Discussion on:

Which Spyware Removal tool do you use? Take the poll.

Re the original blog piece:

http://blogs.techrepublic.com.com/helpdesk/?p=326

Which Spyware Removal tool do you use? Take the poll. Please share your experiences.

SpyBot Search & Distroy 1.6

If you can't actually spell your Weapon of Choice!

There is a rogue out there, y'know!

Last time I checked, there were a number of rogues trying to cash in on Spybot S&D's name recognition by coming up with similar sounding products, most of which are themselves actually loaded with spyware/malware.

I use Spybot S&D, Ad-Aware, Spyware Blaster, and Windows Defender all together. The poll should have allowed more than one choice.

Multiple scanners is definately the way to go provided they are not all active scanners. Same with AV, keep an active scanner on the system and a few manual scanners updated and ready to go on flashdrive.

This is what my College IT Dept uses for all clients because it can be centrally managed from a server.

Just kidding. Actually, Malware Bytes seems to be the most effective lately.

Me too!

no wait I use WinWeb Security MUCH better

I have been using Malwarebytes for quite some time and it removes most of the newer malware.

I've been using the free version of MalwareBytes on PC's that I work on. It has removed malware that other tools have not. It's my first (but not only - Spybot and AdAware) choice.

I have been using MalwareBytes for a while now, and it seems to be the most effective product available for removing the aforementioned Anti-virus Pro 200x series of malware. And for the CoolWebSearch malware/browser highjacker, CWShredder is the way to go, although Trend Micro decided they would not update the stand-alone free product, but instead integrated it into their security suite several years ago.

Strange thing is, they all want it uninstalled.

Hi frens,

my favourite antispyware is SuperAntispyware+ Malware Bytes. normally can detect and fix major spyware but we must remember to update the latest definition. Have a try.

I always use ad-aware ?nd spyware search and destroy. Reading the other replies I'm going to give malware bytes a try.

I was a hardcore Spybot user until a recent spike in Antivirus 2008 broke out. I've had much better success in removing that with Malware Bytes.



http://www.malwarebytes.org/index.php

I use it too, since no other deleted a very intrusive & bothering version of the vundo troyan horse in an easy way.

I use this + Sygate Personal Firewall (free version) by far easyer to install,to use and to understand as the well known ZA. And I guess, stronger too.

Its a pity that Symantec has buyed it now, because they will never have such technical knowledge

Yes, Malwarebytes' Anti-Malware plus SUPERAntispyware Pro. I had the free AVG Antispyware 7.5 as well until a few days ago, but was informed by AVG that come 31 December 2008 it is deceased. RIP AVG Antispyware 7.5.

AVG Free still available for personal use at free.avg.com . Business use available at resonable rate at same site.

I've used it to clean any number of badly infected PCs. It definitely does an excellent job with the Antivirus 2008 & 2009 infections.

without a doubt the best I've found. I also use Adaware and SUPERAntiSpyware. for viruses I'm been an AVG user for about 2 yrs. Used to swear by Norton but it's bloatware.

I start with Smitfraudfix(safemode), then Combofix and finally cleanup with Malwarebytes. This fully cleaned Antivirus 2009.

I was until recently working in a very large Co's IT department doing Deskside & IMAC's, had to clean so much garbage from people's machines it wasn't funny. Malbytes was the ONLY anti-Malware app I found that was able to eradicate EYERY THING it came across! Thank G*D for it! Keep it Free guys, You got me hooked!

I also use Malwarebytes, it's free, easy to use and removes most known infections. I also like Combofix because of the ability to run scripts to target specific files, folders, drivers, and registry keys. HiJackThis is also a very valuable tool for dealing with spyware/malware infections.

http://www.malwarebytes.org/

But I still like SpyBot as my first choice.

What I don't understand is how AntiVirus200X keeps getting past all of the security software installed and then avoides detection by the same "high-end" software.

I've seen Windows Happily install AntiVirus2009 on a machine running an up to date client of OfficeScan. And then had to install AntiMalware to get rid of the dam thing.

I use my hand, speedily applied to the back of the victims head. Then I grab a copy of AVG. During the scan I get a chance to try to educate the victim on safer browsing habits. The victim will generally listen, since the support is generally for free. If it's paid I skip the first step though...

Sounds like I'll have to give MalwareBytes a try though, sounds good!

Spybot search and destroy of course, and usually spyware doctor as well. They both seem to catch things the other does not.

No one spyware removal tool removes all spyware. I use use 3 of them: XoftSpySE, Ad-aware and Spybot.

