Hello!

A user on one of our terminal servers was attaced my the TeslaCrypt virus (ransomware). The terminal server had SCEP 2012 running, with engine version 1.1.11502.0 and definition 1.195.2385.0. Policyname: Anitimalware Policy. Realtime protection: On

Is SCEP 2012, with these versions of engine and definition, expected to stop the TeslaCrypt virus?

If not, would any version of SCEP2012 or other antivirus Application stop it?

Regards

Trond Burud

• Edited by Trond Burud Friday, April 10, 2015 1:50 PM

It appears that Microsoft products categorize this malware family as Win32/Tescrypt

http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fTescrypt

If your system got hit with a variant that didn't get detected, you should submit the sample to Microsoft so they can add it to their definitions.

https://www.microsoft.com/security/portal/submission/submit.aspx

• Proposed as answer by Joyce LMicrosoft contingent staff, Moderator 23 hours 45 minutes ago

It appears that Microsoft products categorize this malware family as Win32/Tescrypt

http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fTescrypt

If your system got hit with a variant that didn't get detected, you should submit the sample to Microsoft so they can add it to their definitions.

https://www.microsoft.com/security/portal/submission/submit.aspx

• Proposed as answer by Joyce LMicrosoft contingent staff, Moderator Monday, April 13, 2015 7:36 AM