After my virus database updated last night (Nov.28,06), I ran Ad-aware (full system scan) and encountered a false positive with the temp files Ad-aware creates when running (BlackBox.class, Dummy.class, VerifierBug.class, Beyond.class).
I’ve been using avast home for about 6 months now and haven’t encountered any conflicts while running Ad-aware before.
I’ve tried excluding the Ad-aware temp files and folder (C:\Documents and Settings\xxx\Local Settings\Temp\AAWTMP*.class) from avast, but my exclusion did not work; avast still scanned the subfolders where these temp files are created.
I have been able to duplicate this problem on three different computers so far.
Any help in resolving this conflict would be appreciated.
System Specs.;
Pentium 4 3.4Ghz, 2MB RAM
Windows XP Pro SP2 (all updates installed)
avast! Home 4.7-892
VPS file: 0651-2
The temp folder where you say the infection was detected it where adaware unpacks stuff and when the scan is complete adaware empties it, so you won’t find anything there.
I advise pausing Standard Shield whilst carrying out any other security scan. Not only will this stop this type of possible detection of virus signatures from the other program, it will also stop duplication of scanning as avast looks over the shoulder of the other program. This will also reduce the time taken for the scan.
As far as exclusions go you probably haven’t added it to the Standard Shield, Customize, Advanced, Add, exclusions list.
Originally posted by DavidR
[i]
The temp folder where you say the infection was detected it where adaware unpacks stuff and when the scan is complete adaware empties it, so you won't find anything there.
I advise pausing Standard Shield whilst carrying out any other security scan. Not only will this stop this type of possible detection of virus signatures from the other program, it will also stop duplication of scanning as avast looks over the shoulder of the other program. This will also reduce the time taken for the scan.
As far as exclusions go you probably haven’t added it to the Standard Shield, Customize, Advanced, Add, exclusions list.
[/i]
Thanks for the reply.
Yes the temp folders and files I mentioned are created by Ad-aware during execution and are deleted upon completion, so these files and folders can only be found when Ad-aware is running.
I did include the exclusion in the Standard Shield, Customize, Advanced, Add, exclusion list, but no format or syntax I used seemd to work. Here are some that I tried with no success;
C:\Documents and Settings\xxx\Local Settings\Temp\AAWTMP*
C:\Documents and Settings\xxx\Local Settings\Temp\AAWTMP*.class
C:\Documents and Settings\xxx\Local Settings\Temp*.class
C:\Documents and Settings\xxx\Local Settings\Temp\AAWTMP**.*
Obviously the Standard Shield could be paused while running other security programs, but I would prefer to just exclude these Ad-aware files for simplicity reasons since this wasn’t a problem prior to the last virus database update.
It may be just the length and spaces in the folder path, etc.
You could try, C:*\Temp\AAWTMP* or C:*\Temp\AAWTMP*.*, but personally I wouldn’t even bother and just pause Standard Shield.
Another reason for pausing Standard Shield is to avoid any possible conflict if the two scanners scan a file that is infected and both recognise, they could then fight for control over who blocks.locks it etc.
Originally posted by DavidR
[i]
It may be just the length and spaces in the folder path, etc.
You could try, C:\*\Temp\AAWTMP\* or C:\*\Temp\AAWTMP\*.*, but personally I wouldn't even bother and just pause Standard Shield.
Another reason for pausing Standard Shield is to avoid any possible conflict if the two scanners scan a file that is infected and both recognise, they could then fight for control over who blocks.locks it etc.
[/i]
Duh!!! Smacks self on forehead…
Yes, it was the spaces in the folder path. I changed it to your recommendation C:*\Temp\AAWTMP* and it worked perfectly.
Thanks a bunch!..I had a brain-lapse. That should have occurred to me.
Its hard to remember DOS conventions when working in a windows environment so much.