Hit it with combofix, then follow with Spybot, SuperAntiSpyware, and Malwarebytes all scanning at same time.

I voted for "other" because I have been using Spybot-search and Destroy AND Spywareblaster regularly for years.

I have found that ESET Smart Security is very reliable and uses very little resources. Has anyone else tried this product? If so, how do you like it?

http://www.eset.com/smartsecurity/

Yes, I did. I acknoledge it is a very good security tools, but:

a)I had a bad uninstall experience, because its unistaller allows to remain some application traces (even professional uninstallers wer not able to unistalled such traces, that did not allowed me to intall some other security tools, concretly AVs.

b) It is not free, but I acknowledge is worth its price.

The same here, I tried it for about a month and have to say it is an useful application. But the uninstalling process was just pain in the ... - you know what I mean. I now use TrustPort PC Security as I wrote somewhere else in the forum. It operates multiple scan engines which I find an important advantage. They have some brief description at www.trustport.com.

I was using ESET Smart Security, in fact, it's one of the products that I was resell ing to my customers. I had a lot of difficulty getting it to play well in an Active Directory environment and it frequently consumed all the CPU time, even would totally freezing the two machines I was testing it on. Their tech support obviously doesn't monitor their forums and getting in touch with them directly is nearly impossible. I've since abandoned ESET in favor of Kapersky Internet Security 2009, which has excellent tech support and their agents actually speak American English. I was able to completely disinfect several client's infected machines where Trend and other removal tools have failed miserably.

Used to use just CounterSpy, but upgraded to Vipre. It is very efficient and doesn't tend to hold the processor hostage!

This workks best for me right now. Also like Adaware but only use it if Malwarebytes doesnt work and recently all I have had to use is Malwarebytes.

I use microsoft's live onecare and winpatrol by billp studios, in addition, I have spybot search and destroy and ad-aware, then I have the windows malicious software removal tool scheduled to scan at various times per month,
along with a physical firewall

I agree also that one program can not be used to stop them all. I have been an avid fan of SpyBot S&D for a number of years with a high level of success. I also use Ad-Aware and have used Malwarebytes now as well.

I have used AVG anti virus for a long time as well and have never had any problems with viruses.

Always find it curious (considering the nature of this site)the sponsored links on this page. Win Antivirus Pro 2009? Someone enlighten me please on the circumstances I am overlooking that bring about this paradox.

Depends on the situation. Threatfire and Defender I use as blockers when necessary. For removal I use whatever seems to work best, have used almost all the programs listed at kne time or another.

Malware Bytes then usually Spybot S&D although have noticed on other boards that combofix is popular as well in comobination with malware bytes.

I browse in a VM which gets trashed at the end of the day read for the next. No sweeping needed.

Ad-Aware 2008 free edition finds more things than any of AVG's stuff, or Spybot S&D, ever has. I tried AVG's anti-virus and it found NOTHING! Spybot was cumbersome and also did not find as much, if anything. The only thing I use by AVG is their "vCleaner", which I download to my C drive, and then run in safe mode to scan for, and clean, any bootup viruses. Other than that, I can't understand all the fervor over AVG or Spybot S&D - neither perform as well, and McAfee's real-time protection (Firewall set to "Stealth" mode, Anti-virus, SiteAdvisor, and Spamkiller) has warned me of scam emails, websites and downloads, and caught and cleans tracking cookies, etc., and stops and kills serious threats (hijackers, trojans, etc.) before they've even had a chance to load on my PC! More times than I can remember anymore, McAfee has saved my PC. For running a manual scan, McAfee's anti-virus needs to be more sensitive, since my Ad-Aware 2008 free can find more than McAfee's ani-virus when running a scan of my entire computer. I stay away from anything by Symantec (Norton) or Trendmicro (full of tech glitches). Other than the McAfee SiteAdvisor loaded on my browser to keep me from downloading anything that would compromise my PC, I find that viruses, malware, & spyware don't have a chance because I run Ccleaner (another freeware) and Diskeeper after every online session, and before shutting my PC down each time. Both Ccleaner and Diskeeper 2009 only take several seconds to run. Ccleaner runs 35 passes of blank data over whatever it finds, and Diskeeper beats the hell out of any defragmenter Microsoft has ever included with its operating systems, especially Vista, including the ability to perform bootup (restart) chkdsk's and defrag's that include all the system files and folders, and automatically defragging in the background whenever you have your PC on, invisibly as far as use of system resources is concerned. Sweeping my PC, including the registry, with Ccleaner, and keeping it defragged with Diskeeper, keep it running lean, mean, and FAST!
Of course, I have only those startup exe's active that absolutely have to be to make bootup faster, and I only install those applications I know I'll use, and nothing more. So, my mere 160GB hard drive is 70% empty (that's including the O.S.), and I have a USB-connected backup hard drive by Iomega to which I do fresh backups weekly (that was a great investment). I only backup what I need, but enough so I can reconstruct my PC if I have to competely wipe my C drive, reinstall Windows XP SP2 from scratch from my CD-ROM (I won't touch the XP SP3 update, or Vista), and then reinstall my drivers and applications from there.

