My Way Search Assistant

Hey guys, first post... Read through some of the forums and am trying to remove the "My Way Search Assistant" from the Add/Remove section of the control panel. Used the Ccleaner and when I attempted to remove this entry, I was prompted "Unable to remove MSI Installer" I did all the "Read and Run" steps. It's late, if you think I need to post everything for you to view, I'll be back online tomorrow and get your input. Thanks...

 

Yes please.

We need to see the logs so we can see if somethings stopping it from being removed, whether you have other issues, and so we can help provide a fix.

 

Here are my lists...

 

You have not followed the steps properly.

I need the ShowNew and Runkeys logs as well as per step 5

DId you run activescan ?

You have HijackThis installed incorrectly:

You have it here --> C:\Documents and Settings\Mark Rigsby\Local Settings\Temporary Internet Files\Content.IE5\0JK58D07\hijackthis[1]\HijackThis.exe

This is exactly where we specify not to put it. The instructions indicate:
- not a temp folder
- not on the Desktop
- not sub folder of C:\Documents and Settings

Please install it where recommended making sure to rename it as indicated so that the backups created by HJT are in a safe location.

C:\Program Files\HJT\analyse.exe

 

oops, it was very late the other night... I'll get it right.

 

Once you have HJT installed right post a fresh log

Also post a shownew and runkeys log as per the instructions.

 

Here goes...

 

I also ran Trojan scan and it detected 22 items listed as Trace.Registry.CustomToolbar. I have them quarantined, but it doesn't say how to list them. I don't want to delete them until I know it is safe.

 

any help here guys?

 

Sorry for the delayed response.

The installed version of Java on this compter is out-dated.
Install Java Runtime Environment (JRE) 5.0 Update 8 available from http://java.sun.com/javase/downloads/index.jsp.
Uninstall all older versions of Java on your computer, before installing the latest version of Java.

Bitdefender DID find a few things but it deleted them. The files it couldn't delete are in an infected restore point, we will come to them in a bit. Can you try and give some details as to what Trojan Scan found please.

I can see no evidence of malware in your HJT log.

Are you having any specific problems apart form the failing of the uninstaller ? (This may be failing because something has already manually removed the My Way SA)

 

Matt, I pulled up the Trojan Scan and wrote all the data out (Couldn't find a way to print or save)...

 

Matt, the My Way SA is on the list of installed programs, but shows no program size (MB's). It also doesn't offer to remove or install... Thanks for the help. I removed the JAVA and installed 5.08

 

goto start --> run and paste the following and hit enter

If it is found it will invoke the uninstaller for mywassa, if not let me know and we'll remove it manually

 

Matt, worked like a charm... how about those quaranteened files? should I remove them or restore? Thanks again. You also talked about removing the corrupt restore points. Thanks

 

Just leave them where they are until I can confirm what they really are. Once quarentined they are no cause for concern as they are locked and 'made safe'

You need to go back to step one of the read and run me stick and follow the steps to enable and reneable system restore to flush the infect restore points and create a fresh clean one

 

Thanks...

 

No problem.

You should have a read of this thread about How To Protect Yourself From Malware

I will reply to this thread when I have confirmed what the registry entries quarantined by Trojan Scanner are.

Happy Surfing.