Endpoint Protection

 View Only

  • 1.  SEP unable to detect virus - in AVG, it is detected as js/agent

    Posted Oct 24, 2013 04:54 AM

    Hi,

     

    I would like to check with y'all if you encounter these symptoms:

     

    - submitted the suspected virus file to Symantec Response but they unable to confirm.
    - unable to launch control panel, system settings, etc. Gettings Windows Explorer error
    - the computer hangs
    - unable to access internet at times
    - some of the apps unable to run
    - unable to run Symhelp tool load point analysis and power eraser (the program hangs). Tried running on Safe Mode still the same

    - tried installing AVG and it detected as js/agent

     



  • 2.  RE: SEP unable to detect virus - in AVG, it is detected as js/agent

    Posted Oct 24, 2013 05:12 AM

    use this tool and check if you are able to open control pannel, remove unnessary software whatever is installed by the virus

    http://www.symantec.com/security_response/writeup.jsp?docid=2004-050614-0532-99

    then run the powereraser

    http://www.symantec.com/business/support/index?page=content&id=TECH134803



  • 3.  RE: SEP unable to detect virus - in AVG, it is detected as js/agent

    Posted Oct 24, 2013 05:31 AM

    Hi Rafeeq,

    - tried to install the .inf mentioned on the link but still the same problem

    - im unable to run the power eraser as it just hangs



  • 4.  RE: SEP unable to detect virus - in AVG, it is detected as js/agent

    Posted Oct 24, 2013 08:50 AM

    Submit the sample to Symantec:

    http://www.symantec.com/security_response/submitsamples.jsp

    How to run Symantec Power Eraser with the SymHelp utility

    Article:TECH203683  |  Created: 2013-03-08  |  Updated: 2013-09-20  |  Article URL http://www.symantec.com/docs/TECH203683

     



  • 5.  RE: SEP unable to detect virus - in AVG, it is detected as js/agent

    Trusted Advisor
    Posted Oct 24, 2013 12:59 PM

    Hello,

    In case you have submitted to the Symantec Security Response Team, PM me the Tracking number.

    In your case, I would suggest you to run the SERT.

    Symantec Endpoint Recovery Tool (SERT)

    https://www-secure.symantec.com/connect/articles/symantec-endpoint-recovery-tool-sert

    Regards,



  • 6.  RE: SEP unable to detect virus - in AVG, it is detected as js/agent

    Posted Oct 25, 2013 05:27 AM

    Hi Mithun,

     

    The risk was not detected by SEP and all related Symantec tools (Symhelp loadpoint analysis and power eraser, recovery tool). We have taken out the .js files detected by AVG and submitted to Symantec Response. They replied that the files submitted are indeed threats (JS.Proslikefan). Tracking #3345839 and 3348134.

    =======cut==========

    Technical details

    Security Response is updating the generic detection for JS.Proslikefan

    Change reason: Updated generic definition on the polymorphic worm

    MD5: 6f773d452777a9c0fbb992fb88287820

     

    External Public Write-up for JS.Proslikefan

    http://www.symantec.com/security_response/writeup.jsp?docid=2012-091310-3211-99

    =======cut==========

     

    And they have created a rapid release this afternoon to address this. So far, SEP is able to detect and delete them.

    After the restart, all the symptoms reported gone. 

     

     



  • 7.  RE: SEP unable to detect virus - in AVG, it is detected as js/agent

    Trusted Advisor
    Posted Oct 25, 2013 09:57 AM

    Hello,

    Thank you for updating the Thread.

    Let us know if there is anything we could do for you.

    Regards,