Myway Search Assitant + Very Slow

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by damedic_mt, Feb 16, 2011.

  1. damedic_mt

    damedic_mt Private E-2

    Greetings Forum

    I have a friend who asked me to take a look at her computer after she tried doing a few things I suggested to her, over the past 2 weeks. I suggested things I learned here from MG's.

    She said her computer was terribly slow! Using Quickbooks, has become very tedious & she uses that software on a daily basis. She said that in between transactions, there is a mandatory wait time before she can even input anything next, wait time was about 1-2 minutes, when it used to be 10 seconds or so. She also said that her computer would take about 10 minutes or so, to be ready to use, before the little icon stopped flashing the "Sand Timer/Hourglass" - and have a ready desktop.

    I asked her to (she is not very comfortable or knowledgeable with downloading off internet, and not very tech saavy) So with guidance, we proceeded. I asked her to download the normal: Mbam, Sas, Avast, Ccleaner, etc. She told me they were already on her desktop & didn't remember what they were. I then remembered that I did something to her computer about a year or so ago, she just let them be there dormant? Anyway we ran scans & continued. Of course, we updated. I then had her download Ad-aware and Advanced system care. We discussed things as they were found & I provided what I had gleaned. We researched a few files I did not know before deleting. Then I had her go through here applications from Control Panel to see if anything looked familiar & was no longer using. We deleted some items via "Add-Remove Programs".

    She said not much improvement, but a little better though. So, I stopped by and did some more stuff last week & cleaned up a little more stuff, including a Physical cleaning of the hardware. I did find something called Myway Search Assistant that could not be removed. I ran all of the scanners & only S&D found the myway. It said it removed it, but there it was still in the list of programs once it populated. I then ran adaware, but did not find it. I found a program from "Myway" I think (?) that was an uninstaller, But that did not remove it either. I ran out of time that day, & returned today. To continue helping her out.

    I now just completed the steps of the "Readme" and will attach the logs.

    Fyi - I will install an additional 512 mb of Ram to increase to 1 gb. This is a P4 machine at about 2.8 GHz running Windows XP Home Sp2. I will update to SP3, once this mess is cleaned up.

    Thanks to this awesome forum. :cool

    2nd post to follow with last attachment
     

    Attached Files:

    damedic_mt, Feb 16, 2011
    #1
  2. damedic_mt

    damedic_mt Private E-2

    The final scan log from MGtools is attached.

    Thanks Again. :)
     

    Attached Files:

    damedic_mt, Feb 16, 2011
    #2
  3. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Important Notice: A new version of SUPERAntiSpyware is available.
    • Please uninstall your current version (this is necessary).
    • Then download this SUPERAntiSpyware
    • Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.
    • After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.
    • Now run a new full scan of your system.


    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     
    Last edited: Feb 16, 2011
    Kestrel13!, Feb 16, 2011
    #3
  4. damedic_mt

    damedic_mt Private E-2

    Hey Kestrel -

    Thanks for the quick reply. :)

    "Myway Search Assistant" is still showing up in the populated list of programs. No option to delete?

    Also, I read that "IncrediMail" could be a reason or a piece of software that this Myway could attach it self to that when downloading? I asked my friend if it would be okay to delete/if she still uses it, and she replied that it would be okay to remove it.

    SAS log is attached.
     

    Attached Files:

    damedic_mt, Feb 17, 2011
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you have not already finished the final instructions which would remove MGtools, you can run C:\MGtools\RemMWS.bat which may remove this from Add/Remove programs.
     
    chaslang, Feb 17, 2011
    #5
  6. damedic_mt

    damedic_mt Private E-2

    Hello Guys,

    Thanks for the reply & Chaslang: Thanks for your suggestion. :wave

    I tried the batch file within MGtools, to try to remove the Myway Search Assistant.
    Does it run & complete in split second? Because I saw no menu's just a flash of the command box and then gone and finished.

    But sadly :( alas, Myway Search Assistant is still there!

    I was also trying to remove "Musicmatch" from my friends computer and it too won't be deleted.
    I keep getting some kind of error I can't make heads or tails of, then a 2nd window pops up that says to shut down files & empty temp folders?
    I am in Control Panel > Add Remove Programs. Trying to remove those two applications from the populated list.

    I did remove IncrediMail & a smiley/wallpaper program associated with it called Magentic.

    Would really like to know if this machine of hers is really infected. Why won't these applications be uninstalled? Don't know if she had a chance to really see if there is any improvement with speed and if the "Slowness" problem is any better?

    Please inform if anything needs to be done on my part & if any other logs need to be attached.

    Thank you so much!
     
    damedic_mt, Feb 18, 2011
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes it runs very quickly. I see why it had not affect. There was nothing to fix based on your previous logs. Myway does not show anywhere. Are you sure that it is not present in a different user account? This PC has the below user accounts and your logs were only for the Nadya account

    Administrator
    LogMeInRemoteUser
    Nadya
    QBDataServiceUser17
    QBDataServiceUser21

    Not a malware issue but you can try using this >> Revo Uninstaller


    No it is not infected as shown by the logs. Even Myway is not really an infection but rather adware/junkware.

    Normal this happens because some one has broken the uninstaller for the program or has manually deleted some of the files rather than starting by using the uninstall program.

    The PC is slow due to lack of adequate memory. The logs show
    Code:
    Total Physical Memory 512.00 MB 
Available Physical Memory 288.78 MB
    This only have of the recommended absolute minimum we recommend of 1GB but 2GB is highly preferred.
     
    chaslang, Feb 19, 2011
    #7
  8. damedic_mt

    damedic_mt Private E-2

    Good Morning Chaslang (and the rest of forum helpers :) )

    I truly appreciate the assistance as I am sure my friend does as well.

    I will try the suggested removal tool for MusicMatch and if all appears ok and there is no infection, I presume then that the "Listed" name of the adware, Myway Search Assistant, still remaining is not an issue?

    And then we could continue with the final steps of the Readme?

    Please advise.

    Thanks so much and I have already upgraded the memory for my friend - 1gb total (for now)

    PS - What is the difference between (and reasons for?) Total Physical Memory & Available Physical Memory?

    Have a great weekend ;)
     
    Last edited: Feb 19, 2011
    damedic_mt, Feb 19, 2011
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Total Physical Memory is the amount of RAM you have installed. Where as Available is the amount left for your system after you are up and running and programs and processes are using part of that total memory.
     
    TimW, Feb 19, 2011
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds