Avast WEBforum

Other => General Topics => Topic started by: Mr.Agent on October 26, 2009, 09:20:55 PM

Title: [Solved] I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 09:20:55 PM
Hi yesterday i had a alert from a website by Avast!

So now he popped up and said there was a java script downloader so i said abord connection and closed the web and cleaned out my internet temp so i wanna know if i need to clean up also my cookies ???

I verified with all my scanner and its popped up 0 virus.

So did i do a good move by doing this or you think the virus has hitted my computer ?

I did panic when i did see Avast! popped me up that virus i was like WOW !!!

Its first time i got a JS:Downloader so i scare... :(

Sorry to panic too much but i want to be sure that the thing i did is great.

Thank,
Mr.Agent
Title: Re: I wanna be sure...
Post by: Tarq57 on October 26, 2009, 09:51:20 PM
Without seeing the alert and the subsequent action, I can't be sure, but it would seem to me the webshield aborted the connection before any malware downloaded.
Title: Re: I wanna be sure...
Post by: Hermite15 on October 26, 2009, 09:51:49 PM
someone else posted a similar question and the answer (at least mine) will be the same here: if the connection was aborted, there's no possible infection on disk. No need for a full scan, nothing, cleaning browser's cache and cookies is enough (and temp files if you use IE).
http://forum.avast.com/index.php?topic=50259.msg425713#msg425713
Title: Re: I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 10:02:52 PM
Ok so no need to clean up anything from my browser if avast! did abord the connection ? ;D
Title: Re: I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 10:39:58 PM
But the thing im worry the more is the page did open up so a bit before it Avast! said there was a malicious downloader java script so i clicked "Abort The Connection" Then the page was still there so i closed and did reopened IE and cleaned only my temp files and no cache...... So i wanna know if you recommand me to delete the cache also for be sure ? That the thing im worry the more...

Also the thing i wanna know is if a cookie or a cache can steal your personal information ? I found a guy to say yes to this so im really wondering and scaring to ask it.

Sorry for the double post...

Mr.Agent ;)
Title: Re: I wanna be sure...
Post by: Tarq57 on October 26, 2009, 10:50:04 PM
Wouldn't hurt to delete the browser cache.
If it was an I frame within the site, it would have been just that component that was blocked, which probably occured affter most of the rest of the page loaded.
Why don't you can the cache before deleting it, to satisfy your curiosity?
Title: Re: I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 10:52:19 PM
Ok i will delete cache and all trace from my browser.

But can you respond to the question "Also the thing i wanna know is if a cookie or a cache can steal your personal information ? I found a guy to say yes to this so im really wondering and scaring to ask it."

Mr.Agent
Title: Re: I wanna be sure...
Post by: DavidR on October 26, 2009, 10:52:44 PM
But the thing im worry the more is the page did open up so a bit before it Avast! said there was a malicious downloader java script so i clicked "Abort The Connection" Then the page was still there so i closed and did reopened IE and cleaned only my temp files and no cache...... So i wanna know if you recommand me to delete the cache also for be sure ?

Only the infected element will be blocked, the web page something.html may not have been infected only the javascript element on that page would be blocked/aborted, not the html page nor the images or any other element associated with the page.

So it isn't unusual to see a partial page load unless the infection is embedded in the source code (javascript in-line script tag of an iframe tag pointing to a malicious site) of the html page, then you would see nothing.
Title: Re: I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 10:55:19 PM
Well this topic should already be in virus and worm... I feel sorry for ALWIL :(

But DavidR i got the link for where i got the infection if you want i can copy paste it with hxxp://

Mr.Agent
Title: Re: I wanna be sure...
Post by: Tarq57 on October 26, 2009, 10:57:35 PM
A cookie is nothing much to be concerned about. They are easily deleted, and nothing more than a minor privacy issue.
The cache will contain anything downloaded, including pictures, scripts, files...anything that enters your browser from the web. So of course there could be malicious files in it.
If there were, you would normally know, because of strange computer behaviour, and unwanted stuff running/installing.
Title: Re: I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 10:59:37 PM
A cookie is nothing much to be concerned about. They are easily deleted, and nothing more than a minor privacy issue.
The cache will contain anything downloaded, including pictures, scripts, files...anything that enters your browser from the web. So of course there could be malicious files in it.
If there were, you would normally know, because of strange computer behaviour, and unwanted stuff running/installing.

You will say im strange but yeah i panic when i did see my first java script downloader to pop ups... So if avast! did abort the connection because of the script so its mean no cache did go in right ?
Title: Re: I wanna be sure...
Post by: Tarq57 on October 26, 2009, 11:08:42 PM
You have enough information here. You work it out.
Title: Re: I wanna be sure...
Post by: Mr.Agent on October 26, 2009, 11:14:56 PM
Ok yes i agree Tarq. I did read all you said and i think i did panic for nothing lol. For sure i did clean up all thing and run a scan of malwarebytes and nothing come up so far Avast! was here !!!!! Thank you so much guys for all your answer and sorry if i was being annoying for you...

But well we all want to keep personal information for yourself ;)

Mr.Agent
Title: Re: [Solved] I wanna be sure...
Post by: DavidR on October 27, 2009, 12:38:56 AM
But DavidR i got the link for where i got the infection if you want i can copy paste it with hxxp://

That isn't necessary, as I said avast only blocks the download of infected items (that is what the abort connection does) so it doesn't get into the cache. The rest of the elements in that page, images, etc. which aren't infected would be displayed.

You shouldn't have to do anything else, thos manually clearing the browser cache or temp internet files is a precaution.

Cookies, an over blown nonsense that isn't worth worrying about, http://en.wikipedia.org/wiki/HTTP_cookie (http://en.wikipedia.org/wiki/HTTP_cookie).