Ad-Aware 2008 free edition finds more things than any of AVG's stuff, or Spybot S&D, ever has. I tried AVG's anti-virus and it found NOTHING!

Ad-Aware and Spybot are anti-spyware programs, AVG is an anti-virus. They are looking for different things. If AVG found nothing, that means your PC is pretty much virus-free.

For anti-spyware, I prefer Spybot S&D, so that's what I run. I also make periodic on-demand scans with SuperAntiSpyware. My anti-virus is AVG paid.

The best protection I've found is to use Firefox with the NoScript add-on to browse and not click on every flipping link or button I see.

Edit: formatting

Then move on the unhackme, then either superantispyware or malwarebytes. The order of the last two doesn't matter to me.

Avg has not failed me yet. Free version or Paid (basic or enterprise)

I used to love Spybot S&D and Ad-Aware. They both ran smooth at first. Now whenever I run S&D it keeps locking my system up and Ad-Aware hasn't been able to update definitions in over a year. I think it's time to find new free security software.

malwarebytes.com

Havign tried so many over the years, I found they are all very similar, but AdAware keeps improving and when I try others, they soon get removed and AdAware solves the problems again. CCleaner is also pretty good but again, I reverted back to AdAware.

because it is hard to beat MalwareBytes for a good removal tool. Second on my list is Spybot. I personally wouldn't even bother with the others.

I agree - Malwarebytes is the only one for me.

how about a link to it so we can try it?

http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe




* Double-click mbam-setup.exe and follow the prompts to install the program.

* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick Scan, then click Scan.

* When the scan is complete, click OK, then Show Results to view the results.


* Be sure that everything is checked, and click Remove Selected.

I'll let you know what I think of it.

malwarebytes.org

I seem to settle with AdAware or Spybot Search and Destroy, for anything McAfee can't beat.

I did try MalwareBytes a few days ago, my fathers laptop got WinWeb Security installed on it somehow (63 viruses!!! oh no, Autorun is a virus?) and MalwareBytes refused to find it (even though it was meant to be able to), I ended up going commando style deleting it

FORMAT C: /FS:NTFS

Only joking.

What is spyware? I hardly ever encounter it.

I have usually used Spybot. I think its pretty good but there are a few things it does not pick up occasionally. My alternative which I use mainly for full scans rather than the real-time protection is SuperAntiSpyware. Try it. I think you might be pleasantly surprised. I find it to be very comprehensive in its searches.

Malware bytes is great, but have been playing around with SuperAntiSpyware and have found it to be excellent at removing alot of nasty things....

best of the few availible free to less than w2k. Spybot doesn't find near as much.

is the tool I start with, then others if needed.

cause none run on linux.

LOVE bringing that up, don't you

that will be me soon...

Malware bytes, free from malwarebytes.org The paid version is only $25 for a lifetime. And it's one of the few that will remove mircro AV 2009 and also has been reported to remove various strains of Vundo that many AV vendors could not.

I just spent all day yesterday with a users laptop infected with Vundo. Our BitDefender Enterprise 3.0 Deep scan saw nothing. Kaspersky online scan - nothing. Trend Micro online scan - nothing. Spybot S&D found it and claimed to clean it but, it was back after reboot. Malwarebytes Anti-Malware cleaned it right up. Before that, I'd never heard of Vundo or Malwarebytes.

Just had to clean a machine with Vundo this morning and Malwarebytes fixed it in one pass.

A poll should be put in alphabetical order, instead of listing what you feel as your choice as first.

I have no dog in that hunt.

I put them in the order that I had on the sheet of paper I was using when researching some of the more popular ones.

But you're right, I should have put them in alphabetical order. Oh well, no one's perfect.

Edit:

By the way, I think people around here are too smart to be led to pick something just because it's at the top of a poll. In fact, as of now, the choice for other is the third most picked, even though it was at the bottom of the list of answers.

it is still done.

