Have you tried doing your scans in "Safe Mode
"? Are you doing scans while logged into the "Administrator Account
" or an "account with administrator privileges
Anytime you come across a suspicious file, search the name using Google, BC's File Database
, File Research Center
or the Process ID Database
. Also see How to determine what services are running under a SVCHOST.EXE process
Determining whether a file is malware or a legitimate process sometimes depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location on your computer. A file's properties may give a clue to identifying it. Right-click
on the file, Properties
and examine the General and Version tabs.
You can download and use Process Explorer
or Glarysoft Process Manager
to investigate all running processes and gather additional information to identify and resolve problems. These tools will show the process CPU usage, a description and its path location
. If you right-click on the file in question and select properties, you will see more details about the file.
Anytime you come across a suspicious file which you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to jotti's virusscan
. In the "File to upload & scan
" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
Post back with the results of the file analysis.