Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Spybot and Ad-Aware being defeated?

Posted on 2009-07-08
Medium Priority
Last Modified: 2012-05-07
I've been having some weird freezing/locking issues with a work computer, so I've tried installing Spybot (and Ad-Aware as well).  But Spybot doesn't work the way it always has on other computers, and Ad-Aware install appears to succeed but then the program disappears.

Spybot: I can get updates and immunize, no problem, but I'm unable to check for problems. When I click the button to do so, it gives me a message about counting and cleaning temporary files; then, regardless of what I answer, it doesn't do anything else. The "Check for Problems" button is replaced by "Stop Check", and there's a tool tip that says "Please wait, scan in progress...", but nothing else. No progress bar at the bottom, none of the stuff I'm used to seeing. I've tried it dozens of times, uninstalled, reinstalled, etc. I tried leaving it for hours with no change, but the moment I click "Stop Check," it freezes up and sometimes locks up the entire computer just like the freezing issue that I first installed Spybot in hopes of diagnosing. Behavior is the same even in Safe Mode.

Ad-Aware: Whenever I install, the installation program requires a reboot... but when the reboot is completed, all the program files have been deleted. Shortcuts have appeared on the taskbar and in the Start menu, and the program still shows up in Add and Remove Programs, but the actual files are gone.

So maybe there's a specific threat that's fighting against anti-spyware software? Can anyone give me any ideas about what's going on here?  OS is XP Pro, SP 2.  Thanks!
Question by:Bobaran98
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 76

Accepted Solution

Alan Hardisty earned 2000 total points
ID: 24808627
Try Malwarebytes - - great tool - free and much better than Spybot in my opinion.
Other tools are combofix -  
Try those and come back if you don't get anywhere.

Expert Comment

ID: 24808715
I also use Malwarebytes. It's great. And I'm a fan of spybot like yourself.

I also run Spywareblaster just after I have installed a system, and tend to run and update it monthly or so (using the free version) -

Expert Comment

ID: 24808876
Some of the newer bugs will prevent MalwareBytes & ComboFix from running. You can try renaming the combofix executable. If that still won't work try: and click the "Download.exe" button to get a randomly named exe of the gmer rootkit detector & remover.
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

LVL 76

Expert Comment

by:Alan Hardisty
ID: 24808975
@younghv - you have removed my initial posting which mentioned using malwarebytes and combofix but made no reference to running combofix in safe mode - please can you restore the posting as I think you have deleted this by mistake.
LVL 16

Expert Comment

ID: 24808987
I don't suggest running 2 anti-spyware programs with an active background shield - SpyBot and Ad-aware. Choose one of them and uninstall the other one. Two programs of the same type might have compatibility problems and eventual conflicts.

Running free MalwareBytes (MBAM) or free SuperAntiSpyware (SAS) with Spybot or AdAware is ok, because free MBAM and SAS don't have a background shield, so they are unlikely to conflict with the other active anti-spyware protection programs.

Try uninstalling one of them and then run the scanner to see if it can actually run normally or not. Its not always a malware that causes such problems (it could be but we need to be sure).

Hope it helps.
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24809366
Sorry - thought it would have been you as you were moderating the question.
Thanks for puting it back.
LVL 93

Expert Comment

ID: 24811211
if your ANTI-anything programs don't run as they should, i recommend hooking the disk as slave to a working PC, and scan it from there.
then connect the disk back to yours, and continue the scanning you wish

Expert Comment

ID: 24811312
My guess is that you have already spent hours trying to solve this problem, you mention it is at work too.

Isolate the machine from the network and format it, reinstall the OS and forget about it. Takes me about 40mins to restore a machine from a clean image.

If you want to do some forensics to find out what went on you can grab an image of the disk and look at it offline, safely.


Author Closing Comment

ID: 31602164
Malwarebytes didn't do much; found some cookies, I think.  But after running ComboFix, I had no problem running either Spybot or Ad-Aware.  I have no idea why this is so.  I don't entirely understand what ComboFix was doing, because I just ran it default and didn't read any of the notes...  I was, in fact, preparing myself for wiping the machine as Samsixty later suggested, and so I didn't mind the risk of running an unknown piece of software.  Thanks, Alan, you saved me a lot of hassle!
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24825348
Glad you are sorted and didn't have to resort to wiping and re-installing - a great waste of time, but at least you know you are clean.
Thanks for the points.
[ZA Edit - I inserted the proper URL in the 'Accepted' Comment up above. younghv]

Author Comment

ID: 24825394
@warturtle - Good thought about conflicting anti-malware programs, but not an issue in this case.  I was trying to run each of these programs completely separately and having problems.
@everyone - Thanks for the great comments, and sorry for not responding before now.  I wish I knew exactly what ComboFix did that allowed Spybot and Ad-Aware to run properly, but I haven't a clue.
ComboFix solved the problem stated in this thread, but I should point out that my base issue-- the fact that this machine was freezing at odd intervals-- turned out to be unrelated to any malware (at least as far as I can tell); I realize in retrospect that my comments following the accepted solution may be misleading in that regard.  The freezing issue had gotten such that simply clicking "Start" and choosing to "Shut Down" was enough to immediately freeze the computer, before even showing the shutdown type dialog box (you know:  Shut down, Restart, Stand by, Hibernate, etc.).  The fact that I couldn't get even Spybot or Ad-Aware to run properly was so discouraging I was ready to wipe and be done with it, despite the many hours it would take to reinstall and configure the specialized software we run on this machine.  Once I got the anti-malware programs working properly, I was less discouraged and decided to try a few more things.  I ended up uninstalling a few programs, one at a time, until I no longer experienced the Start > Shut Down bug... and as it happens, it was one of those specialized programs!  But I didn't have to uninstall all of them, and now I'll know the culprit if this issue arises again (at which point I can always contact the developer).
Sorry, waxing eloquent there.  I just know that if you're like me, you want to know all the details of the resolution.  So there you go.  Thanks again, everyone!

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question