I guess I am just cynical these days, huh? So many polls are use/misused/led these days, it seems to be second nature to question them if they seem to be not following accepted standards.

Sorry to be adversial....

Much like Claree (Olympia Dukakis)said to Annelle (Daryl Hannah) in one of my favorite movies, Steel Magnolias..."Oh JD, ya gotta lighten up."

me lightening up!

I did the whole admit I was wrong thing... well, as much as I can....

Steel Magnolias... Will just have to take your word on that one! I would have my "guy card" revoked if I were to watch that....

So, I can assume that I shouldn't get you the DVD of "The Women" for Christmas?

http://www.imdb.com/title/tt0430770/

Actually, I haven't seen that version, but the 1939 version is a classic.

http://www.imdb.com/title/tt0032143/

.

By the way, I think people around here are too smart to be led to pick something just because it's at the top of a poll.

How's THIS for stupid. Here in RI, they wanted to be fair to the candidates by NOT listing them in alphabetical order. So, they put all the choices into a hat and pulled them bingo style. Note that I said "choices" and not "candidates". You wanna know what was pulled to top the list? "None of the above". Brilliant, eh? And they didn't even have the smarts to label it "none of those below". Yep, some of our leaders are about six cents short of a nickle.

.....in some elections. Not so much in the U.S., but it has happened.

Malwarebytes.

Great for a managed PC business environment, and really good at catching spyware. What it doesn't catch gets cleaned with Malwarebytes.

What do most readers think of it as compared to say Malwarebytes ? Thanks.

Does a good job of finding and removing issues, but it seemed to be a resource hog making the cure as bad as the ailment.

I install it, clean things up, and then remove it.

I agree Counterspy is a resource hog -- But wouldn't this apply to any product using real time monitoring ? Serious question ...

Symantec Endpoint Protection 11
FYI: Spybot gets PAID to ignore spyware by vendors. They are part of the problem.

I thought we killed everyone who knew that.
No, seriously, jaxplanet - that's a bold statement. As a frequent SpyBot user, I'd like to know the basis of it.

Considering spyware venders are getting thrown in jail/sued and plain old shut down, I find it hard to believe spybot development teams are paid to ignore vender specific spyware.

Perhaps some proof to verify your wild claims?





I've tried most the malware scanners listed, Spybot has always worked the best for me, while adaware was the worst of them all (it even missed InternetOptimizer, a Pre SP2 Malware that you get by visiting any website without SP2)

for removal- superantispyware, malwarebytes

You really can't use just one. Adaware picks up stuff that Spybot might miss. Malware Bytes picks up stuff that Adaware might miss etc... I use Spybot, Adaware, Malware Bytes in that order. Some may do it differently but usually Spybot takes care of a bulk of the problems and the other two usually clean up anything it may leave behind.

AVG, Spybot S&D, Ad-Aware, and Zonealarm on home computers.

For networks, I've been using AVG Network Edition for several years, and have had great luck with it. I especially like the easy management, with AD integration letting you quickly scan every machine in AD to determine their status and automatically install to multiple workstations. I've used other products with similar capabilities, but AVG's seems the easiest to manage.

The first time I installed it, that network had always used Norton. Overall network speed and performance immediately improved in a big way. And, the first AVG scan caught over thirty infections that had existed for months! I've never looked back.

I also like a couple of other nifty little security tools on individual home computers. Active Ports (free at devicelock.com) monitors all port activity and uses a simple interface that tells you what ports are open, what processes are using them, and what remote IP's are associated with them. When you highlight an item it gives you two buttons: one click queries an IP, the other closes a selected port.

SnoopFree (also free at snoopfree.com) alerts you whenever any process, good or bad, tries to hook your screen or keyboard. It's been surprising to see how many benign programs try to do both, yet run just fine without allowing them that capability.

Malwarebytes' Anti-Malware

I use AVG 8.0 - EXCELLENT PRODUCT!

I have McAfee and Spybot which seems to do the job, the biggest mistake is downloading some of the free scans available.
I have had fro 2 to 1500 faults reported through these products and if I didn't know better I would have been scared to death of connecting to the Internet.

I rely primarily on Spybot S&D for protection, but have a complete "suite" of removal tools on hand, including Malware Bytes, Spyware Blaster, and Spy Sweeper.

as none of them to a complete job.

Is there anyone here who will only run one scanner on a compromised system and think that life is grand?

I've found MBAM to be the most effective general purpose malware remover currently available. For specific and difficult malware/fraudware, combofix is an excellent tool.

