I ran a scan last night. This is what the report had found:

C:\Users\Tiffanie\AppData\Local\Temp\jar_cache3914823165317491119.tmp: Exploit.JS-7 FOUND
C:\Users\Tiffanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\18364cfd-5ee01cd9: Exploit.JS-7 FOUND

----------- SCAN SUMMARY -----------
Known viruses: 699146
Engine version: 0.95.3
Scanned directories: 58138
Scanned files: 330550
Infected files: 2
Data scanned: 59778.39 MB
Data read: 62582.83 MB (ratio 0.96:1)
Time: 13415.306 sec (223 m 35 s)

Upon searching my settings, I have the "report only" box checked and the "unload infected programs from computer memory" checked. Since the "remove" and "move to quarantine folder' boxes are not selected, is the virus still somewhere lurking in a place on my computer? What is my next step?
Thanks

It's good that you are using ClamWin's infected files Report Only option. If you choose Remove or Quarantine, you could lose access to your Windows operating system if ClamWin has a "false positive" detection on a Windows file or to an important Office or another program file. A false positive is when a "clean" file is similar enough to some virus that ClamWin falsely detects it as infected.

Thats why you should verify all ClamWin detections by uploading them to Jotti at https://virusscan.jotti.org/en or VirusTotal at https://www.virustotal.com/ on the web. Either service will scan a file for you with multiple AV scanners (including Clam AV, which furnishes the scanning engine/signatures used by ClamWin). If several other AVs besides Clam find an infection, the file probably has a real virus. If only a few find an infection, it is probably a false positive. I like to see a detection by some of these AVs: McAfee, Microsoft, Symantec, Kaspersky, Nod32, or Trend Micro. They have a lot of commercial users and have to get it right.

If it is a real virus, you can either manually remove the file from your computer (the ClamWin scan report shows where it is) or temporarily set ClamWin to Quarantine/Remove and re-scan the file/directory--be sure to set it back to Report Only when finished.

If it is a false positive, report it to Clam AV, starting at https://www.clamav.net/sendvirus/ on the web. When you get to the form, be sure to indicate it is a false positve. Give them the exact hame of the false positive virus, and give the scan results on Jotti/VirusTotal in the comments.

Regards,

Thanks so much for your help. I was able using both of the sites you recommended to find out they were both malware files and was able to manually remove them. I am going to do another complete scan of my hard drive just to make sure I got everything.

Thanks again!

You are very welcome. Thank you for using ClamWin. Please continue to suppport it.

Regards,

Hi I have followed instructions from above and have a similar virus - an exploit in a java cache - the opther sites recommended said the file was infected so I have moved it into quarantiine but cannot find the quarantine folder to delete it.