Boot scan - "infected" Malaware file wont delete ?

[felixdjb]

PLEASE SEE MORE DETAILED DESCRIPTION IN POST 4



Hi
running avast free on windows XP.

when i run a boot scan it shows the following file as infected:
C:\Documents and Settings\felix\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\there-written.php-3cc3a5e9-2dabc24d.zip: The archive is either in unknown format or damaged

its the coca.class file within this zip.

During the boot scan it wont move to chest or delete. if i ignore it the avast scan result shows it as deleted however i can still view the file.

If i view this file & try to delete it, it wont allow it and gives the above message.

Is this anything to worry about ?

[thug4real]

Try a full scan with malwarebytes free, and see what finds.
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

[Pondus]

C:\Documents and Settings\felix\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\there-written.php-3cc3a5e9-2dabc24d.zip: The archive is either in unknown format or damaged

if this is the message given by avast, then it is just a scan error message and not a detection
infected files are given a malware name

files that can not be scanned for whatever reason avast give, are just that....a file that cant be scanned, and does not mean they are infected

[felixdjb]

Sorry, my first post might be a little missleading.

During the boot scan avast says:

C:\Documents and Settings\felix\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\there-written.php-3cc3a5e9-2dabc24d.zip>coca.class is infected by java:malaware-gen(Trj)Action to take ? will not allow moving to chest / repair or delete. it gives an error code 42111
If i ignore and continue the scan then when i view the scan log in avast it shows "virus found". The log lists the file name,
 severity HIGH,
Status= Threat Java:malaware-gen (Trj)
Action Delete
Result Action successfull

However, when i search my C drive i can still see the file there.
If i try to delete i get the message:
C:\Documents and Settings\felix\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\there-written.php-3cc3a5e9-2dabc24d.zip: The archive is either in unknown format or damaged

So im confused -
Avast recognises this file as malaware and the scan results state that it has been deleted
But, the file is still on my C drive and will not allow deletion

Hope that makes sense !

[Pondus]

C:\Documents and Settings\felix\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\there-written.php-3cc3a5e9-2dabc24d.zip>coca.class is infected by java:malaware-gen(Trj)Action to take ? will not allow moving to chest / repair or delete. it gives an error code 42111

because detection is inside a compressed file, it will not rip it out

however, they are located in java cache, so clear that and it should be gone
http://www.java.com/en/download/help/plugin_cache.xml

or use CCleaner http://www.piriform.com/ 

[felixdjb]

Thank You Pondus !

I cleared the cache but it did not get rid of it. Dowloaded CCleaner from your link and that got rid of it !

Much appreciated