AVG and Ad-Aware

  § 20:54 13 Nov 04
Locked

When I scan with Ad-Aware I get 3-4 'Virus Alerts' from AVG 7 in locations Windows\Temp\AAW TMP\....

Is this OK or is Ad-Aware harbouring Trojans?

  Gongoozler 21:06 13 Nov 04

It would appear that during a scan AdAware temporarily decompresses an old file which is than picked up by the Antivirus software. click here and click here

  stalion 21:07 13 Nov 04

try scanning with ad-aware whilst not on the internet with avg7 turned off

  LastChip 21:13 13 Nov 04

When Ad-Aware scans, it creates the AAW.TMP file if it wishes to place something in there. While it is scanning, it is effectively probing files on your system.

What AVG is telling you, is something is trying to open an infected file. So it's not so much Ad-Aware is harbouring Trojans, but that AVG is preventing Ad-Aware opening the files.

You need to establish which files are being probed when this happens and if you are at all suspicious about their source or integrity, get rid of them.

  § 10:39 14 Nov 04

Thanks guys, but at the risk of sounding thick I still don't understand.

I know what you're saying, but AVG tells me that it has nothing in it's virus vault so where is Ad-Aware getting the files from?

Should I just ignore it, or should I make a note of the files and attempt a manual deletion?

One example is WINDOWS\TEMP\AAW TMP\C2535894\269EF\INSECURECLASSLOADER.CLASS\Java\ByteVerify.

btw when I run AVG it finds nothing.

  § 10:44 14 Nov 04

LastChip I see what you're saying about Ad-Aware creating AAW.TMP and trying to open the files when AVG spots it, but where is it getting the files from?

  Gongoozler 11:09 14 Nov 04

My suggestion is that you turn off System Restore (assuming that you're using Windows XP). Delete all Temporary Internet files and the contents of any Temp folders (including C:\Temp and C:\Windows\Temp). Run AdAware, at the end of the scan click on "Open quarantine list", delete all quarantined items then close AdAware. Run AVG. Restart System restore and create a new Restore Point. Hopefully your computer will now be trojan and virus free

  § 11:11 14 Nov 04

Two other observations:

1 - this happens when I run Ad-Aware in "full system scan" but not in "smart system scan".

2 - AVG doesn't react to any of the options.

  § 13:56 14 Nov 04

Thanks Gongoozler I tried that (and running AVG in Safe Mode) but still AVG found nothing.

A search via Copernic led me to the Computer Associates site and I ran their on-line check which found 9 trojans in the MS Virtual Machine.

"This is not a virus, but rather a method to exploit a security vulnerability in the Microsoft Virtual Machine. This vulnerability arises as the ByteCode verifier in the Microsoft Virtual machine does not correctly check for the presence of certain malformed code when a Java applet is loaded. Attackers could exploit this vulnerability by creating malicious Java applets and inserting them into web pages. These web pages could be hosted on a site by a malicious web master, or could be sent to users as an attachment."

I deleted them and ran it a second time and now seem to be clean.

I still don't know why AVG only picked them up (and then couldn't deal with them) while I ran Ad-Aware.

Thanks for the help.

  Gongoozler 17:56 14 Nov 04

Hi §. I don't fully understand it either, but from what I've found it would appear that the trojans were in compressed files, AdAware temporarily decompressed the files to examine them, and while the files were in the decompressed state AVG detected them.

This thread is now locked and can not be replied to.

How to get Windows 10 for free | How to install Windows 10: There is still a way to avoid paying…

1995-2015: How technology has changed the world in 20 years

Alex Chinneck’s giant ice cube Christmas tree at Kings Cross

Apple rumours & predictions 2017: The iPhone 8, new iPads, and everything else you should expect fr7…