We help IT Professionals succeed at work.


Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Hi everyone. I have searched all over the web and EE and cannot seem to solve this issue. My brother has small children and I believe while playing their online games they may have mistakenly downloaded malware/viruses. I have run multiple software's to try and eliminate the issue and have made progress, but now there are a few issues I can't seem to find a solution to.

First of all, when I click on the start button, only the titles appear such as "all programs, computer, etc" there are no shortcuts to programs like there usually is. secondly, when I open IE or Firefox and do an initial search I get search results based on my search. When I click a link within the search results I can see the URL change to that result, but then it immediately changes to a random website and redirects me. I have run combofix, malwarebytes, hijackthis, and CCleaner but to no success. They all found malware and trojans but did not cure the redirect issue. I ran each of them in safe mode as well as normal startup.

I have attached the hijackthis log and also have the malwarebytes log can be posted if necessary. I can also provide any additional information about the PC you might need.

If anyone has any suggestions as to what other steps I can take to eliminate this issue I would greatly appreciate it. I really don't want to re-format the PC due to the amount of documents and programs installed already. Thank you for the input and your time.

the PC is running Win 7 64 bit.
Greetings mates,

I have some sticky situations here.

First, all my files under Start are gone.

Only icon left there is Solitaire.

Second, when I attempted to install malwarebytes, I was unable to.

Half way through the install, I get "Access Denied" and the install stops.

I know there are some virus/malware invasions on my PC.

Any ideas how to get things back on the laptop again?

Not that it matters but it is dell insprion, running windows 7 home edition.

I tried system restore.

It was successful in terms of running but nothing was restored or fixed.

Thanks alot in advance
is there a way or some soft of script to remotely un-install a software from all my PC's on my network?

i need to remove webroot spysweeper

after windows start-up logo, i get a black screen with the mouse cursor only....
safe mode options- the same occurs
no last known config available
windows 7 rescue disk, no avail...

i don't think this is caused by a virus... we run eset and avast on this machine and both are constantly updated.

this occurred after some windows updates or what else could be the cause....

Hi All.

I have RU Botted installed on my XP  Pro Desktop.

I just logged into my EE account and immediately I got the message
"Some has launched malicious software on your computer by remote control"
and would I like to use Trend Micro House Call to clean my computer for free.

Having had customers who responded in the affirmative and then entered their CC info, I did not go any further.

I do have Comcast's complimentary version of Norton installed in case that might have caused a conflict.  Needless to say, Norton didn't catch the virus or bot; if there really is one.

I've noticed no drag in performance or any other abnormality.

hijackthis-blackpc.txtWe have a PC that has played up for sometime. I installed Malwarebytes and this keeps finding trojans everyday so I ran HijackThis and found the following redirections in the Hosts file in the HJThis log:

O1 - Hosts: www.google.com
O1 - Hosts: www.bing.com

This is a hacked Hungarian IP and wonder if someone could take a look at the attached log and advise me on if there is anything else, and how to correct the problem. I presume if I simply correct the Hosts file it will keep returning?

Thanks in advance.

I have a customer's computer in the shop that has an infection.  I have been unable to remove part of the infection and I am looking for some assistance.  Avast finds 2 infections, one is C:\Windows\assembly\GAC_32\desktop.ini and the other is C:\Windows\assembly\GAC_64\desktop.ini.  They are both infected with a variation of Sirefef.  I cannot repair, remove, or quarantine them.  Access is denied.

I have ran TDSSKiller which finds nothing.  Also ran Malwarebytes.  Any suggestions?
One of our employees has the Google redirect virus. If I run malwarebytes it would detect the virus and and remove it but being as it is a boottime virus it would return and soon as I restarted the computer. I read on the internet that tds killer and hitman pro would clear the virus permenatly.

I installed hitman pro and it removed the virus and now the virus has not shown up but when using google it still redirects me to these fraudulent web sites. Tds killer also does not find anything now but the redirect still exists.

Things I have tried..

Different antivirus
Tried to get avast to do a boot time scan but it wouldn't work
and I tried manually removing the virus with the steps below

Im desperate... dont want to reformat and reinstall windows.

Steps for Removal of Google Redirect Virus
The first place to address when removing the Google Redirect virus is in your PC’s Local Area Network (LAN) settings. The reason for this is to ensure the virus isn’t redirecting your PC’s browser traffic through a malicious proxy server.
To check your LAN settings:
In Internet Explorer:
a) Open your browser and select Tools>Internet Options, followed by the ‘Connections’ tab.
b) Click on the ‘LAN settings’ button.
c) In the next window, ensure the option ‘ Use a proxy server for your LAN’ is unchecked.
d) Select ‘OK’ and close.
In Firefox:
a) Open your browser and select Tools>Options
b) Click on the ‘Advanced’ tab and then the ‘Network’ tab, followed by ‘Settings’…
I have a computer that is infected with some form of malware/trojan. It came from an email and the user click on it. I believe this form of malware/spyware. What the malware/trojan did is transfer fund from bank account out. I spoke to the antivirus company and they now have definition file to protect it, but it was undetected. Since than I have taken the computer offline. Has anyone ran into this and what they have done?

Hello all, an alert from avast! antivirus popped up on a client PC and says "Rootkid Found" but the file name is pointing to MBR: \\.\PHYSICALDRIVE0\PARTITION3 and the action to take is Delete Now or Ignore. I am fairly certain that on my one harddrive, Partition 3 is where the OS resides. So if I choose to "Delete Now" is that going to harm the MBR and not let me load into Windows? And if I choose to Ignore, is this a real root kit somehow on my PC or a false-alarm?

