Our client network was infected with a virus which is still undetctable by any of the major vendors. The characteristic are , all the excel, ,jpg, wmv and many more files get changed. Example, if a file is named Mcafee.xlsx, once the virus is infected, the name of the file changes to Mcafee.xlsx.EnciPhEdEd. The file also become unusable. We will have to use a thrid part utility to decrypt the file
Does any of u had the same issue or do we have any Extra dat. I have sent many samples to Mcafee support but no use. Mcafee Gold support is not good, they do not respond too.
Message was edited by: Hayton - modifying subject header to clarify which malware is involved - on 20/05/12 05:44:55 IST
I was able to decrypt the infected files using a thrird party utility. But till now am unable to detect the virus. Customer s expecting a extra dat from Mcafee so that virus can ve detected. I have run the GETSUSP toll but nothing spcific found.
I see you got tired of waiting and found the fix for yourself while I was away. I take it the "third party" was Dr Web?
McAfee lists 14 variants of "GpCoder" but gives no clue which of the 14 this one is. Presumably the Trojan is detectable, although if it is being repeatedly modified there is always a risk that a new version will not be detected. I would expect detection of this Trojan to be included in Stinger.
The issue we are having is, we are unable to detect the virus, We have blocked it by creating a access protection rulw but we would need to have an extr dat from Mcafee so that the files are detected and cleaned.