Follow

Why is KES failing to detect suspected malware infection?

KB#:  KKB000271

QUESTION

A suspected Malware infection has not been detected on a KES endpoint

Any suspected malware infection that is not detected needs to be analysed by AVG's virus lab. Please complete the steps below togather required data.

 

ANSWER

1. As the first step to ensure the highest protection level we recommend to apply all the available patches for your MS Windows Operating System - this step is extremely important as many viruses use security holes in outdated operating systems.

2. Ensure the endpoint has the latest AVG signature updates - check this on the Security > Protection > Manual Update page

For the next steps, log onto the desktop of the infected system and use the AVG user interface (c:\program files\avgx\avgui.exe)

3. Enable the "Scan files on close" feature in AVG Resident Shield to increase the system protection - Launch AVG User Interface -> choose "Advanced settings" from the "Tools" menu -> select "Resident Shield" from the left tree menu -> tick the "Scan files on close" checkbox and confirm by clicking the "OK" button.

4. Restart the computer.

5. Run the "Scan whole computer" test.

6. Is there any infection detected?

7. We may need check the list of processes running on the computer for any suspicious files. To provide us with this list, please proceed as follows: -

Download the AVG service utility from this location to your computer

(we recommend saving it to your desktop) and run it. Detailed information will be displayed on your screen:

 

http://www.avg.com/filedir/util/support/avgproci_en.exe 

OR
http://212.96.161.229/filedir/util/support/avgproci_en.exe

8. attach the resulting "result.7z" file from step 7 to your support ticket

9. Run AVG diagnostics as described in KB Article KKB000275 and attach the resulting zip file to your support ticket

10. Send any undetected malicious files (if known) in a password protected ZIP or RAR archive, with the password included, to virus@avg.com  - also include a complete description of the infection symptoms (please also include the symptoms in your Kaseya support ticket)

After sending us the gathered data, we recommend to disable the "Scan files on close" option (as described in step 3), to reduce the resources usage.

 

APPLIES TO

Kaseya Endpoint Security (KES)
AVG Anti-virus

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.