Skip to main content

WScript.exe is Infected By Malware and Firefox Opens Harmful Websites

Yesterday I witnessed a script based malware attack on my computer. I strongly believe the malware infected my computer came from one of my friend's USB drive. He double clicked a folder to open in his pen drive but it was a short cut created by a malware. The target location of the folder was the below address. C:\windows\system32\cmd.exe /c start WScript d3d3\icec.js & Start Explorer.exe "RECYCLER" and I believe WScript.exe is infected by this malware. This script automatically set the home page to "http:// india4you. info/r.asp#" in Firefox. Also the default Search too changed to one malicious URL address. Gladly Avast installed on my computer is able to detect it and stop Firefox from accessing the page.

Browser automatically opening malicious websites


Just like this, Avast web shield starts stopping a number of attempts to connect Firefox to other malicious websites and while carefully analyzing each attempts, it is found that the process is originated from WScript.exe
wscript.exe is infected and script based virus infection

How to Resolve WScript.exe Infection


Since the first location we should check after malware infection is Startup, I tried to open System Configuration using msconfig. This script created some unwanted Startup services but Wscript.exe prevented me from opening msconfig on my computer. So the steps I took to fix this issue are provided below.

  1. Open Task Manager and kill Wscript.exe under processes


  2. Now type msconfig on Run and press OK

  3. Uncheck all suspicious Startup programs under Startup tab
    How to remove script infection on a computer

  4. Reboot the computer and check whether Wscript.exe is still under processes. If it is still present, you need to repeat the process and disable all Startup programs except AntiVirus.

As we know most of the script based malicious codes prompt browsers to load other compromised websites for various reasons. If you discover such website, there are some steps you can do against it. To lean more about how to deal with infected websites follow the link below.
How to Deal With Malicious Websites and Stop Them From Spreading Malware

After the infection the major problem I was facing is the slow Internet because of the automatic attempts of Firefox to access remote compromised websites. Luckily Avast web shield protected my computer from opening those websites. To view the saved user names and passwords from Firefox follow the link below.
How to View Saved Passwords and User Name On Firefox Browser

Since it is a security article, I think it is better give link to one of my old article about DDoS attack. To read more about it click on the link below.
Denial of Service (DOS) Attacks Tutorial

Technology Blog

Comments

Marty said…
It was really helpful. My laptop too affected with the same virus and your article helped me a lot. Thanks..
Alex Kureekkattu said…
Thanks for your comment Marty.

Recent Posts

How to Configure Idea 3G on Android Phone

When you activate Idea GPRS or 3G Internet on your Android phone, your phone will receive the automatic settings. However, sometimes you may need to configure the Access Point and GPRS settings for Idea (both GSM second and third generation) connection manually on your Android phone. In case if you delete the previous configuration, it is better know how to setup the same settings again by yourself. A wrong Access Point Name can stop you from accessing their mobile broadband service. Otherwise after deleting the existing APN for Idea 3G or GPRS you may need to re-insert the SIM again to get automatic settings from them. If you know the manual configuration steps, you can avoid that hardware procedure. If you are looking for the steps to get maximum speed from Idea 4G, you may click the link below and follow the instructions. The below hack will increase the Idea 4G data transfer speed.


Boost Idea 4G Data Transfer Speed

Steps to Configure Idea 2G/ GPRS/ 3G in Android Click on Applicatio…

Village Field Assistant in Kerala Revenue (123/2017) Examination

PSC has notified examination for the post Village Field Assistant in Kerala Revenue Department. Category number of the notification is 123/2017. According to this notification, anyone who has passed 10th Standard and having cycling skill can apply. There is no ineligibility for those having higher education standards to apply for Village Field Assistant. So, those who passed HSS, Degree etc can apply. Village Field Assistant is the new name given to the post Village Man in Kerala Revenue Department and is one of the few posts where PSC conducts direct recruitment to Revenue department. Public Service Commission conducts different examinations for each districts and there will be different question papers and cut off marks. Anyone who apply for Village Field Assistant can apply to only one district. Right now, only anticipatory vacancies are reported. So we do not know the exact number of vacancies in each districts. According to High Court verdict in 2006, women too can apply to Vil…

LD Clerk in Kerala Government Department Exam 414/2016 Date & Syllabus

Getting a government job in India is a dream of millions of educated youth. Getting a group A service is a bit difficult and needs a lot of time for preparation and hard work. For those who have passed SSLC (10 th standard), the best choice to enter government service is LDC. Lower Division Clerk (LDC) exam by Kerala PSC opens door for thousands of youth to Kerala Government service. Right now everyone is eagerly waiting for the Kerala LDC 2016 exam notification. LDC is a group C service which allows a person to work in his district. In most cases he will get the chance to work near his home. It is because Kerala LDC exam is a district wise examination. Different districts have different exams and rank lists. Once selected for LDC you are in group C service.

Kerala PSC has invited applications for LDC in various Kerala Government Departments for those having minimum SSLC or equivalent qualification. According to the gazette number 414/2016, you can apply for LD Clerk post in various g…

How to Reset BSNL Modem to Factory Default Settings

This article is for those who want to reset BSNL modem to factory default settings. If you forgot the username and password set for BSNL modem, you might need to change it to factory default and reconfigure it. Another reason to do is to fix certain network connectivity issues. There are two different methods to reset a BSNL modem to factory settings. They are soft and hardware reset. In soft reset we should login to the BSNL modem configuration page and select the option restore default or factory default. If you forgot the modem username and password, you cannot perform this procedure because without logon details you cannot access settings page. In that case only option left is to perform a hard reset. In this tutorial you will see both methods irrespective of the modem vendor and version.

Soft Reset BSNL Broadband Modem
Login
Type 192.168.1.1 on the address bar of your browser and press enter


Enter admin as username and password
Click on Admin tab

Click on Reboot


Select the factory se…

Eligibility and Exam Pattern CBI Officer Recruitment 2017 - Sub Inspector By SSC CGL

To become an officer in Central Bureau of Investigation ( CBI ) is a dream of many youth in India. Though this elite investigation agency is popular among public, many do not know the procedure to join CBI as an officer. This article explains the various criteria, eligibility, exam pattern and procedure to become a CBI officer. Two different agencies conduct examinations to fill vacancies in CBI. They are UPSC and SSC. To become a group A officer in CBI, you must choose Civil Service Examination conducted by UPSC and become an IPS officer. To join as Sub Inspector in CBI, you must go through SSC CGL examination.

Name Of the Post Recruitment Agency Group A OfficerUPSC (Civil Service Examination)Sub InspectorSSC CGL
Where to Apply
If you are dreaming to become an Officer in CBI, you must pass the Combined Graduate Level Examination (CGL ) conducted by Staff Selection Commission (SSC) in every year. You must wait for the next SSC CGL notification and prepare for the same. It is a 4 tier…

List Of Free Proxy Software and Web Proxy Servers To Browse Anonymously

Proxy server is a middle man acting between your computer and the web server. For example if you are accessing Google from your computer using a proxy named X, your computer is not receiving information directly from Google but X is receiving services and send it back to your computer. So naturally the web server does not know your computer and it thinks it served X. So by using a proxy server, theoretically you can browse anonymously and also help you to bypass firewall restrictions too. This guide gives a short introduction of Proxy Servers with a number of popular server addresses. There are two types of Proxy services.
client based (Software Installed on your PC)

Web based proxy servers (No is software installed on your PC) If you are expecting high anonymity, you must go for premium servers but for normal users web based proxy server is enough. Here I give a list of free popular servers.

1. Client Based

Please note that some proxy software products might contain malware and use…