JS:ScriptIP-Inf [Trj] is a dangerous computer infection that comes in a Java Script file. It can do many bad things to a computer once it gains an access. JS:ScriptIP-Inf [Trj] is a tricky malware that comes into your computer evading your antivirus program. Its not really a solution but. On downloading sites like mediafire. Just refresh/reload. Its kinda annoying to hear the threat detected alert but its no choice XD. I clicked on a link to a news article on Yahoo and my Avast Anti-virus went off saying it aborted a connection with it because it was infected with the above trojan. I scanned with both Avast and Malwarebytes and nothing came up. I would go to the Avast forums but I trust you guys more.
Hello.
A few days ago while going through our Avast logs I noticed that this trojan (JS:ScriptPE-inf [Trj]) had been blocked a bunch of times without anyone noticing. It seems that Avast detected the trojan trying to get in through an ingame web browser while my son was playing counter strike (motd screen you get when loading a server), but fullscreen mode kept Avast silent. Anyhow, we've done some web searching, and we've learned that it's apparently a keylogger of sorts. Now we're even more paranoid, we haven't seen any signs of weird behaviour, however keyloggers sometimes try to pass off as if everything were normal in order to snatch passcodes. Now everyone's afraid to use the family computer.
We've scanned with Avast (boot time scan), ESET online scan, Malwarebytes, Malwarebytes antirootkit, trendmicro attk and rootkitbuster. Rootkitbuster picked up a hidden file in my firefox cache, and that's all.
I've also updated java some time after the avast notifications.
I'd like to know if there might be an infection and if so, how to deal with it?
Thank you.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.51.2
Run by Casa at 6:27:00 on 2014-02-02
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.51.3082.18.3574.2234 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
Running Processes
.
C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32atiesrxx.exe
C:Windowssystem32atieclxx.exe
C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
C:WindowsSystem32spoolsv.exe
C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
C:Program FilesScarlet.Crush ProductionsbinScpService.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
C:Program FilesPGP CorporationPGP DesktopRDDService.exe
C:Windowssystem32PnkBstrA.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
C:Windowssystem32wbemwmiprvse.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesRealtekAudioHDARtHDVCpl.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesMicrosoft Xbox 360 AccessoriesXBoxStat.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Program FilesSteamSteam.exe
C:Program FilesATI TechnologiesHydraVisionHydraDM.exe
C:Windowssystem32SearchIndexer.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe
C:Program FilesCommon FilesSteamSteamService.exe
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Windowssystem32conhost.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k RPCSS
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k NetworkService
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Windowssystem32svchost.exe -k imgsvc
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalServicePeerNet
C:WindowsSystem32svchost.exe -k secsvcs
.
Pseudo HJT Report
.
uStart Page = hxxp://www.google.com/
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:program filesalwil softwareavast5aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - c:program filesalwil softwareavast5aswWebRepIE.dll
uRun: [Steam] 'c:program filessteamsteam.exe' -silent
uRun: [HydraVisionDesktopManager] 'c:program filesati technologieshydravisionHydraDM.exe'
mRun: [RtHDVCpl] c:program filesrealtekaudiohdaRtHDVCpl.exe -s
mRun: [GrooveMonitor] 'c:program filesmicrosoft officeoffice12GrooveMonitor.exe'
mRun: [ATICustomerCare] 'c:program filesatiaticustomercareATICustomerCare.exe'
mRun: [Adobe ARM] 'c:program filescommon filesadobearm1.0AdobeARM.exe'
mRun: [StartCCC] 'c:program filesati technologiesati.acecore-staticCLIStart.exe' MSRun
mRun: [XboxStat] 'c:program filesmicrosoft xbox 360 accessoriesXboxStat.exe' silentrun
mRun: [AvastUI.exe] 'c:program filesalwil softwareavast5AvastUI.exe' /nogui
mRun: [SunJavaUpdateSched] 'c:program filescommon filesjavajava updatejusched.exe'
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportar a Microsoft Excel - c:progra~1micros~2office12EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program filesmicrosoft officeoffice12ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:windowssystem32PGPlsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 200.48.225.130 200.48.225.146
TCP: Interfaces{E4FDD680-0B92-43A7-B1CB-5528C2708D20} : DHCPNameServer = 200.48.225.130 200.48.225.146
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:program filesmicrosoft officeoffice12GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dll
AppInit_DLLs= PGPmapih.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll
LSA: Notification Packages = scecli PGPpwflt
.
FIREFOX
.
