More info: I looked and to my surprise found all the shields disabled. I enabled them, and upon visiting the same page “Threat has been detected” was emitted and something was blocked. That didn’t happen last night.

  1. I’m not happy that somehow Avast ended up with Shields disabled. I didn’t do that. The most I ever do is the “Disable Shields for 10 minutes”, and I haven’t done that in a while.

  2. Now I’m even more concerned, as I have likely run the malware script. It apparently originates here, in the headers returned when the favicon.ico file is accessed:

http: // eleniteski.com / trzbpxe.js ? b61835a6154387fb

(spaces added by me to prevent accidental clicking by forum readers)

That Avast found only the cached .htm file as a threat is somewhat comforting, but… What’s potentially compromised?

-Noel