Hello guys, my avast one found a vorus or sth…any idea what it is and if its dangerous? i added a screenshot. its like: js:scam-ad [scam]
Submit Quarantined file to Avast by clicking (3) […] dots and sending to Avast for analysis.
js:scam-ad [scam]Ad=adware Scam=will trick you to buy some crap
Its getting worse - i suddenly had a .js file in my download history. i chcked them with avast - saying no danger. then i opend it, nothing happend. im superscared rn… some has an idea what this could be?
Files reported as JS/Agent may not necessarily be malicious.
Should you be uncertain as to whether a file is malicious or a false positive detection, you can submit the affected file to https://www.virustotal.com/en/ to be scanned with multiple antivirus engines.
Run Adware Cleaner and clean your browser cache as well.
polonus
thanks - virustotal saying all good. is this safe then or can it still be sth really bad?
I would say submit it to Avast directly for analysis.
Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php.
You should get a response in a day or two. If you sent it via the three dots … suggested by ‘mchain’ you wouldn’t normally get a direct response.
That said Avast should have scanned it if you submitted the file directly to VirusTotal.
What type of scan was it that avast alerted on, screenshots of the alert window with the Details option selected would provide more details as to the possible cause.
However, I suspect this was on an On Demand Scan and not a Web Shield alert - Given the Scan-Verlauf element in your screenshot.
i uploaded the file, was only possible as false positive not malicious. only as false positive i can get a feedback somehow so i chose that option. i dont know how to recover that scan, but was a warning during download, sth like “uknown sorce” or something…
this is the virustotal btw, really scared after i checked the “behaviour” section. there u can see, that file enterd all my folders and my windows. but avast a not giving alarm or sth… im really really concernd 
Given the results in the VT link, Avast shouldn’t be detecting this on your system.
I only say that this must have been an on-demand scan that was manually run as your first screenshot doesn’t look like a conventional on-access scan alert window. Such as one from either the Web Shield or the File system shield, these shields effectively only run in real time when a file is downloaded/run/executed.
Any real time scan alert would ask what to do with the file, delete/move to quarantine/or do nothing.
Since your image also mentions Firefox Profiles and Cache I would suggest clearing the Firefox Browser Cache. It also mentions Quarantine verschoben (Delay), I don’t really know why there would be a delay in sending it to quarantine.
Note: I don’t use Avast One (different User Interface and components to Avast Antivirus Free, so I’m pretty much working in the dark.
its more like i need to know if its dangerous and where it comes from than removing it. i can just reinstall windows, thats not the thing. i did this checkup on throw scan:
file:///C:/Users/pj/Downloads/thor10.7lite-win-pack/DESKTOP-B9H28RR_thor_2024-02-20_1750.html
No one who has responded in this topic (avast users) can give you that assurance.
and who can i ask then my friend? there must be something i can do than just accept it and hope for the best right?
You were given the link to Avast in Reply #6 above to investigate as a possible false positive.
I use AVG but the AVG community is down at the moment so I am posting a recent virus event at our household here. I am not looking for any help, just letting folks know this happened.
2/22/24 1:30 PM CST. A person using a second computer in our household was browsing Amazon using Google Chrome about 30 minutes ago. Suddenly the computer audio started saying something to the effect “your computer is locked up, do not shut it off, or attempt to restart, call this number …” The screen was flashing similar info. The mouse would move, but would not click on anything. I use Alt-Cntrl-Delete to get to the Task Manager. Six instances of Google were running using quite a bit of memory. I ended those Google tasks. The computer came back under my control. I ran the AVG anti-virus scan. That came back clean. System is a Dell tower several years old using W10 with current updates. AVG was on and active when the described event started. We are an older couple.
Fake virus warning.
There is lots of videos on YouTube that will show these fake messages
7 years old
https://m.youtube.com/watch?v=rXn8CXE14Fw&pp=ygUeRmFrZSB2aXJ1cyBtZXNzYWdlcyB3aXRoIHZvaWNl
Pondus - Looks like something described in your link. Thanks.
Here is another one. https://www.youtube.com/watch?v=4hVIdPo4bfY
Just search YouTube for fake virus warning
Also be aware of fake Microsoft tech support call
https://www.youtube.com/results?search_query=microsoft+tech+support+scam
Many scams take this form and Avast certainly wouldn’t be asking you to call a telephone number.
Or to go to another link.
Further info regarding my post earlier today:
2/22/24 6:15PM CST After further investigation it appears that an email from a friend was infected with a virus that opened this website wXw.cuchachosdigitales.com in Chrome. Probably this website launched the virus activities. I have blocked the website in AVG on our computers.
Brian
First it isn’t wise to post an active link to a suspect site, pleas modify your post as I have in the quoted text. Not only that it give it the oxygen of publicity that web spiders could pick up on.
Blocking the site in AVG isn’t a true solution, if this was just an email activated connection delete that email. Essentially that would be a one hit attack unless said site was to try an attack. However the AVG/Avast protection should block that and you would know that this isn’t just a one hit attack.
I would certainly suggest that you clear your browsing history and cookies on Chrome as a precaution.