FF - ProfilePath - c:userscasaappdataroamingmozillafirefoxprofilesc3zhax9f.default
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:program filesadobereader 11.0readerairnppdf32.dll
FF - plugin: c:program filesbattlelog web plugins2.1.7npesnlaunch.dll
FF - plugin: c:program filesbattlelog web pluginssonar0.70.4npesnsonar.dll
FF - plugin: c:program filesjavajre7bindtpluginnpdeployJava1.dll
FF - plugin: c:program filesjavajre7binplugin2npjp2.dll
FF - plugin: c:program filesmicrosoft silverlight5.1.20125.0npctrlui.dll
FF - plugin: c:program filesubisoftubisoft game launchernpuplaypc.dll
FF - plugin: c:program filesubisoftubisoft game launchernpuplaypchub.dll
FF - plugin: c:windowssystem32macromedflashNPSWF32_12_0_0_43.dll
.
SERVICES / DRIVERS
.
R0 aswRvrt;avast! Revert;c:windowssystem32driversaswRvrt.sys [2013-8-28 49944]
R0 aswVmm;avast! VM Monitor;c:windowssystem32driversaswVmm.sys [2013-8-28 180248]
R0 pgpfs;PGP File Sharing;c:windowssystem32driversPGPfsfd.sys [2012-6-29 147048]
R0 Pgpwdefs;Pgpwdefs;c:windowssystem32driversPGPwdefs.sys [2012-6-29 14744]
R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [2011-3-14 775952]
R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [2010-12-14 410784]
R2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe [2013-3-28 219136]
R2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2010-12-14 67824]
R2 avast! Antivirus;avast! Antivirus;c:program filesalwil softwareavast5AvastSvc.exe [2014-1-29 50344]
R2 Ds3Service;SCP DS3 Service;c:program filesscarlet.crush productionsbinScpService.exe [2013-12-9 388352]
R2 PGP RDD Service;PGP RDD Service;c:program filespgp corporationpgp desktopRDDService.exe [2012-6-29 1588488]
R3 aswStm;aswStm;c:windowssystem32driversaswstm.sys [2014-1-9 64168]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW73.sys [2013-2-14 79872]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:windowssystem32driverse1k6232.sys [2010-4-6 224424]
R3 ScpVBus;Scp Virtual Bus Driver;c:windowssystem32driversScpVBus.sys [2013-12-9 33024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2013-10-23 172192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:windowssystem32driversb57nd60x.sys [2009-7-13 229888]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:windowssystem32driversMijXfilt.sys [2011-11-4 97552]
S3 VMUVC;Vimicro Camera Service VMUVC;c:windowssystem32driversVMUVC.sys [2010-12-14 254720]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:windowssystem32driversvvftUVC.sys [2010-12-14 398720]
.
Created Last 30
.
2014-01-31 02:12:03 -------- d-----w- c:windowspss
2014-01-30 23:43:32 -------- d-----w- c:userscasaappdatalocal{9FDBA568-EE58-4AEB-B4FB-6C1C88755A1E}
2014-01-30 11:43:07 -------- d-----w- c:userscasaappdatalocal{BCAC27A8-3AFF-49FF-81AA-ADFC3441B365}
2014-01-30 10:42:50 -------- d-----w- c:programdataMalwarebytes' Anti-Malware (portable)
2014-01-30 10:42:49 107224 ----a-w- c:windowssystem32driversMBAMSwissArmy.sys
2014-01-30 10:42:05 75480 ----a-w- c:windowssystem32driversmbamchameleon.sys
2014-01-29 23:42:42 -------- d-----w- c:userscasaappdatalocal{BE42CCF7-2027-45A9-9100-C94CA4D1D0B0}
2014-01-29 05:01:58 -------- d-----w- c:userscasaappdatalocal{3BB31C76-7E80-4645-8B9F-4F07BE796333}
2014-01-28 17:01:34 -------- d-----w- c:userscasaappdatalocal{D71179BD-4549-4A19-BB28-67C6CFCC7096}
2014-01-27 17:00:57 -------- d-----w- c:userscasaappdatalocal{3A37617A-F82B-442C-BDE4-8F5EBB9BE8A3}
2014-01-26 17:00:21 -------- d-----w- c:userscasaappdatalocal{09061154-9694-4174-B503-2AF694D816BB}
2014-01-26 04:59:57 -------- d-----w- c:userscasaappdatalocal{0FD549F4-B738-4553-91E4-D4E1867637E7}
