Emsisoft Antimalware blocks TeslaCrypt!

[GTP]

Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Direct disk access: Off
Scan start: 11/11/2016 7:31:04 AM

C:\Users\oster\AppData\Local\Microsoft\Windows Live Mail\Bigpond (jj 4fb\Deleted Items\4C066293-0000110D.eml -> [Subject: You have 1 new fax, document 00000840477][Date: Thu, 28 Jan 2016 23:01:57 +0000] -> task_00000840477.zip -> task_00000840477.doc.js -> (INFECTED_JS) JS:Trojan.Script.CTH (B)

C:\Users\oster\AppData\Local\Microsoft\Windows Live Mail\Bigpond (jj 4fb\Deleted Items\4C066293-0000110D.eml -> [Subject: You have 1 new fax, document 00000840477][Date: Thu, 28 Jan 2016 23:01:57 +0000] -> task_00000840477.zip -> (dummy) JS.TeslaCrypt.4.Gen (B)

C:\Users\oster\AppData\Local\Microsoft\Windows Live Mail\Bigpond (jj 4fb\Deleted Items\67CC69AE-00001147.eml -> [Subject: You have received fax, document 000580447][Date: Wed, 20 Jan 2016 17:22:00 +0000] -> fax_000580447.zip -> fax_000580447.doc.js -> (INFECTED_JS) JS:Trojan.Script.CTH (B)

C:\Users\oster\AppData\Local\Microsoft\Windows Live Mail\Bigpond (jj 4fb\Deleted Items\67CC69AE-00001147.eml -> [Subject: You have received fax, document 000580447][Date: Wed, 20 Jan 2016 17:22:00 +0000] -> fax_000580447.zip -> (dummy) JS.TeslaCrypt.4.Gen (B)

Scanned 296141
Found 4
Scan end: 11/11/2016 8:58:51 AM
Scan time: 1:27:47

 

[Slaters Kustum Machines]

Am I reading that right, it was on the machine since January?

 

[GTP]

No, I don't think so. Her email client (Outlook) hasn't worked since December last year and she never worried about setting it back up till now.
I think these emails have been sitting on Telstra's server since Jan, but downloaded yesterday.

 

[MotzTech]

Hate to be negative here but I'd imagine ANY anti-virus would catch a year old version. The issue is they change so quickly that detecting NEW variants is the hard part.