Hello! First time posting, I seem to have come across a situation that has me fairly concerned.
This morning I was browsing deviantart, a website I frequent several times a day with no problem. I then got Avast giving me a trojan virus warning,from the url I figure it was from one of the advertisement banners on the site, for which I hit the Abort Connection button, and it appeared as if one of the ad banners didn’t load, assumed that was the culprit. I then proceeded to poke around the menus for instructions on how to report the ad to the site, and had the same warning pop up again, and gave the same address in the warning. Again, I used the Abort Connection.
I then ran a scan just to be sure, and the results showed zero infected files, but told me I had 2 ‘Decompression Bombs’, which I’ve never seen before. There were no options to do anything with those files.
So, it may be a coincidence that I had 2 virus warnings and then 2 decompression bombs, but I’m sort of a paranoid person by nature :-[ (and not the brightest when it comes to computer files) So I was wondering if there is any risk of trojans hiding in those bombs? And if there are any steps I should take?
I’m running the scan again, just in case, so I’ll post the file names if they come up again
Thanks for taking the time to read any help is much appreciated :-* (oh, I use Windows Vista if that makes any difference)
The web shield would have blocked the detected file from being saved to your browser cache and consequently run in your system, so it shouldn’t be present on your system.
You check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections, but I don’t know if this would be much help to them. C:\Program Files\Alwil Software\Avast4\ashLogV.exe - Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log
When posting URLs to suspect sites, change the http to hXXp so the link isn’t active (clickable) avoiding accidental exposure.
Many sites have banner ads that are out of their control as they are served by some other service and on occasion that banner could have malicious content. Even if you reported it to them they may not be able to do anything about it unless you could specifically state it was a banner ad and which one.
Could we have the link to the page that avast alerted you on?
This can be found in the avast log viewer:
right click avast icon–>click avast log viewer–>click warning section–>the most recent warnings will be at the bottom by default
The fact that you clicked the abort connection button means that the potential malware was interrupted and stopped before it had a chance to reach your system.
As for the ‘decompression bombs’
I think there is nothing to worry about there.
EDIT:ahh I’m no match for you DavidR, even when I cheat ;D
odd, the preview button didn’t show me your post… oh well its done now…
I checked the files that were listed as decompression bombs, turns out one was a Firefox cache file, and the other was an old .exe for a windows patch I forgot to delete ages ago :-X Just like me to panic at nothing ;D
As for the page that Avast gave the alert on, the link was hxxp://exchange.blueadvertise.com/72890_dyn.php