malware

EEs,

I am running out of options here, I have been cleaning up a laptop in the office that has a lot of spyware.  Please see the pic attached.  I can not get rid of this one.  I have tried malwarebyte, superantispyware, spybot, hitman pro.  Any ideas?  thanks
2015-04-17-10.30.29.jpg
mcrmgAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Thomas GrassiSystems AdministratorCommented:
Here are some tips

http://botcrawl.com/how-to-remove-dealply-adware/

Have you tried doing a system restore to a know good setup?
0
JohnBusiness Consultant (Owner)Commented:
I read your post twice.   "I am running out of options here, "   <-- Cut your losses, back up the system and reinstall Windows. Tell the user to behave themselves as it costs them money.
0
mcrmgAuthor Commented:
:)

I checked the host file, it is clean.  When I run spybot, it keeps getting super optimizer and claims removed it...but still coming back....
0
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

Thomas GrassiSystems AdministratorCommented:
I agree with John above

Drop back twenty and punt

Time to get a new hard drive and re install

Just reinstalling on same hard drive does not help sometimes depends on the severity of the virus.

Safest method would be to get another hard drive.
0
Thomas Zucker-ScharffSolution GuideCommented:
agree with John.  you can continue to trouble shoot,  if so try running chameleon from MBAM.  malwarebytes.org/chameleon
0
Thomas Zucker-ScharffSolution GuideCommented:
forgot to say run the svchosts file located in the chameleon directory.
0
Nick RhodeIT DirectorCommented:
Doesn't look too bad unless it locked down a bunch of things.  Open up the task manager and kill the task for it.  If its annoying and is popping up there is most likely a bogus shortcut on the desktop.  Right-click that shortcut and look at the location properties so you know where the executable is.  Navigate to that path and rename it, log out and log back in.  This will throw up some errors because it wants to execute.  Otherwise here is a guide you can follow that I use to get rid of infections.

Here is the guide:  Virus Removal

Its a walkthrough and set by step guide on getting rid of that malware
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Thomas Zucker-ScharffSolution GuideCommented:
mcrmg,

Sounds like a rootkit or something similar.  Malwarebytes has a rootkit scanner in it, but you have to enable it.  Click on settings->detection and Protection and check the box labeled "Scan for rootkits" then do a deep scan.

Also you should read my article on rootkits and reviews of free software: http://www.experts-exchange.com/articles/2245/Anti-rootkit-software.html
0
mcrmgAuthor Commented:
Thanks for all the help, I will need to check them and report back..thanks
0
mcrmgAuthor Commented:
thank you....it is Kaspersky Rescue Disk removed it..thanks again and all EEs...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Spyware

From novice to tech pro — start learning today.