We have KES 10 running in our environment. Today a .zip file was sent to my boss via e-mail. He wasn't expecting it, so he alerted me to investigate.
I received a copy of the .zip file and manually scanned it. Kaspersky detected that it was infected with Trojan-Downloader.Win32.Upatre.apjz. We have mail-antivirus turned on and configured to scan archives with medium heuristics. I sent a copy of the .zip file to myself and Kaspersky did not detect it.
I turned up the heuristics to deep scan and enabled the Outlook plug-in and e-mail the .zip file again. Kaspersky still does not detect it.
Mail Anti-Virus setting are as follows:
Scope: Incoming and outgoing messages
Connectivity: POP3/SMTP/NNTP/IMAP traffic
Additional: MS Outlook plug-in
Scan of compound file: Scan attached archives
Attachment filter: Rename specified attachment types; .bat, .com, .exe, ,js, .jse, .msi, .scr, vbe, .vbs
Additional: Heuristic Analysis: deep scan
Can any of you help me to understand why Kaspersky will not detect this virus in the e-mail?