Showing results for 
Show  only  | Search instead for 
Did you mean: 

OnAccess scan not detecting W97M\Downloader

In common with many, we are experiencing a large amount of emails which contain a malicious word or excel document. The malicious file is identified as W97M\downloader when detected when detected by MSME 8.0.2 installed on our Mailbox servers. The frustration I have is that MSME installed on our Hub servers fails completely to detect the malware on the way through. The Hubs scan in OnAccess mode whereas the Mailbox servers scan via Ondemand scans. These are default scan modes for the server rolls. Both scan modes are set up identically. I would really like to detect these malware files on the way in to the organisation through the Hubs as OnAccess scanning is real time whereas OnDemand is scheduled meaning that users can still open the infected files. As the malware are macro's contained within Word/Excel files, GTI won't work (Exe's, pdf's and apk's only). Due to the nature of our business, I would prefer not to block Macro's completely (finance departments).

Is there anyway I can beef up the OnAccess scanning to detect this malware or, As we only have OnDemand scanning once daily on the mailbox servers, what is the best practise for OnDemand scanning (Mailbox servers contain a large amount of large mailboxes) and how heavy is it on resources (they are old, Server 2003, exchange 2007)

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community