ISB.Downloader !gen406

Anyone know what this is please. It has been quarantined by Norton and is associated with Chrome.Update.c53680.js. 

Cannot find anything on google about this threat. 

Thanks

M Miller 1:
[...] Downloaded File from computersluggish.com Source: External Media ____________________________ File Actions Chrome.Update.c53680.js [Contained in] C:\$Recycle.Bin\S-1-5-21-940407799-1981788546-2194664437-1001\$RB6XQN9.zip Deleted ____________________________ File Thumbprint - SHA: Not available File Thumbprint - MD5: Not available

Your Recycle Bin is empty now? ... anyway.  I tried to reproduce any Norton detection clicking around ad supported computersluggish.com 

Note: my trying to reproduce any Norton detection today....has no relation to your Norton event earlier this month.   As you know...too many variables.   Thanks anyway. 
https://safeweb.norton.com/report/show?url=computersluggish.com

png_13289.pngpng_13290.png

Browser extensions used are Adgard and I don’t care about cookies, both get Google clean bill of health

Filename: Chrome.Update.c53680.js
Threat name: ISB.Downloader!gen406Full Path: C:$Recycle.Bin\S-1-5-21-940407799-1981788546-2194664437-1001$RB6XQN9.zip



On computers as of
30/12/2021 at 21:24:13

Last Used
12/11/2021 at 13:17:38

Startup Item
No

Launched
No

Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.


Chrome.Update.c53680.js Threat name: ISB.Downloader!gen406
Locate

Very Few Users
Fewer than 5 users in the Norton Community have used this file.

Very New
This file was released less than 1 week ago.

High
This file risk is high.


https://computersluggish.com/
Downloaded File from computersluggish.com
Source: External Media


File Actions

Chrome.Update.c53680.js
[Contained in] C:$Recycle.Bin\S-1-5-21-940407799-1981788546-2194664437-1001$RB6XQN9.zip Deleted


File Thumbprint - SHA:
Not available
File Thumbprint - MD5:
Not available

Appreciate your reply SA. I have latest updated version of Windows 10 and was using latest version of Chrome. Unfortunately I rebooted before your reply arrived, the infection happened earlier in the month. I have re-scanned with Norton, MWB and Eset (free version), plus Norton Power Eraser, everything is showing 100% clear. I have also used Autoruns, nothing showing from Virus Total. Hope therefore all is now clean.

M Miller 1

Just curious:  Thanks
Please tell us what Norton is telling you regarding this event.

For information regarding this event > from Norton pop-up > View Details > Copy to Clipboard &or from Norton History > More Options > Copy to Clipboard > paste here.

Just curious:  Thanks
What browser extensions? 

Hello M Miller 1. First off what Windows version and build are you using, AND what is your default browser of choice being used? The detection seems to indicate Chrome so what version of Chrome is installed? Is the computer with the detection on a home network, and/or are you logging into a work network working from home? These detections are "heuristic" and are detected as posted in a Broadcom ( formerly Symantec ) article, although the SPECIFIC detection you are seeing the article expresses the same detection methods as shown below from the article linked. 

Rather than using a list of viruses as a reference to determine whether a device contains malware, heuristic virus detection spots viruses by identifying files with suspicious behavior or code infrastructure and flagging them as potentially dangerous. It does so through:        

  • Dynamic scanning: Also known as file emulation or sandbox testing, this process tests and analyzes a file’s behavior in a controlled environment to see if it behaves like a virus, and flags it if it does.        
  • File analysis: File analysis analyzes the purpose and intent of a file, flagging files with an apparent intent to do harm (e.g., delete other files).        
  • Multicriteria analysis (MCA): MCA determines the severity or weight of a potential threat to decide whether it’s worth flagging.

Norton has quarantined the file so just remove it from history, AND, run a full system scan. DO NOT reboot the computer until you can be certain to the greater extent there isn't any residual infection lurking. This detection is also detected as Javascript, meaning browsing activity, a download or update to other software, even email can be the source. It CAN be the first sign of an attempt to gain an infection "first footprint" onto the computer. Run Norton power eraser as a LAST resort as it is prone to false detection of critical files and can render your computer not bootable.

SA