A nightly scan turned up HTML:Script-inf in a web page cached in my IE NetCache folder. It’s a page I visited last night.
It clearly wasn’t stopped before loading by the Web or File Shields.
Given that I opened this page, and Avast’s scanner thinks it’s a threat, what damage may I have done by visiting the page (and presumably executing the scripts)?
Net wsearches for “HTML:Script-inf” turn up lots of pages claiming “false positive”, but they go back for years, so I have to wonder whether there’s a real threat here.
More info: I looked and to my surprise found all the shields disabled. I enabled them, and upon visiting the same page “Threat has been detected” was emitted and something was blocked. That didn’t happen last night.
I’m not happy that somehow Avast ended up with Shields disabled. I didn’t do that. The most I ever do is the “Disable Shields for 10 minutes”, and I haven’t done that in a while.
Now I’m even more concerned, as I have likely run the malware script. It apparently originates here, in the headers returned when the favicon.ico file is accessed: