I have MalwareBytes Anti-Malware and Avast 2014 installed.
I am running Windows 7 64bit.
I run Avast scan once every week and MBAM scans 2 or more times a week.
I ran a Boottime scan with Avast last night and it has found 4 pieces of malware in the same file. I am not able to find the boottime log but in my quarantine but they are listed as:
and they were all found in different .class files inside of "svchost302236404.jar" which was located:
I looked into the infections online and it appears they could have been installed from a Minecraft modifications and that they are used as RAT tools and keyloggers to steal information. I generally only download modifications from trusted sources(Minecraft Forums) and I haven't downloaded one in quite some time.
This didn't sit too well with me so I went to check for the "svchost302236404.jar" file to see when it was added and to see if I could figure out where it was installed from. Unfortunately, when I check for the file in the Roaming folder, the file is not there. Avast didn't say it quarantined the "svchost302236404.jar" only the 4 .class files that were infected inside of it.
I ran a quick Malwarebytes scan and that found 0 infections but I ran it before countless times and it has never found the file(Note sure how long the infection has been on the computer).
Is it possible that the file has hidden itself or moved itself or would Avast have removed it completely?
I want to start changing some passwords but not until I am certain that this malware is first dealt with.
Any help is appreciated.
Edited by Overwatch, 03 March 2014 - 12:36 PM.