I use Yahoo's Anti-Spy and AVG Anti Virus Free

Spybot S&D, AdAware and Spyware Blaster

I use Microsoft Defender.

So many have selected MalwareBytes as a choice. And so many others have indicated that they'd have to give it a try.

Again, it looks like other is a strong contender in one of my polls.

Download.com for quite a while. MalwareBytes, that is.

Those who've indicated that more than one choice is the right choice, I think you're right-on.

I use a-squared along with spybot S&D. a-squared has flagged more malware than all the others combined. It is always up to date. The only thing since it employs background guard it does use resources but in todays computing most people have at least 1G of RAM anyway. Background guard keeps malware away from your computer when you are using the computer.

I use AVG for many years without problem.

I use AVG Free, SpyBot, AdAware, Spyware Blaster, Microsoft Windows Defender but mostly AVG.

ESET Smart Security and SuperAntispyware... better than the rest... affordable, and light clients...

i use a combination of AVG (paid full version) and Zone Alarm (paid full version). scans are at alternate times. AVG picks up most of the adware and tracking cookies, and Zone Alarm picks up the few that AVG misses.

I must recommend Malwarebytes for its ability to dig down, find and remove stubborn, tenacious and well cloaked spyware such as Vundo, where it is missed by the other products I have used. I still use AVG Free and Ad-Aware (read: cheap stingy bastard) which find some lesser problematic infestations. Combofix can also help with very troublesome malware, such as rootkits. I have used, with less success: Spyware Doctor, Defender, CounterSpy and Spy sweeper. I have gotten similar feedback from friends and coworkers who use Malwarebytes after having had other products on their machines. Often, one answer alone will not git'r'done.

clam tk

I use Spybot and Ad-Aware along with CCleaner and Hijack This on both my XP and Vista machines.

I use 2 products to be honest. I use AVG's product and SpyBot S&D. Can't be to careful. Also periodically use Trend's HouseCall on line to do some scanning. I find that you catch more with using multiple products.

'Threatfire' by PC Tools is a full, free version spyware, malware & Adware *** anti-virus software.

ThreatFire by PCTools is a full-version for free with online latest updates available to all. It is more than just anti-spy, it's anti-malware, ad-ware & anti-virus application, all in one and integrates with you existing Anti-visur software & the Firewall. I use all from PCTools.

Threatfire (get the free version from at www.threatfire.com) is great at warning you if malicious software tries to install itself on a system (it is behavior-based, not signature based), though I haven't had a chance to test its removal capabilities. Still, I put it on all systems, since it can run beside antivirus and antispyware apps without impacting performance and using apparently minimal resources.

I use kaspersky internet security with antispyware

Malware Bytes Anti Malware = MBAM! I put it up there with SpyBot because it has done the job in less time and fewer resources and without a system restart intervening.

All I have to say is Asquared, anyone that has used this product there is no more explanation needed.

Superanti Spyware is the best tool

I use a combination of Avira Antivir; ThreatFire; and Windows Defender. This is for XP or Vista. The three programs work together well - no crashes - and have kept some of my less cognitive clients out of malware / virus infections for a significant period of time - 1year plus.

superantispyware

Zone Alarm Internet Security Suite

This is the best i found YET: ( SUPERAntiSpyware Free Edition 4.23.1006

Been using Ad-Aware and I'm happy. I just setup two laptops and I'm using Avast for Virus and their Spyware thingy for the first time. Not sure how good the SPyware thingy is but I will let ya know.

I've a couple of machines that picked up ZLob but reimaging is not an option. Has anyone a malware scanner that can kill it? Everything so far has removed reg entries and files but fails to kill off the process; it just respawns after every psk. MalwareBytes detects it but can't cleanly remove it.

turned off System restore and tried it in Safe Mode. MBAM claims to be able to remove it.

http://www.malwarebytes.org/forums/index.php?showtopic=4052

I'd normally use a liveCD to delete the remaining files just like Flash 7 and previous require to truly uninstall. I'm forwarding this on to the person who's actually dealing with the infestation and will try to report back on the outcome.

It's some nasty mutation. System Restore turned off, safe mode booted, malwarebytes used.. the nasty is still there though.

