I suspect spyware or a worm, how do I get rid of it?

Search First! Then browse: Categories | Full Archive | By Date | Newsletter

Home » Viruses and Malware » Malware Detection

Summary: In most cases getting rid of malware involves running up to date scanners for viruses and spyware, and then making sure you're behind a firewall.

I run Win XP PRO. As I am connecting to the internet I see in the tool bar the two screens for the internet connection always active and the received bytes increasing continuously. I think this is a worm or spy program but I don't know how can remove it without formatting my hard drive. Do you have any tips?"

Well certainly formatting shouldn't be needed. Just follow the steps from the previous article: How do I keep my computer safe on the internet?. In a nutshell:

Run a virus scanner.
Run a spyware scanner.
Use a firewall.

•

Article C1953 - May 27, 2004

Recent Comments

32 Comments

I have a worm called csrss.exe, does anyone know how i can remove it, have tried everything even system restore and its still there.

Posted by: wendy at July 7, 2008 10:31 AM

hi..i think my laptop has a worm which reads as worm.IM.sohanad...how to get rid off.i downloaded spyware doctor from net which only is detecting but not removing.. Is this worm dangerous...

Posted by: konark at July 22, 2008 3:26 AM

how i want to get rid the Worm.win32.autoRun.nns?
can i have two/ more anti - virus prog in my pc?what will be happens if i let that worm remain in my comp?

Posted by: wani at September 17, 2008 1:32 AM

Leo,

About 2 weeks ago a Trojan Horse was discovered while running Windowssecurity Trojan scan. I quarantined and deleted it.

Three days ago I ran the program again and the dreaded win32 worm was there. I quarantined and deleted it BUT I believe it is still in there.

Some kook keeps coming into my "by invitation only" MSN IM, which is apparently where the worm got in to begin with. Last night I kept deleting the "person" over and over again and they kept coming back in.

Today I ran "VirusTotal" directly on the MSN IM and the following came up:

F-Secure 7.60.13501.0 2008.08.27 Suspicious:W32/Hidd.k!Gemini

"F-Secure" is one of the companies that VirusTotal utilizes to search for viruses and the like.

What is W32/Hidd.k!Gemini and how do I get rid of it????

Is this the worm again?

I've run the programs mentioned above and also AVG and Spybot and only VirusTotal finds anything but doesn't offer a solution to get rid of the problem.

Thanks, in advance.

Karen

Posted by: Karen at September 18, 2008 12:54 PM

The only spyware/virus detector that worked on my comp was windows one care. All the others didn't pick up anything at all. That picked it and stopped it from working too and then I delted it.

Posted by: angela at September 30, 2008 12:17 PM

i was surfing net with no antivirus got a free download of sheild then iy said trojan it clean it up but i still feel my pc i ill because its still ok but was faster before to load a page i am running 20 meg aswell can u advice is it worth it to just reformat or how can i check to c if it gone

Posted by: jay at October 10, 2008 4:37 AM

thank you for your honesty.

Posted by: robert at November 6, 2008 11:30 AM

I have had my laptop for a year. A few months ago, I started getting pop up ads even before I went on the Internet. My mom suspected a virus, but I failed to do anything about it. Now I can't connect to the Internet, as soon as my desktop fully loads, my hard drive starts crashing.

I don't have any antivirus software like I should and I can't connect to the Internet to download any. Is my computer totally trashed or can I fix it?

The safest thing to do is to back it up entirely so you don't lose any data, and then reformat and reinstall Windows and everything else from scratch, and this time install anti-virus and anti-spyware scanenrs.

An alternative is to use a different computer to download the anti-malware software you need, and put it on a CD or flash drive and then copy it to your machine that way. But it sounds like you're in bad enough shape that a reinstall will actually be quicker.

- Leo
06-Dec-2008

Posted by: Ellie at December 5, 2008 1:00 PM

Leo, i got a worm threw my computer..
it was sent to me threw msn and i cant get rid of it ! even if i search and destroy it, it keeps on infecting my MSN windows live messenger.
plz helP! how can i get rid of this?

,Marjorie.

Posted by: Marjorie at March 4, 2009 9:41 PM

I have a worm. Got it from tagged. How do I get rid of it.Have a virus scanner. Do I use this to get rid of the worm?
Elly

Posted by: Ella at June 5, 2009 8:04 PM

See all 32 comments...

Post a comment on "I suspect spyware or a worm, how do I get rid of it?":

Name: (Required) Email Address: (Required) (Email Address will not be published.) Remember Me? YesNo	By popular demand... my tip jar Buy Leo a Latte!
Comments: (you may use HTML tags for style)	Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.

Don't spam. Excessive links to unrelated sites within a comment or across multiple comments will cause all such comments to be removed.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!

Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure