Author Topic: Clean and repair or delete infected files  (Read 9199 times)

0 Members and 1 Guest are viewing this topic.

Tranzol

  • Guest
Clean and repair or delete infected files
« on: July 08, 2012, 09:22:30 PM »
Yesterday -while Avast free antivirus scanned by start of the computer- it detected 4 viruses. I decided to place these in the virus chest. They were all located originally under "C:\Users\[my name]\AppData\LocalLow\Sun\Java\Deployment... ..." and it was also "cache" in the string. Avast dialogue box (virus chest) gives the following virus descriptions:

1) "Java:Malware-gen [Trj]",
2) "Java:CVE-2012-0507-AW [Expl]",
3) "Java:CVE-2012-0507-CI [Expl]" and
4) "java:CVE-2012-0507-CH [Expl]".

"Trj" must be trojan, what is "Expl"? What is the very best to do with these files? I want to remove them completely from the virus chest. The file 1) with trojan must be deleted or... is it POSSIBLE to clean and repair it? Refer to: http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm. Is it possible to clean and repair file 2), 3) and 4)?
  Is file 1) possibly a "false positive"?
  All viruses are in Java-files (from Oracle). Oracle is a very serious publisher and Java is important, there should be no wrong with it.

  I am using Windows 7 Home Premium (64bits), Windows Defender, avast! Free Antivirus and McAfee Security Scan Plus. For Avast and Windows Dender it is 100% latest versions, Avast: 7.0.1456 and latest antivirus engine and virus definitions.

 
  When this has occured, do I have to perform full recovery of HDD and computer?? I have noticed no malfuntions whatsoever the latest months.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88854
  • No support PMs thanks
Re: Clean and repair or delete infected files
« Reply #1 on: July 08, 2012, 09:41:54 PM »
Only true virus infections (small piece of virus code inserted into a legit file) can possibly be repaired, these aren't virus infections as such and the whole file is considered malicious.

The [Expl] is Exploit and in this case trying to exploit your version of JAVA, which is most likely out of date:
- I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.

Generally the best option is to move to the chest:
Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest (a protected area) and investigate.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

However, in this case there would be no harm in deletion.

JAVA isn't actually important as it isn't essential, unless websites that you visit use JAVA then you don't actually need it installed.

No HDD recovery is required other than ensuring that you have the latest version of JAVA if it is absolutely required.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security