Ad-Aware Question

LeonardoLeonardo Wake up and smell the glaciersEagle River, Alaska Icrontian
edited May 2004 in Spyware & Virus Removal
This will sound really weird. Laugh if you want; but it's what my sister related to me.

My sister called and said they were having problems with their computer. What she described were the classic symptoms of spyware, hijacking, and so forth. Now's the part that gets screwy. She said that they had run Ad-Aware, as I had trained them to do, and that after running it the computer lost some functionality, specifically, that MS Word would not work correctly and that they couldn't connect to the Internet every time they wanted to. She called Comcast, and the help(?) technician stated that they had probably deleted some "registry entries" when using Ad-Aware to fix problems. Legitimate registry entries! Get real. That's not possible, is it? I've never seen Ad-Aware indicate anything but real junk that needed to be cleaned out.

I'm thinking that my sister and her son ran some other type of program, not Ad-Aware.

Comments

  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited May 2004
    It's possible that some crapware infested an executable or an important library, and then when the remover got rid of it, it broke an app. I've seen it happen with notepad.exe (some trojan infected notepad.exe and then when the virus was killed, the real notepad worked, but was no longer registered properly).

    It's unlikely, but possible.
  • Straight_ManStraight_Man Geeky, in my own way Naples, FL Icrontian
    edited May 2004
    POSSIBLE, just possible, that this happened:

    Box can be trojaned or macro infected. Ad-Aware can detect some trojans that feed adware. If files were trojan infected when adaware was run and it recognized the trojans involved, cleaning with adaware would delete the entries linking them and possibly the files also. The original files could have been good before they got infected.

    No, I have never had adaware delete entries for files that were not in fact infected with trojan copies, but trojans can infect many different kinds of file and sometimes they pick RANDOM files of a certain MIME or extension type to infect. Those could include files needed by programs to run.

    I would say to have the box fully virus scanned with a VERY recently updated AV for integrity checking purposes. Normally when this happens more than one malwatre is present or Ad-Aware has detected part of something else more complex (trojan half of a hybrid, for example).

    Prime and I were both typing at once... :D
  • LincLinc Owner Detroit Icrontian
    edited May 2004
    I wonder if it was "HijackThis" and she removed them all ;)

    I would suspect that either she was using a different program or, more likely, (though still sketchy) that it was an unrelated occurence. Is she sure it was all working just before the scan and that it all stopped working directly afterward, with no other possible actions in between that could've caused that?
  • LeonardoLeonardo Wake up and smell the glaciers Eagle River, Alaska Icrontian
    edited May 2004
    You guys are thinking along the same lines I am. Well anyway, I'm visiting Sis Saturday and will work over her computer. I'm already dreading what HijackThis will reveal. :eek2: Her kids are always downloading cutesy this and that. I warned her about it.
    Is she sure it was all working just before the scan and that it all stopped working directly afterward, with no other possible actions in between that could've caused that?
    No, they've been having problems for a while. But her 12 year old sun thought he might try some advanced system cleaning, at least so I hear.
Sign In or Register to comment.