Author Topic: html:script-inf [susp] - Detected on boot time scan only  (Read 801 times)

0 Members and 1 Guest are viewing this topic.

Offline Mario147

  • Newbie
  • *
  • Posts: 4
html:script-inf [susp] - Detected on boot time scan only
« on: April 11, 2024, 02:31:48 PM »
Hi everyone, Im kind of surprised by this, but when I run full system scan, then Avast find no threats. But as soon, as I run boot up scan [Only Disc C it seems], then Avast often find 10 - 40 "html:script-inf [susp]" files, mostly ending with gzip filename.

Any ideas how to get rid of them for good? Are they dangerous? Why they are detected only with boot up scan?
« Last Edit: April 11, 2024, 03:15:32 PM by Mario147 »

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89420
  • No support PMs thanks
Re: html:script-inf [susp] - Detected on boot time scan only
« Reply #1 on: April 11, 2024, 05:38:47 PM »
There really isn't much to work with, e.g. File name and Location ?

What made you consider doing a boot-time scan  ?

Files flagged as [susp], suspicious and not necessarily malicious.

Avast Antivirus is an 'on-access antivirus scanner' e.g. if a file is active then the file system shield will scan it before it is allowed to run.  If it is a web site or an email then the Web or Mail Shield/s would scan that activity.

On-demand scans, of which the Boot-Time is one scans all files in the locations you have chosen.  These files for the most part are dormant (not presenting an immediate risk), as I said if they became active then the active On-access scanners would intercept and scan.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Mario147

  • Newbie
  • *
  • Posts: 4
Re: html:script-inf [susp] - Detected on boot time scan only
« Reply #2 on: April 11, 2024, 09:28:24 PM »
I used a website called kukaj.to to watch movies and series for a long time without any issues at all, but recently avast went berserk mode on the site. Owners even mentioned that they are aware of the issue and said that Avast is just hypersensitive, so they suggested disabling web shield. Well, I foolishly did so and then my conscience went hard on me, so I did all the possible tests with those weird results. I believe that all of the file locations are cache of firefox browser. Sadly I dont saw any more details, just the name of threat and location.

Weirdly enough I didnt visit the site since and I have my web shield on too, but the mentioned threat appeared again.
« Last Edit: April 11, 2024, 09:46:43 PM by Mario147 »

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 89420
  • No support PMs thanks
Re: html:script-inf [susp] - Detected on boot time scan only
« Reply #3 on: April 11, 2024, 10:02:50 PM »
A screenshot of the avast alert with the details option selected might help.

2 others considering this suspect - https://www.virustotal.com/gui/url/39f6298b00b590fd50d7fd15688af7eebe9999605ac73f20eb5daeef54aa5595?nocache=1
This considers the site insecure - https://en.internet.nl/site/kukaj.to/2732172/#
This considers the site of a Medium Security Risk - https://sitecheck.sucuri.net/results/kukaj.to - with hardening improvement suggestions.

There is no way I would disable the Web Shield on the say so of the site, this is your first line of defence.  Given what other site analysis reports are giving security issues/improvements suggested.

Clear the firefox browser cache and cookies would be a good start.

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5712
  • Spartan Warrior
Re: html:script-inf [susp] - Detected on boot time scan only
« Reply #4 on: April 13, 2024, 08:51:49 AM »
Default setting of Avast boot-time scan is to scan Drive C: only.
Windows 10 Home 64-bit 22H2 Microsoft Windows Defender - Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.4.6112 (build 24.4.9067.762) UI version 1.0.803