Any help would be appreciated!
Have one particular end user who, aside from being heistant to change, like to shop online and open links from her family abroad in e-mails.

As a result the desktop gets a fair amount of spyware/malware. There is a AV/anti-spyware (two levels) on there but apparently nothing is foolproof/100%.

Any suggestions on what to do here for a more permanent solution?
I am using the paid version of Malwarebytes. I want to also install McAfee "total protection" which is their top of the line product. Also purchased. I was advised to disable Malware bytes during McAfee installation. Another person said leaving Malwarebytes in place should be OK and that disabling it is impossible because disabling it is exactly what hackers TRY to do. How should I proceed? ( Note: I have no computer problems at this time. )

I'm getting a lot of daily email that look foriegn but are meaningless.  They come from hot mail and I don't want to block the hot mail domain.  Any ideas on how to block this activity and/or put it in a spam folder?  The following is a typical email:


Cos tsOfMostCa¿p sul esCa nGoLe sser



Kristie Winfrey kristiewack@hotmail.com via bounce.secureserver.net

Mar 18 (1 day ago)

to Bugzzydr, Jl, Weber, Don

GetElu siv eMedsInAsnapOfAfing er




Holding Company: Siddhartha Super Spg. Mills Ltd.

Date Required: 11/07/2008


Copyright 1967-2011 Jaiprakash Engineering & Steel Co. Ltd.

Newspaper Name:  The Sturgis Journal (Sturgis)

Transaction ID: k4kd0882fv74XXXX

USPS Number: 65710754530845670675

Fax: 1-(466)777-1574


Invoice: #100433

DHL Code: 0076073277

University Name:  Frostburg State University


Zip/Code: 42655

I'm putting together some advertising for my business, and I'd like to include a couple of screen shots of a rogue anti-virus, and also a Blue Screen (I don't care which version of Windows it's from). And right now I don't have any systems with a rogue on it in my shop.

I do need the screen resolution to be at least 1024x768 for the rogue.

Searching the web for screen shots that are free to use for commercial purposes has not been fruitful.


Harry Z.
On one of our server kaspersky antivirus 6.0 databse has got update for last 6 months.When I try to update it doesn't happen any thing.We don't use proxy for internet.I checked the kaspersky settings and they seems to be fine.I browse to internet with out any problem.Any help or suggestions much appreciated
Not quite sure what is happening.
I am creating a web page in Dreamweaver cs3  .asp
When I run the page in Dreamweaver F12   I am getting 2 Spotify labels pop up as per the attached image.

Can anyone say why this is an how I can prevent this from happening please?

Many thanks

Hello techs,
I am working on a pc here and I ran Uniblue Registry cleaner and it found Fix-It Utilities 11 Professional and called it Malware.  Does anyone have any experience with Fix-It Utilities 11 Professional, and is it in anyone's opinion, "malware"?
Thank you,
I'm trying to clean up a Vista laptop. It was infected with System Check. In the start menu, everything is missing except shutdown.

How do I clean it up?
We are looking to replace our current web-based spam filter. Our current vendor is doing an adequate job, but we are beginning to run into issues. Multiple senders are having their emails caught in "limbo". The messages will appear in our Exchange 1 hour - 2 days after being sent. The vendor's response to this has not been acceptable...it is time to move on.

We are looking for a web-based "first-line of defense". The product will spam / anti-virus check all email before it hits our on-site spam / anti-virus filter.

I am looking for any recommendations. I have never researched this type of product before...so I am not really certain of which questions to ask.

Thank you for the help,

I am thinking of using MSE.
I believe this guards against viruses and wonder if it also guards against email spam and viruses.
I am using Norton I S at the moment and this identifies spam email very well and places it in a convenient folder.

I wondered if MSE carries out a similar operation or can anyone suggest a suitable route using MSE.

Many thanks

Hello Experts.

Is Malwarebytes a replacement for a virusscanner or
do they complement eachother?

As of yesterday morning we started receiving 200-300 emails saying undeliverable to Chinese email addresses.

We are on a shared host.

The host company indicate this is either spyware on the pc or some kind of injection through a plugin or such on software we run.

Firstly, i only access the webmail from a university pc which is has high security firewall / virus software etc. or my iPhone of iPad. I don't believe this to be the problem.

Second, we don't have any software (I.e. joomla etc) running on the primary domain. However, we do have approx 30 domains hosted with the company all on same shared hosting. I'm aware php scripts can send mail from any of these domains as long as the domain exists on the server.

A few hours ago, the host company had to suspend our account because of an influx of approx 1000 emails per sec apparently.

I would appreciate any advice on how best to proceed. The host company indicate on shared hosting they cant block one individual email account. If I move email hosting to another company, am I likely to continue to receive mass email?

Any help would be greatly appreciated

Easy now
I have 35GB of files that are corrupted with virus. I can run my .exe files anymore, I tried Malwarebyte that didn't fix my issue. I'm looking for a program that will fix these files.  Also what the best program that will protect your pen drive from autorun viruses/folder shortcut virus??
Thanks in advance,
I'm looking for a recommendation for network monitoring software.  

I have a max of £5,000 to spend.  

All thoughts and suggestions appreciated.
Hi I had a customer and they had a rootkit virus or boot sector virus, I backed the data up and formatted and reinstalled. Still had virus. I rebooted and did fixmbr and i reinstalled windows and that fixed it.

So i went to access some data earlier (on spare drive) and ever since my computer is acting slow. The key thing about the customers computer i noted was superantispyware would not finish updating. it would say 100% then start over. now my compuiter is doing the same thing. I realized its probaly because i accessed the drive with my laptop (the same drive i stored the customers data on). Below are a few files it found already is it safe to delete them once it finishes the scan?



Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.