Have you tried Spybot S&D running at system startup? You'll have to use Spybot in "Advanced Mode" (which is available from the Mode menu if I remember correctly). Once you've switched to Advanced mode and clicked OK on the warning that some settings can damage your system (haven't had that happen yet), you'll have additional menues on the left side. Go into the settings and scroll down through the list looking for system start up and tell Spybot to run once on next system startup. This should allow Spybot to clean the infection before the process starts or gets in memory. I've generally had really good luck with Spybot and some annoying pieces of mal-ware using the advanced mode/system startup option.

if you are not at the PC. Are you sure that there are no other infections. Have you tried checking for a Rootkit. I will provide manual removal instructions or at least this is what I would try. This is from Symantec.



Trojan.Zlob is a Trojan that allows the remote attacker to perform various malicious actions on the compromised computer.



When Trojan.Zlob is executed, it copies itself as one of the following:



%System%\msmsgs.exe

%System%\ld100.tmp

%System%\regperf.exe




It may create the following registry entries so that the Trojan runs every time Windows starts:



HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\"MSN Messenger" = "%System%\msmsgs.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Shell" = "Explorer.exe, msmsgs.exe"




The Trojan also adds the following registry entries:



HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\"wininet.dll" = "regperf.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\"notepad.exe" = "msmsgs.exe"




It also adds the following marker in the registry:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\"uuid" = "86c29b2f-3389-418b-9b47-c2b09b6abc07"



The Trojan then injects itself into explorer.exe.



It attempts to make HTTP connections to the following hosts:


vnp7s.net

zxserv0.com

dumpserv.com




The Trojan uses different URLs that allow the Trojan to ping, report its status, and execute remote files



Unfortunately it copies itself into explorer.exe but explorer can be replaced from this directory.


C:\WINDOWS\ServicePackFiles\i386



Start the infected PC in Safe Mode.

Click Start, Run type msconfig and press Enter.


Now if you have the Configuration Utility open.

Configure selective startup options

In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.

Click to clear the Process SYSTEM.INI File check box.

Click to clear the Process WIN.INI File check box.

Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.

Click the Services tab.

Click to select the Hide All Microsoft Services check box.

Click Disable All, and then click OK.

When you are prompted, save the settings and shutdown the PC.


Boot with the XP CD and choose repair at the first R. At the command prompt rename explorer and copy the fresh one over from C:\WINDOWS\ServicePackFiles\i386.



Restart the PC in Safe Mode and using the instructions above navigate the Registry and remove the offending Keys.



If this doesn't work try running HijackThis and post the log file. You may even be able to use HJT to remove the registry entries.

The fun of an IT family is passing questions back and forth though.

I'm sending your comment on along with the spybot recommendation. If doing it right and wiping the machine clean was an option it would be fixed already though.

especially if Data is involved. I like to try and get the infection under control before backing up the Data. No sense infecting another PC. Let us know how you get on.

I have used SpyBot Search & Destroy for several years and have always had good luck with it. I recently tired Malwarebytes and am quite pleased with it too. Currently, I'm installing both on user's machines, as I found that SpyBot finds items that Malwarebytes overlooks. There is no one best product, but I feel these programs are two of the best.
For an anti-virus, if a person does not already have a paid A/V solution, I install the free version of AVG. It works well, and I won't let a machine leave my place without some kind of protecton installed.

After getting "hit" over and over when I first started using the computer--and being a total beginner--I decided that it wasn't going to happen any longer. So I use Spyware Blaster, Spyware Guard, Ad-Aware, and SpyBot. In other words, I use everything I can that's free. (V-e-r-y limited budget, you see.)

I've used some of the paid stuff, and never found anything that works better than the conglomeration of programs I use.

Spybot was my favorite.But I've had much better success in removing that with MalwareBytes Antimalware.It's free, fast and reliable.
best regards

a-squared, It might be a little paranoid to some folks, but it works great for me!!

super antispyware and PC tools threatfire

Malwarebytes can find and remove many infections that others do not find. I had a friend that contacted Norton because of a pesky infection. You would not believe what they told him. Yep, download and run Malwarebytes. To really be sure of all eradication of infections a plan that involves more than one application is always a smart route to take. I always start with Malwarebytes.

I've used the majority of the ones listed so far and for my 2 cents worth. I'd have to go with AVG 8.5 Free Edition in conjuction with File Assassin 1.06.

COMODO.

Malwarebytes

Malwarebytes has worked well for me several times

I use Malwarebytes at work on client's personal computers, it is the only program that gets rid of Vundo, none of the supposed tools work. For very bad infections where Malwarebytes won't install, I use the Avira Rescue System Disc, which runs off the disc, without the OS loaded, so that you can remove some of the junk before running a full Malwarebytes scan to get the rest. And of course, I delete files manually based on what the scan log files find.