I just ran a quick scan of my computer, and AVAST found “JS:ScriptXE-inf[Trj]” in my internet cache. I’m at a loss of what to do now. Just before AVAST found that, I had run Spybot, and that hadn’t found anything. I’m not sure when this ended up on my computer, nor how deep the infection spread. The first thing I’m going to do is a boot-time scan with AVAST, but beyond that I’m not sure what steps are necessary to take. Could someone help me out?
and AVAST found "JS:ScriptXE-inf[Trj] in my internet cache.did avast move it to chest?
clear your temp folders with this. http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
i recomend replacing SpyBot with Malwarebytes. www.malwarebytes.org
Avast did move it to the chest. Looking at it there, it says “Last Modified 2/2/2014”. I need to scan more frequently.
Just cleaned my temp files with that.
Should I scan with that first, or do the boot-time scan?
Should I scan with that first, [b]or do the boot-time scan?[/b]only if avast tell you to ..... it was gone when avast moved it to chest
run a scan with malwarebytes, post log here
Malwarebytes log:
Malwarebytes Anti-Malware www.malwarebytes.orgScan Date: 9/6/2014
Scan Time: 2:18:23 PM
Logfile:
Administrator: YesVersion: 2.00.2.1012
Malware Database: v2014.09.06.07
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: DisabledOS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: [Redacted]Scan Type: Threat Scan
Result: Completed
Objects Scanned: 404709
Time Elapsed: 11 min, 36 secMemory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: EnabledProcesses: 0
(No malicious items detected)Modules: 0
(No malicious items detected)Registry Keys: 0
(No malicious items detected)Registry Values: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Folders: 0
(No malicious items detected)Files: 0
(No malicious items detected)Physical Sectors: 0
(No malicious items detected)(end)
Edit: Is there a way to determine when the file first got on my computer? I want to know if it had been laying dormant since February, or whether it was more recent.
"JS:ScriptXE-inf[Trj]" in my internet cache.leftovers from a infected website you have been on ......
So, that explains how it got onto my computer, but not necessarily how long it was there or whether it was active or not. My browser is Firefox with noscript, so is it possible it never ran?
My browser is Firefox with noscript, so is it possible it never ran?yepp most likely a exploit that did not work
I ran a boot-time AVAST scan, and since that came up clean, I thought the issue was resolved. However, today Malwarebytes blocked some Dutch IP from accessing scvhost.exe. I’ve made a post in their forum, since it was their program which detected something.
Thanks for all the help.