2014-01-25 16:59:32 -------- d-----w- c:userscasaappdatalocal{26DFD8E7-905E-4075-A8FA-501ED414493A}
2014-01-25 04:59:07 -------- d-----w- c:userscasaappdatalocal{8D5B07C9-948D-46BE-80E3-A7110528AC8D}
2014-01-24 16:58:43 -------- d-----w- c:userscasaappdatalocal{CAA26D2A-9722-414A-A77B-C4BCA479C877}
2014-01-23 16:58:04 -------- d-----w- c:userscasaappdatalocal{037481C2-C906-44D7-ABC0-2A418ED3CAD7}
2014-01-22 15:36:32 -------- d-----w- c:userscasaappdatalocal{9082F407-0AF4-4DD3-9755-DF783B5B1653}
2014-01-22 03:36:07 -------- d-----w- c:userscasaappdatalocal{8211782E-69E1-425E-A991-1211B55AD0C4}
2014-01-21 15:35:43 -------- d-----w- c:userscasaappdatalocal{C9B29278-4DB2-4AAB-B6EC-5C3897B6D046}
2014-01-21 03:35:18 -------- d-----w- c:userscasaappdatalocal{99C55F1E-248C-41AF-A7E8-13D982D7D947}
2014-01-20 15:34:45 -------- d-----w- c:userscasaappdatalocal{AAFABF1C-9B9A-4F9B-81CC-261D5CA81DA9}
2014-01-19 17:03:13 -------- d-----w- c:userscasaappdatalocal{C990B2F1-3A7E-4496-A403-6BF09AEB9EDF}
2014-01-19 06:05:07 -------- d-----w- C:Games
2014-01-19 05:57:44 -------- d-----w- c:program filesNexus Mod Manager
2014-01-19 04:50:48 -------- d-----w- c:userscasaappdatalocal{D2D14E05-A1ED-4C14-B3EC-FA84CF9CA717}
2014-01-18 04:50:11 -------- d-----w- c:userscasaappdatalocal{1CDE3E75-F271-441F-AEA8-5E7636038170}
2014-01-17 16:49:46 -------- d-----w- c:userscasaappdatalocal{9DDA88AB-7309-45EE-AD49-840C5C5EF9AD}
2014-01-17 04:49:21 -------- d-----w- c:userscasaappdatalocal{BDAABD57-FABD-493A-A7ED-B7535D9D1A32}
2014-01-16 16:48:56 -------- d-----w- c:userscasaappdatalocal{D7E0E78E-2C16-4E31-9415-1FBAC1EC6C40}
2014-01-16 14:27:53 22856 ----a-w- c:windowssystem32driversmbam.sys
2014-01-16 14:27:53 -------- d-----w- c:program filesMalwarebytes' Anti-Malware
2014-01-16 12:06:45 -------- d-----w- C:BOSS
2014-01-16 04:48:32 -------- d-----w- c:userscasaappdatalocal{123E424E-E418-4762-B9DE-AC41E5BC425C}
2014-01-15 16:48:07 -------- d-----w- c:userscasaappdatalocal{CAC9384C-9AE1-440A-B3AE-3BEBBD64A422}
2014-01-15 04:47:43 -------- d-----w- c:userscasaappdatalocal{27828DD0-9E28-484E-8B0D-121A2D9B4931}
2014-01-14 16:47:19 -------- d-----w- c:userscasaappdatalocal{144CF511-7041-44A5-A3CB-628D79C75366}
2014-01-14 04:46:54 -------- d-----w- c:userscasaappdatalocal{C592396B-8958-4827-A2E1-CD83CA938D89}
2014-01-13 04:46:17 -------- d-----w- c:userscasaappdatalocal{C68BE041-1CA4-4638-92F4-EA7A5CF05D1E}
2014-01-12 16:45:44 -------- d-----w- c:userscasaappdatalocal{E829C925-AE14-431E-8411-79C53ABECE74}
2014-01-11 16:01:23 -------- d-----w- c:userscasaappdatalocal{BB8F28A7-55ED-4D5E-BC59-FBB5E7DC0B46}
2014-01-10 13:05:50 -------- d-----w- c:userscasaappdatalocal{137B6E8E-2B22-49BE-905D-84E7971A839D}
2014-01-10 02:58:08 -------- d-----w- c:program filesCCleaner
2014-01-10 01:35:55 -------- d-----w- c:userscasaappdataroamingAVAST Software
2014-01-10 01:32:13 64168 ----a-w- c:windowssystem32driversaswstm.sys
2014-01-10 01:24:32 -------- d-----w- c:programdataAVAST Software
2014-01-10 01:05:25 -------- d-----w- c:userscasaappdatalocal{7D22B45F-51D1-494B-A8F0-76BAF10132AA}
2014-01-09 13:05:00 -------- d-----w- c:userscasaappdatalocal{5A0017C6-4D95-4F78-9FFF-E55E10B37965}
2014-01-08 03:09:28 -------- d-----w- c:userscasaappdatalocal{DC13B96B-1B0F-404A-A90D-49F8A44AC219}
2014-01-07 15:08:54 -------- d-----w- c:userscasaappdatalocal{21D658DD-F2A0-4CF8-8469-F912D63A2C72}
2014-01-06 16:08:15 -------- d-----w- c:userscasaappdatalocal{AE922A7D-E3BB-4D56-AD7C-B9A9CDAD776E}
2014-01-05 16:07:37 -------- d-----w- c:userscasaappdatalocal{609261FD-F122-4F19-9F84-5BA33D20D617}
.
