaged equipment back into use is little more than an inconvenience.
Please do keep this thread up to date with your progress, or mark it solved if you have received your answer!
With thanks and best regards,
Mick