Kaseya Community

Possible False Virus again

  • Got back from vacation and find a large number of threats marked as:  (V) Virus found W97M/Downloader.

    At this time, it is confined to a small number of Win7 PCs.

    What is odd is that most of the quarantined files are text files.

    I have not yet had a chance to unquarantine and submit to virustotal for analysis.

    Curious if anyone else has experienced this over the week?

  • If it's legit, when you open the file in MS Word, the VB contained within will trigger the virus.

  • OK.  Thanks.  I'll look into it further.  Might be legit.  Infected files are test files (.LOG & .OLD), which seemed quite odd.  Also, agent un-quarantining script is failing (filed in if step), so can't get them out of quarantine.

    I figured I'd ask here before opening a ticket.

    -Wayne