OnePlus 5T review
When I scan with Ad-Aware I get 3-4 'Virus Alerts' from AVG 7 in locations Windows\Temp\AAW TMP\....
Is this OK or is Ad-Aware harbouring Trojans?
try scanning with ad-aware whilst not on the internet with avg7 turned off
When Ad-Aware scans, it creates the AAW.TMP file if it wishes to place something in there. While it is scanning, it is effectively probing files on your system.
What AVG is telling you, is something is trying to open an infected file. So it's not so much Ad-Aware is harbouring Trojans, but that AVG is preventing Ad-Aware opening the files.
You need to establish which files are being probed when this happens and if you are at all suspicious about their source or integrity, get rid of them.
Thanks guys, but at the risk of sounding thick I still don't understand.
I know what you're saying, but AVG tells me that it has nothing in it's virus vault so where is Ad-Aware getting the files from?
Should I just ignore it, or should I make a note of the files and attempt a manual deletion?
One example is WINDOWS\TEMP\AAW TMP\C2535894\269EF\INSECURECLASSLOADER.CLASS\Java\ByteVerify.
btw when I run AVG it finds nothing.
LastChip I see what you're saying about Ad-Aware creating AAW.TMP and trying to open the files when AVG spots it, but where is it getting the files from?
My suggestion is that you turn off System Restore (assuming that you're using Windows XP). Delete all Temporary Internet files and the contents of any Temp folders (including C:\Temp and C:\Windows\Temp). Run AdAware, at the end of the scan click on "Open quarantine list", delete all quarantined items then close AdAware. Run AVG. Restart System restore and create a new Restore Point. Hopefully your computer will now be trojan and virus free
Two other observations:
1 - this happens when I run Ad-Aware in "full system scan" but not in "smart system scan".
2 - AVG doesn't react to any of the options.
Thanks Gongoozler I tried that (and running AVG in Safe Mode) but still AVG found nothing.
A search via Copernic led me to the Computer Associates site and I ran their on-line check which found 9 trojans in the MS Virtual Machine.
"This is not a virus, but rather a method to exploit a security vulnerability in the Microsoft Virtual Machine. This vulnerability arises as the ByteCode verifier in the Microsoft Virtual machine does not correctly check for the presence of certain malformed code when a Java applet is loaded. Attackers could exploit this vulnerability by creating malicious Java applets and inserting them into web pages. These web pages could be hosted on a site by a malicious web master, or could be sent to users as an attachment."
I deleted them and ran it a second time and now seem to be clean.
I still don't know why AVG only picked them up (and then couldn't deal with them) while I ran Ad-Aware.
Thanks for the help.
Hi §. I don't fully understand it either, but from what I've found it would appear that the trojans were in compressed files, AdAware temporarily decompressed the files to examine them, and while the files were in the decompressed state AVG detected them.
This thread is now locked and can not be replied to.