F secure IS 2015 weak against .vbs scripts
F Secure internet security 2015 shows weakness against new malicious vbs scripts.
These scripts if undetectable by virus definition, slips through deepguard. It manages to add itself in startup. Using safe process wscript.exe these scripts keep running in memory.
Very difficlut to remove while logged into the system. Can propagate and spread through USB pendrives.
Zipped Sample url
EDIT: LINK REMOVED
password : infected
Comments
-
Hi Viktik,
Thank you providing us the details of the infection and the necessary files.
However, I would recommend to submit a sample directly to our labs for analysis. Please send the infection files in a single password-protected ZIP file. You may submit the samples at:
https://analysis.f-secure.com/portal/login.html
(Please register when you submit the samples on our website and you will get the ticket ID from our lab, for example of ticket id T123456. On the Submit Sample page, If you need to contact our lab engineers, include your question or incident details in the "Message" field. Else, please leave it empty.)