This is a general detection for several variants of the W32/Yaha family. The variants differ with regard to subject line and body text used to create the hazardous email with viral attachment. In all cases, the virus functions the same, in terminating security applications upon execution, copying itself to the local system, and then sending itself out via SMTP email as an attachment.

Recommended Action

Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option