Virtumondo & Myway Search Assistant

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Numerate, Sep 13, 2009.

  1. Numerate

    Numerate Private E-2

    Hi,

    I'm running XP, SP3, with AVG (newly downloaded) Spybot (Teatimer was resident) and Adaware.

    I ran a number of spyware assistants which diagnosed infections with Virtumondo, and found Myway search assistant (which Wikipedia said is malware) when running add or remove programs. I went through the steps in Read & run me first, but I know the Myway is still there and assume Virtumondo is as well.

    I've attached the logs. I could not run Rootfix; I kept getting an error message which said contact the author (I did, no answer yet).

    I suspected malware when I noticed that at times my CPU was almost 100% busy, mostly with teatimer (I've since disabled it). Wikipedia (!!!) said that Virtumundo could corrupt it; that was the first answer I saw. I downloaded Spyware Doctor which found Virtumundo, but CD net had a bad review so I uninstalled it. I saw you do not approve of Vundo fix. SO: How do I get rid of Virtumundo and MyWay search assistant?

    Thank you for all the time you devote to this! I'm going back to turn on firewalls, antivirus, spyware detectors, etc.
     

    Attached Files:

    Numerate, Sep 13, 2009
    #1
  2. Numerate

    Numerate Private E-2

    Note that myway search assistant shows up in the add/remove programs list, but shows no size - one of the antispy programs may have partially removed it.
    I downloaded Spyware Doctor again and re-ran it, and it did not find Virtumonde this time. I uninstalled AVG and installed Antivir and Comodo and Spyblaster.
    Is it possible that all I have now is a registry entry to delete?

    Thanks again!
     
    Numerate, Sep 15, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean. I suggest you run CCleaner, both the cleaner and the registry ( making sure to do the backup when prompted).

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real-time protection. They are useful as backup scanners.They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore ato create a new clean Restore Point.
    8. After doing the above, you should work thru the below link:
     
    TimW, Sep 20, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds