Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Removing Spyware Headaches

  • Please log in to reply
4 replies to this topic

#1 J Violette

J Violette

  • Members
  • 2 posts
  • Local time:10:30 PM

Posted 23 March 2006 - 10:23 AM

Hi All,
I have an XP Home SR2, Norton 2006, Ad-Aware, Spy-bot, MS Defender pc at home (hope I remembered them all).

I started getting "Black Worm" warnings and unwanted popups the other day. The popups were the exact size of my current browser window (don't know if that means anything) and were of inappropriate material.

I have the latest (as of Tuesday evening) of all the antispyware listed above as well as all the Norton and windows critical updates.

Norton was telling me I had Adware.wintaskad and Adware.winupdates spyware that it could not remove them.

I ran bitdefender online scan and it found a few things but would not remove them. I followed the paths and manually deleted the items. Same with Panda online scan. Norton now doesn't show any problems now.

However, I was still getting the popups.

Last night I reran Ad-Aware, Spy-Bot, MS Defender, and Norton from Safe mode with a reboot inbetween each run. Ad-Aware found 2 cookies and 14 MRU's and I removed those. Spy-Bot, MS Defender and Norton did not find anything.

I tried to run bitdefender online scan again and it was taking a lot longer to run than the first time I ran it (estimating over 3.5 hours to complete, first time was just over 1 hour to run). I noticed my processes were running at 100% and I was tired and stopped the scan and went to bed. Could bitdefender now be infected?

Can I run the online scans in safe mode? I don't know if I can dial-up my ISP in safe mode. Do I have to be connected to the internet while running the on-line scans or only when I start the scans? In otherwords, can I start the scan then disconnect from the internet while the scan runs?

I am following the "preparation guide for use before posting a hijakthis log" I found somewhere on this site.

Any other suggestions?


(Moderator edit: post moved to more appropriate forum. jgweed)

Edited by jgweed, 23 March 2006 - 10:37 AM.

BC AdBot (Login to Remove)


#2 tg1911


    Lord Spam Magnet

  • Members
  • 19,274 posts
  • Gender:Male
  • Location:SW Louisiana
  • Local time:08:30 PM

Posted 23 March 2006 - 11:11 AM

A couple of programs to try (both free):
aČ free
ewido security suite

Download, install, and update them.
Run them in Safe Mode.

If these don't help, I suggest you post a HijackThis log for examination.

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HijackThis forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 Bushdoctor


  • Members
  • 6 posts
  • Local time:05:30 AM

Posted 23 March 2006 - 12:22 PM

Hi just to add to the above tip,before running the virus scan, turn off system restore.(right click my computer->properties and click on the system restore tab put a check mark on "turn off system restore") when done with the virus scan,turn on system restore.All rhis ofcourse you will be doing in safe mode

#4 Enthusiast


  • Members
  • 5,898 posts
  • Location:Florida, USA
  • Local time:09:30 PM

Posted 23 March 2006 - 02:52 PM

I would not turn System Restore off as yet.

If you have a date that predates the virus/malware infection it may be the best way to eliminate it and turning it off will delete all previous restore points!

Edited by Enthusiast, 23 March 2006 - 02:53 PM.

#5 J Violette

J Violette
  • Topic Starter

  • Members
  • 2 posts
  • Local time:10:30 PM

Posted 23 March 2006 - 07:40 PM

Are there any virus that pretend to be the Norton shield download icon in the systray?

It seems like something new is updating everyday.


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users