Author Topic: JS:includer-BOF [Trj]  (Read 8851 times)

0 Members and 1 Guest are viewing this topic.

Offline Tutubarao

  • Newbie
  • *
  • Posts: 2
JS:includer-BOF [Trj]
« on: November 20, 2016, 01:26:01 PM »
When I try to access some specific webpages Avast sends a warning about infection JS:includer-BOF [Trj]. It does not find the infection on complete system scan however. The website I am trying to access is usualy reliable and the Avast chrome plug-in rates it as safe. The warning appears both in chrome and Ms Edge. It says:

Object:
http://aprender.unb.br/index.php | {gzip}
Infection:
JS:includer-BOF [Trj]
Process:
C:\\Windows\Systems\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


What should I do?

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35372
« Last Edit: November 20, 2016, 01:36:36 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31378
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: JS:includer-BOF [Trj]
« Reply #2 on: November 20, 2016, 02:03:36 PM »
Quote
It does not find the infection on complete system scan however.
Ofcourse it will not find anything as the infection/malware is on the website and not on your system.

Besides what Pondus already reported, there is another problem.

The site is trying to load things from m3ntalo.
http://labs.sucuri.net/?details=m3ntalo.at

More problems detected on that site :
http://www.urlvoid.com/scan/aprender.unb.br/
http://retire.insecurity.today/#!/scan/8814896ad2067735607fc71723be91ecf99e655ea4a3abfd1f75d897cf72e174
http://zulu.zscaler.com/submission/show/efcf13ed387a3920b39e56f3e378b7ac-1479646733
https://quttera.com/detailed_report/aprender.unb.br
https://www.virustotal.com/en/url/2ae467d11b0b7d74443478213b01ea28f25fefc288433bc26699273b81c9a356/analysis/1479646761/

Offline Tutubarao

  • Newbie
  • *
  • Posts: 2
Re: JS:includer-BOF [Trj]
« Reply #3 on: November 20, 2016, 06:17:26 PM »
Thanks everyone!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31086
  • malware fighter
Re: JS:includer-BOF [Trj]
« Reply #4 on: November 20, 2016, 11:15:54 PM »
Be glad that avast prevented your computer from getting infested, as this is a very persistent malcode threat with serious implications.
Read some background info here: http://computerfixguide.com/how-to-delete-jsincluder-bof-trj-from-computer/

Avoid going to websites with Free Software, Spam Email and Porn Websites
as these form main risk-sites to get in touch with unwanted infesting malcode.

For those infested, do not try out any of the above, but take the appropriate steps as proposed here:
https://forum.avast.com/index.php?topic=53253.0   and wait for a qualified remover to assist you.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline globinli

  • Newbie
  • *
  • Posts: 3
Re: JS:includer-BOF [Trj]
« Reply #5 on: November 28, 2016, 07:31:01 AM »
I also get almost every day the same virus warning too. Its by www.radin.ch!

The webmaster claims, its only with avast. But than, he fix something in the background and the notification disapears! A day or two later, avast alarms me again!!

How it can be, that not everybody will get a virusalarm????

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 57655
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:includer-BOF [Trj]
« Reply #6 on: November 28, 2016, 07:36:04 AM »
Win 8.1 [x64] - Avast Premier 19.3.2365.B#1 - CC 5.53 - MCS - EEK - FF ESR 60.5.2 [NS/AOS/uBO] - TB 60.5.1 [EM] - ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35372
« Last Edit: November 28, 2016, 07:42:48 AM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline globinli

  • Newbie
  • *
  • Posts: 3
Re: JS:includer-BOF [Trj]
« Reply #8 on: November 28, 2016, 07:53:16 AM »
Thanks a lot for those link. I will pass it to the webmaster.

Amazingly, my friend also with Avast can access that site with an admin-login. Than no alert will come. When she login as normal user, her avast also find this virus ;-) strange  8)

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 57655
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: JS:includer-BOF [Trj]
« Reply #9 on: November 28, 2016, 07:54:49 AM »
Thanks a lot for those link. I will pass it to the webmaster.
You're welcome.
Win 8.1 [x64] - Avast Premier 19.3.2365.B#1 - CC 5.53 - MCS - EEK - FF ESR 60.5.2 [NS/AOS/uBO] - TB 60.5.1 [EM] - ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0