I have run a boot scan and Avast found:
Threat:Java:Agent-ZP
Threat:Java:Agent-ZL
Threat:WIN32:Malware Gen
I tried the repair option but it wouldn’t allow that so I deleted the files (reading the Advice and Tools thread, I fear that this was a mistake). The result showed Action Successful. I have since run a couple more boot scans both have shown up as clear.
Being a complete ignoramus with computers, I just wanted to check whether I should be concerned (having deleted rather than repairing and moving to chest) and do I need to do anything else. I have also run a Malwarebytes scan which has also come up as negative.
I have used online banking on this computer in the past but understandably haven’t done so since the positive boot scan.
Unfortunately you have left out the most important information, the file name and location ?
So it is hard to give any advice based on the malware names alone.
However JAVA:Agent malware name I would assume are from the Java Cache and are normally associated with having old versions of JAVA installed, which are being exploited.
Ensure that you have the latest version of JAVA - I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.
Why did you run a boot-time scan in the first place ?
As this is normally only used if a malware detection can’t be dealt with in windows normal mode.
Repairs can only be effected on virus detections, e.g. an executable file which has a small virus element injected into it. If the virus is one which avast has a cleaning routine, then it may be possible to remove the virus element from the file.
C:\WINDOWS\softwaredistribution\downloadb7034e5647114d3cbed18f43ed16cf71\kb913800.exe
C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\6.0\42\479d54ea-6125aaa5|>json\SmartyPointer.class
C:\Documents and Settings\Chris\Application Data\Sun\Java\Deployment\cache\6.0\42\479d54ea-6125aaa5|>json\Parser.class
I’ve just visited Secunia as suggested and it looks like I was running an out of date version of Java.
The first one is a but strange and I assume was the win32:malware-gen, strange in that MS KBs don’t normally arrive in that way (I don’t think). However its loss shouldn’t be an issue, if it were legit, it would already have been applied.
The other two, given the old JAVA version, could well have been exploit attempts and also since it is in the JAVA cache, their loss is no issue. In fact I would go further and clear the JAVA cache after you have updated JAVA.
Welcome to the forums.
The first one was indeed the win32:malware-gen. I’ve updated to the latest version of Java and cleared the cache as suggested. Is this something I should be doing on a regular basis?
More generally, is it better to stick with the standard scans rather than the boot scan? (I’m not even sure why I did try the boot scan).
Also, is it safe to carry out online transactions from this computer?
Keeping JAVA up to date is essential (if you use it), many people don’t need it as the sites they visit don’t use JAVA applets.
The boot-time scan as a scan for specific purposes (as mentioned in my first reply) and not a general on-demand scanner. The Quick or Full System scans should be more than adequate.
With a resident on-access antivirus like avast, the need for frequent on-demand scans is much depreciated. For the most part the on-demand scan is going to be scanning files that would be otherwise be dormant or inert. If they were active files then the on-access file system shield would be scanning them before being created, modified, opened or executed.
I have avast set to do a scheduled weekly Quick scan, set at a time and day that I know the computer will be on. If for some reason my system wasn’t on, no big deal I will catch up on the next scheduled scan.
I don’t believe the detections made and dealt with would compromise your on-line transactions. Though there is another anti-malware scan you could run as a secondary backup to avast.
MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. Download, Install, Update, Run and post the contents of the log.
It it also nice to have Malwarebytes as an extra scanner…
remeber to always update it before you start a scan, and click the “remove selected” button to quarantine whatever it may find http://filehippo.com/download_malwarebytes_anti_malware/
If you mean the settings ?..
i have always used the program with default settings and trust that avast that play with malware 24/7 knows what is best, and never had any problems with it
I was thinking more along the lines that a virus hadn’t shown up on the normal scan. I haven’t changed the setting at all. Hopefully the general scan will pick up anything really serious.
It really is too hard to say as we don’t know when your last normal scan was and what areas were covered in that. The virus database is constantly added to and signatures like the win32:malware-gen updated.