Hi,
I never had wscript.exe running in my taskmanager before. Today I had to open an word document from a friend's pendrive, and as I haven't installed msoffice in my computer, I installed word online extension in torch.
After I opened the word document, I saw this new wscript.exe process is running in the task manager. I felt something fishy about pendrive too, though nothing was detected by avast. All of documents and folders had been saved as shortcuts in the pendrive and their target was cmd.exe in C: drive's system32 folder. As the work was important I had to open the files and they anyhow opened the correct word documents finely.
Now my problem is why is that wscript.exe running? Its folder location is system32, but I still feel something fishy. I manually end the process after my work is done and when I restarted the machine that process started to run again. I end that process again and checked the start up folders only to find out there a vbs file named as 1.vbs which has been created about the time I was using the pendrive or installing word online extension. So I deleted that vbs file too.
Now I doubt my computer might be infected by a virus or key logger even though avast can't detect anything. Can anyone give advice to me, has anyone got this experience before?
I never had wscript.exe running in my taskmanager before. Today I had to open an word document from a friend's pendrive, and as I haven't installed msoffice in my computer, I installed word online extension in torch.
After I opened the word document, I saw this new wscript.exe process is running in the task manager. I felt something fishy about pendrive too, though nothing was detected by avast. All of documents and folders had been saved as shortcuts in the pendrive and their target was cmd.exe in C: drive's system32 folder. As the work was important I had to open the files and they anyhow opened the correct word documents finely.
Now my problem is why is that wscript.exe running? Its folder location is system32, but I still feel something fishy. I manually end the process after my work is done and when I restarted the machine that process started to run again. I end that process again and checked the start up folders only to find out there a vbs file named as 1.vbs which has been created about the time I was using the pendrive or installing word online extension. So I deleted that vbs file too.
Now I doubt my computer might be infected by a virus or key logger even though avast can't detect anything. Can anyone give advice to me, has anyone got this experience before?