Solved

How to identify the malicious process is running in Ad-Aware Live Icon Notification

Posted on 2012-04-07
11
612 Views
Last Modified: 2012-04-07
We keep getting a message in the Ad-Aware Live! Icon as follows:

Ad-Watch Live!
detected that a malicious process is running and started a scab in background mode. You will be able to clean any infection safely after the scan is finished


I click on it and nothing happens.

Hoe can we identify the malicious process is running?
0
Comment
Question by:rayluvs
11 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
Comment Utility
scan system with antispyware like spybot
http://www.safer-networking.org/en/download/

if you want to have better information and know about what process should run and what not then you can use utility

ProcessExplorer and ProcessMonitor
http://technet.microsoft.com/en-us/sysinternals/bb896645
http://technet.microsoft.com/en-us/sysinternals/bb896653

you can also run hijack this and find what all things are starting at startup.
http://sourceforge.net/projects/hjt/
0
 
LVL 9

Expert Comment

by:Ashok Dewan
Comment Utility
Download this , I hope it will remove that adware

http://www.lavasoft.com/products/ad_aware_free.php
0
 

Author Comment

by:rayluvs
Comment Utility
We have those apps, but we haven't been able to identify the malicious process that is running.  That is why placed the question.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
Comment Utility
You can try different Antivirus and Antispyware if you are not able to recognize which application or process is malicious or not.
0
 

Author Comment

by:rayluvs
Comment Utility
We have AVG, Spy-Bot, Spywareguard, Spyware Blaster and Comodo installed.

We would like to know what exact process the Ad-Aware is saying is malicious.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 17

Expert Comment

by:Anuroopsundd
Comment Utility
Can you check in the logs of Ad-aware what process it found and what it has done to it.
0
 
LVL 17

Expert Comment

by:Anuroopsundd
Comment Utility
logs will be somewhere in
C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Logs

or in program files installation folder.
0
 

Author Comment

by:rayluvs
Comment Utility
We have Windows 7.  What would be the folder (we are looking for that)
0
 
LVL 17

Accepted Solution

by:
Anuroopsundd earned 500 total points
Comment Utility
0
 
LVL 38

Expert Comment

by:younghv
Comment Utility
I suggest that you use one of the 'rogue process stoppers' before attempting any other actions.
If this is NOT some kind of false positive, it is doubtful that of the applications you listed are going to be able to handle the problem.

Is the "Comodo" you're running the AV or the Firewall?
If the AV, it may possibly conflict with your AVG.
If the firewall, it may possibly/probably conflict with your basic OS/network connectivity.

Read the details in these EE Articles and start your entire trouble-shooting process over. Post the logs that are generated by the names tools/scanners:
Rogue-Killer-What-a-great-name
Stop-the-Bleeding-First-Aid-for-Malware

You can substitute RogueKiller with TheKiller (more auto-fix functions than RK):

Download TheKiller to your Desktop
http://maliprog.geekstogo.com/explorer.exe

Note that TheKiller is renamed as explorer.exe
Run it by double click
Press OK button after program finish
Do not restart your system after this step, but immediately run the other tools/scanners.
0
 

Author Closing Comment

by:rayluvs
Comment Utility
Thanx Lots!  We followed the links we have identify where the log is and was able to determine if  malicious or not.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now