How to identify the malicious process is running in Ad-Aware Live Icon Notification
We keep getting a message in the Ad-Aware Live! Icon as follows:
Ad-Watch Live!
detected that a malicious process is running and started a scab in background mode. You will be able to clean any infection safely after the scan is finished
I click on it and nothing happens.
Hoe can we identify the malicious process is running?
Ad-Watch Live!
detected that a malicious process is running and started a scab in background mode. You will be able to clean any infection safely after the scan is finished
I click on it and nothing happens.
Hoe can we identify the malicious process is running?
Download this , I hope it will remove that adware
http://www.lavasoft.com/products/ad_aware_free.php
http://www.lavasoft.com/products/ad_aware_free.php
ASKER
We have those apps, but we haven't been able to identify the malicious process that is running. That is why placed the question.
You can try different Antivirus and Antispyware if you are not able to recognize which application or process is malicious or not.
ASKER
We have AVG, Spy-Bot, Spywareguard, Spyware Blaster and Comodo installed.
We would like to know what exact process the Ad-Aware is saying is malicious.
We would like to know what exact process the Ad-Aware is saying is malicious.
Can you check in the logs of Ad-aware what process it found and what it has done to it.
logs will be somewhere in
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Log
or in program files installation folder.
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Log
or in program files installation folder.
ASKER
We have Windows 7. What would be the folder (we are looking for that)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I suggest that you use one of the 'rogue process stoppers' before attempting any other actions.
If this is NOT some kind of false positive, it is doubtful that of the applications you listed are going to be able to handle the problem.
Is the "Comodo" you're running the AV or the Firewall?
If the AV, it may possibly conflict with your AVG.
If the firewall, it may possibly/probably conflict with your basic OS/network connectivity.
Read the details in these EE Articles and start your entire trouble-shooting process over. Post the logs that are generated by the names tools/scanners:
Rogue-Killer-What-a-great-
Stop-the-Bleeding-First-Ai
You can substitute RogueKiller with TheKiller (more auto-fix functions than RK):
Download TheKiller to your Desktop
http://maliprog.geekstogo.com/explorer.exe
Note that TheKiller is renamed as explorer.exe
Run it by double click
Press OK button after program finish
Do not restart your system after this step, but immediately run the other tools/scanners.
If this is NOT some kind of false positive, it is doubtful that of the applications you listed are going to be able to handle the problem.
Is the "Comodo" you're running the AV or the Firewall?
If the AV, it may possibly conflict with your AVG.
If the firewall, it may possibly/probably conflict with your basic OS/network connectivity.
Read the details in these EE Articles and start your entire trouble-shooting process over. Post the logs that are generated by the names tools/scanners:
Rogue-Killer-What-a-great-
Stop-the-Bleeding-First-Ai
You can substitute RogueKiller with TheKiller (more auto-fix functions than RK):
Download TheKiller to your Desktop
http://maliprog.geekstogo.com/explorer.exe
Note that TheKiller is renamed as explorer.exe
Run it by double click
Press OK button after program finish
Do not restart your system after this step, but immediately run the other tools/scanners.
ASKER
Thanx Lots! We followed the links we have identify where the log is and was able to determine if malicious or not.
http://www.safer-networking.org/en/download/
if you want to have better information and know about what process should run and what not then you can use utility
ProcessExplorer and ProcessMonitor
http://technet.microsoft.com/en-us/sysinternals/bb896645
http://technet.microsoft.com/en-us/sysinternals/bb896653
you can also run hijack this and find what all things are starting at startup.
http://sourceforge.net/projects/hjt/