worm:Java/Runatox.B!jar

I am not that computer savvy but have been getting these emails sent to me that look like they are from me. Not Me! So I did a full scan and nothing. Did research about these types of spoofing or phishing emails and found out that they are nothing to mess with. I’m confused why Avast didn’t find this issue. Also the recommendation that I found on Microsoft was to use their security essentials program to scan my computer, so I downloaded Microsoft Security Essentials and turned Avast off while it scanned and low and behold it finds this worm:Java/Runatox.B!jar and was able to remove it. Why didn’t Avast find it?

Also for months now I have had an error saying that the Avast firewall has an error. I have no idea how to rectify that issue. I have paid for my Avast and up until now I have been happy until I found that I have these issues. According the the Microsoft scan either this worm has been on my computer since Oct 25th or that is when it was found to be a general problem out there.

Any suggestions for this old lady? Can I run both programs or will they conflict with each other?

Does the e-mail of the sender of these spams only look similar to yours or is it identical? If its only similar, blocking the sender may help :).

MSE and Avast! will conflict.

However, given (I Find) that MSE is usually behind the leading AV’s I find it a little hard to believe Avast! didn’t detect it.

In a moment, I will get MSE and check to see how it works. After that, I can give you instructions on how to get the file back so it can be tested and uploaded to update Virus Definitions.

In the mean time, since no AV can/will remove everything please run:

-Malwarebytes Anti-Malware

  • OTL
    -AswMBR (Windows 7) only.

You can find these tools here: http://forum.avast.com/index.php?topic=53253.0

Note for Davido: While receiving help from Magna86, can you please stick to your own thread? Thanks!

Instructions: Under the “History” Tab you should see 3 buttons.

  • Quarantined Items
  • Allowed Items
  • All Detected Items

{edit}: You might have to switch between all the different tabs. Go to either Quarantined Items or All Detceted items (tHIS ONE IS YOUR BEST BET). Click the little Check-mark by the virus Name and click Restore. After you’ve done that. Password protect the Zip file with the password infected so I can analyse and give it to avast! with the other malware I’ve found.

How to ZIP/archive a file.

-Right Click the wanted file.

  • Add to Archive
  • Set the name
  • PassWord Protect it (Password should be infected.)

(See attached picture for naming and Password protecting it. No capitals with the password please!)

Q: I answered your question about running Avast! and MSE very vaguely. Was a rushed reply, thought I had somewhere to go.

A: Really what happens is, when you run 2 AV (Anti-Viruses), both with Self Defense Modules and Real-Time scanning. Avast! can pick MSE up as malware or vice versa. This will create FP’s about each other and if something is deleted can crash your computer.

Please do the following to try and repair your Firewall.

Open Control Panel > Programs & Features > Right click Avast! > Uninstall/Change > Repair.

Does that help? If not, do let me know please.

Do note: I’ve attached pictures to hopefully help you. Use them as a guide if you need to.