Avast WEBforum

Other => Viruses and worms => Topic started by: PhilGarber on October 13, 2009, 04:38:46 AM

Title: What is JS:ScriptIP-inf [Trj] ?
Post by: PhilGarber on October 13, 2009, 04:38:46 AM

Hi,

   First off, I'm alright with computers, but I know nothing about coding, hacking, etc. I know ctrl-alt-delete and I can navigate my way around the control panel. I'm running a Windows Vista Home Premium. Now onto my question..


   A few days ago, I downloaded Avast! After not having an Anti Virus program for quite a while because my Norton Anti-Virus trial expired. I immediately did a "thorough scan" on my laptop. As it scanned my computer, it found this virus (JS:ScriptIP-inf [Trj]) twice on my computer. I understand that this a Trojan and I know vaguely what they do. Steal passwords/other sensitive information. I panicked. My family does not use Online Banking but we have made purchases on this computer before and do so fairly frequently. What is "JS:ScriptIP-inf [Trj]" and is it dangerous? Is it bad that I've waited a couple days to do anything about this? I have no idea how long these viruses have been on my computer. They're currently quarantined in the Virus Chest.

Thanks,

Phil,

Title: Re: What is JS:ScriptIP-inf [Trj] ?
Post by: FreewheelinFrank on October 13, 2009, 06:43:07 AM

Hi Phil,

A browser exploit maybe- probably a Trojan dropper- a Trojan which downloads more malware. Very dangerous if it runs- but it looks like it needs exploitable software to run. It may be inactive with any luck.

You need to tell us where the malware was found- log in the avast! log and post the name and location of the file detected. (Right click on the blue ball at the bottom right of your screen- the notification area- an you'll find the log there somewhere.)

Norton can leave traces on a computer which interfere with other anti-viruses, so worth running the Norton removal tool.

http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039  (http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039)

Scan for out-of-date and insecure software using Secunia Online Software Inspector (OSI) (http://secunia.com/software_inspector/) and update any insecure software: this remove any vulnerability to exploits.

Title: Re: What is JS:ScriptIP-inf [Trj] ?
Post by: PhilGarber on October 16, 2009, 12:47:31 AM

Thanks man. Both were found in temp internet files.