Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to identify the malicious process is running in Ad-Aware Live Icon Notification

Posted on 2012-04-07
11
Medium Priority
?
654 Views
Last Modified: 2012-04-07
We keep getting a message in the Ad-Aware Live! Icon as follows:

Ad-Watch Live!
detected that a malicious process is running and started a scab in background mode. You will be able to clean any infection safely after the scan is finished


I click on it and nothing happens.

Hoe can we identify the malicious process is running?
0
Comment
Question by:rayluvs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37818841
scan system with antispyware like spybot
http://www.safer-networking.org/en/download/

if you want to have better information and know about what process should run and what not then you can use utility

ProcessExplorer and ProcessMonitor
http://technet.microsoft.com/en-us/sysinternals/bb896645
http://technet.microsoft.com/en-us/sysinternals/bb896653

you can also run hijack this and find what all things are starting at startup.
http://sourceforge.net/projects/hjt/
0
 
LVL 9

Expert Comment

by:Ashok Dewan
ID: 37818851
Download this , I hope it will remove that adware

http://www.lavasoft.com/products/ad_aware_free.php
0
 

Author Comment

by:rayluvs
ID: 37818878
We have those apps, but we haven't been able to identify the malicious process that is running.  That is why placed the question.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37818900
You can try different Antivirus and Antispyware if you are not able to recognize which application or process is malicious or not.
0
 

Author Comment

by:rayluvs
ID: 37818906
We have AVG, Spy-Bot, Spywareguard, Spyware Blaster and Comodo installed.

We would like to know what exact process the Ad-Aware is saying is malicious.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37818909
Can you check in the logs of Ad-aware what process it found and what it has done to it.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37818911
logs will be somewhere in
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Logs

or in program files installation folder.
0
 

Author Comment

by:rayluvs
ID: 37818931
We have Windows 7.  What would be the folder (we are looking for that)
0
 
LVL 17

Accepted Solution

by:
Anuroopsundd earned 2000 total points
ID: 37818937
0
 
LVL 38

Expert Comment

by:younghv
ID: 37818943
I suggest that you use one of the 'rogue process stoppers' before attempting any other actions.
If this is NOT some kind of false positive, it is doubtful that of the applications you listed are going to be able to handle the problem.

Is the "Comodo" you're running the AV or the Firewall?
If the AV, it may possibly conflict with your AVG.
If the firewall, it may possibly/probably conflict with your basic OS/network connectivity.

Read the details in these EE Articles and start your entire trouble-shooting process over. Post the logs that are generated by the names tools/scanners:
Rogue-Killer-What-a-great-name
Stop-the-Bleeding-First-Aid-for-Malware

You can substitute RogueKiller with TheKiller (more auto-fix functions than RK):

Download TheKiller to your Desktop
http://maliprog.geekstogo.com/explorer.exe

Note that TheKiller is renamed as explorer.exe
Run it by double click
Press OK button after program finish
Do not restart your system after this step, but immediately run the other tools/scanners.
0
 

Author Closing Comment

by:rayluvs
ID: 37819234
Thanx Lots!  We followed the links we have identify where the log is and was able to determine if  malicious or not.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question