Adware Removal

I have run "Spy Sweeper" and it has detected and removed an adware titled "WildMain", however it also states that it cannot remove a file titled "midaddle" and that I must remove it manually.  I try to do this but I cannot and I receive a message that the file is in use.  When I run Spy Sweeper again, it again detects WildMain.  I believe these two items are related but I don't know for sure.  I also have been getting a lot of pop ups lately and my computer "lags" or seems to be running slower.  Are these problems also related to this adware?  And how do I get rid of this file and adware program?  I am far from any kind of computer expert and would appreciate any help I could get.  I have Windows XP.  Thanks.
Who is Participating?
ZylochConnect With a Mentor Commented:

You can download Adaware also (, but I definitely recommend Spybot S&D, which you can also Immunize your computer from further attacks. (I'm not too clear about Spy Sweeper if that has Immunize too, then you can use that no problem).

You can try several things to remove midaddle. If possible, try to set Spy Sweeper to run as soon as you start the computer, when it might be possible to delete midaddle. Also, you can try to boot into safe mode and delete it. Finally, you can try booting into DOS mode, navigate to the file using the 'cd' command, and use the 'del' command to delete it.

CrazyOneConnect With a Mentor Commented:
Then boot to Safe Mode and maually delete the file or files

Description of Safe Boot Mode in Windows 2000;EN-US;202485
If XP is using the file System NTFS then booting to DOS will not be on no use because DOS does not recognize NTFS partions. If booting to Safe Mode does not work then do it from the Recovery Console

Description of the Windows 2000 Recovery Console;en-us;229716

but first do this

Set an Automatic Administrator Logon for the Recovery Console
Control Panel >  Administrative > Local Security Policy.
Security Settings > Local Policies > Security Options. Locate the "Recovery Console: Allow automatic administrative logon" policy. Double-click this policy, and then set it to "Enable".

or edit the registry
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole
SecurityLevel (DWORD) 1 = no password, 0 = ask for pass

Access To All Drives And Folders policy
Control Panel >  Administrative > Local Security Policy.
Security Settings > Local Policies > Security Options. Locate the "Recovery Console: Allow Floppy Copy And Access To All Drives And Folders" policy. Double-click this policy, and then set it to "Enable".

or edit the registry
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole
SetCommand (DWORD) 1 = allow floppy copy etc, 0 = restrict some file

HOW TO: Add More Power to Recovery Console By Using Group Policy in Windows XP Professional;en-us;Q310497


The information in this article applies to:

Microsoft Windows XP Professional

Use Group Policy To Add Power To Recovery Console

This step-by-step article describes how to use Group Policy to add more power to the Recovery Console. Windows XP provides a Group Policy that lets you add power to the commands that are available in the Recovery Console. Under normal conditions, the Recovery Console imposes limits on the environment in which it operates.

back to the top

Use Group Policy to Add Power to Recovery Console
If you pre-install the Recovery Console on a computer, you should use Group Policy to enhance the environment settings, adding power to the available file operations. To do so:
Click Start , click Run , type mmc in the Open box, and then click OK .

On the File menu, click Add/Remove Snap-in , and then click Add .

Click Group Policy , and then click Add .

Click Local Computer , click Finish , and then click Close to return to the Add/Remove Snap-in dialog box.

Click OK to return to the Console window.

Expand the Local Computer Policy object to Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options.

Select the Security Options object in the Console pane to display the security policies in the Details pane.

In the Details pane, double-click the Recovery Console: Allow Floppy Copy And Access To All Drives And Folders policy.

Click Enabled , and then click OK .

Quit the MMC. You can save the console in case you want to make changes.

After you have enabled this Group Policy, when you enter the Recovery Console you can change the environment settings with the set command, by using the set variable = TRUE or FALSE syntax.

NOTE : Be sure to use a space on each side of the equal sign. If you do not, the set command generates a "syntax error" error message and does not work.

The following variables define the default environment. The variables, when set to TRUE, enlarge the scope of the environment setting and have the following meanings:
AllowWildCards = TRUE Enable wildcard support for some commands (such as the del command)

AllowAllPaths = TRUE Allows access to all files and folders on the computer

AllowRemovableMedia = TRUE Allow files to be copied to removable media, such as a floppy disk

NoCopyPrompt = TRUE Do not prompt when overwriting an existing file

To see the current settings for the environment, type set without parameters at a command prompt.

For additional information about the Recovery Console on Windows XP, click the article numbers below to view the articles in the Microsoft Knowledge Base:
Q314058 Description of the Windows XP Recovery Console
Q216417 How to Install the Windows Recovery Console
back to the top

Published Oct 20 2001 12:35AM  Issue Type kbhowto  
Last Modifed May 22 2002 2:25AM  Additional Query Words  
Keywords kbtool kbAudITPro kbHOWTOmaster  

COPYRIGHT NOTICE. Copyright 2002 Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052-6399 U.S.A. All rights reserved.
Ummm I am sorry the above is for Win2000

Try this for XP

HOW TO: Add More Power to Recovery Console By Using Group Policy in Windows XP Professional;EN-US;314058

Description of the Windows XP Recovery Console;en-us;314058
Lavasoft Ad-Aware
Spybot S&D
AVG Free
Spyware Blaster
Spyware Guard

These are all programs that can be used by the average computer user

without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed

without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is

free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the

settings and changes it makes are static, and you don't need to keep it

running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX

controls. It instructs windows and IE, Firefox, and mozilla browsers not

to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident

and is always running, if it encounters something that should not be

downloaded, by default it will popup a dialog box and ask for


these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time.

it can result in conflicts, and leaving your system wide open to attack

and infection. (Spyware Guard is not an Anti-Virus and can be run side by

side with anti-virus without conflicts)

also in Spybot S&D there is a resident program called tea-timer. it

monitors your registry entries and notifies you of changes made to your


If all else fails and you do have an infection, then get a copy of Hijack

This. HiJack this is an Advanced Diagnostic tool. not everything it finds

should be fixed. if you fix the wrong entry, it can make your system

unstable, and even cause some programs to not function. if you must

resort to using Hijack This, be sure to consult an expert about your log

before you fix anything.
you can find it here.

I personally recommend the folks at Tom Coyote Forums found here, 
but there are many forums where volunteers help you get control of your

system back.

If you prefer to deal with it here, you can post your log here, and I can

help you to the best of my ability.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.