Malware From Google/Java Sun, Shows Up in Boot Time Scans Only.

I have 10 files in the Virus Chest that were detected by Avast during a Boot Time Scan Only. A full system scan did not show anything, but they seem to be reappearing. I had some problems with Java Script freezing in Firefox 3.6.8 NOTE THAT THIS IS THE FIRST TIME I HAVE DONE A BOOT SCAN AND HAVE HAD AVAST 5.0 for about 4 months with no problems or nothing else showing up doing regular full scans. (Meaning this “malware” may have been around for some time.)
I have disabled Java Quick Start and increased the time for scripts to load in Firefox. I also sent the files to the lab for analisis. Computer is running well otherwise at this point.

How do I copy what is in the virus chest so you can see the names of the files? They all seem to be related to Java.

Jack

Hi Jack,

By the way, have you submitted to avast software Labs?

If not yet, you may able to submit through virus chest by right click at the target that you want to sent and then choose “Submit to Virus Lab”. Beside that you may able to copy ad File title, and you may show it to us in this forum.

cheers,

Thanks!

Yes! The lab has the files. BUT the problem is SOLVED!

The issue was a Java vulnerability with some exploits that showed up that came from old Java script pages. A clearing of the Java cache, an Avast Update and Boot Time Scan has REMOVED the malware!

If users have what might be a Java based Trojan, you should move those files to the Virus Chest to Quarantine them. (Trojan’s can’t be cleaned because the file itself is the infection.) They can be either quarantined or deleted. Quarantine is the best choice for Trojans. In Avast, this action is done by selecting, “Move to Chest.”

First, close all open Windows.
Clear your browsers Temporary Files and Run Disk Clean-Up.
Click Start/Go to Control Panel
Double-Click The Java Control Panel
Click Settings under Temporary Internet Files.
Click OK on Delete Temporary Internet Files Window
Click Yes to Confirm
Click Apply

Close out and than reboot.

Jack

CCleaner will delete Java temp files for you and will also clear the cache.

@ Jack 1000
For the future - If you do a boot-time scan, check the C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\report\aswBoot.txt (this is the XP location other OSes will differ) using note pad and you can copy and paste the relevant entries.

Ensure that you have the latest JAVA - I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.