Find3M
.
2014-01-31 20:46:23 71048 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl
2014-01-31 20:46:23 692616 ----a-w- c:windowssystem32FlashPlayerApp.exe
2014-01-31 20:39:09 94632 ----a-w- c:windowssystem32WindowsAccessBridge.dll
2014-01-30 01:54:01 775952 ----a-w- c:windowssystem32driversaswSnx.sys
2014-01-30 01:54:01 67824 ----a-w- c:windowssystem32driversaswMonFlt.sys
2014-01-30 01:54:01 43152 ----a-w- c:windowsavastSS.scr
2014-01-10 01:32:06 79720 ----a-w- c:windowssystem32driversaswRdr2.sys
2014-01-10 01:32:06 49944 ----a-w- c:windowssystem32driversaswRvrt.sys
2014-01-10 01:32:06 180248 ----a-w- c:windowssystem32driversaswVmm.sys
2013-12-20 04:38:59 140064 ----a-w- c:windowssystem32driversPnkBstrK.sys
2013-12-20 04:38:52 280856 ----a-w- c:windowssystem32PnkBstrB.xtr
2013-12-20 04:38:52 280856 ----a-w- c:windowssystem32PnkBstrB.exe
2013-12-17 06:03:31 280792 ----a-w- c:windowssystem32PnkBstrB.ex0
2013-11-14 18:02:11 111262 ----a-w- c:windowssystem32PGPlspRollback.reg
.
FINISH: 6:27:29.11
Starting a couple of weeks ago, I began getting the Avast alert whenever I clicked on a yahoo.com news article headline.
Thread secured How to temporarily disable avast for mac.
We've safely aborted connection on www.yahoo.com because it was infected with JS:ScriptPE-inf [Trj].
More threats may be lurking!
(scan my PC)
Details show:
Get in-depth reports on viral activity. Scan any drive or file. Avast security for mac 2016 & boost. Even scan compressed.zip files, where viruses often hide. All in one attractive user-friendly interface.
Thread name JS:ScriptPE-inf [Trj]
Severity (minimal sign on the bar scale)
URL https://www.yahoo.com/_td_remote
Process C:Program FilesMozilla Firefoxfirefox.exe
Avast for mac pro license. If you are looking for a serial key for Avast Pro Antivirus, Avast Internet Security, or Avast Premier, there isn’t any free one. The only way to get one is to actually purchase a premium version. The only way to get one is to actually purchase a premium version. Avast Security Pro for Mac review: Everything a modern antivirus app needs and a little bit more An all-around champion has strong malware-fighting abilities packaged with worthwhile extras. Avast Pro Antivirus 2018 Crack With License File Latest Version Download. Avast Pro Antivirus Crack is a very popular antivirus and anti-malware program, which is very trusted to clean any type of malware and bad file from your system. Avast Pro Antivirus Crack is used to protect your device with world high-class antivirus program. It protects Spywares and keeps away from online threats. Mostly, the peoples are using this software for Mac and Android devices.
Detected by Web Shield
Status Connection aborted
Avast For Mac Gzip Js Scriptpe-inf Trj Karting
I don't click the scan button. I just X out of the warning. I have not lost any Yahoo connection and can just proceed with the news story.
I run Avast scans every Saturday, same with Superantispyware. Avast never finds a virus. Superantispyware finds 800-1200 cookies.
Probably the best two antivirus softwares available for our devices are Avast and AVG. AVG: AVG or Anti-Virus Guard offers antivirus and internet security software for Microsoft Windows, Linux, Mac OS X and FreeBSD computing platforms. Avast Free Mac Security. When it comes to Avast Free Mac Security, Avast and AVG belong to the same Avast family. Avast is one of the largest security companies in the world and protects over 400 million customers in more than 150 countries worldwide. Military assistance command vietnam.
I run both only after updating them.
My Windows Update is set to automatic.
I have an NEC LaVie laptop with Japanese OS (I live in Japan).
Avast For Mac Gzip Js Scriptpe-inf Trj Telecom
Windows 7
I never use Internet Explorer. Only Firefox.
My computer is run through a home wifi system, not on any multi-user network.
Avast For Mac Gzip Js Scriptpe-inf Tarjeta Roja
What is the problem? What can I do?
Thanks in advance. https://golluna.netlify.app/sophos-antivirus-for-mac-vs-avast.html.