Webuser Forums: Used Spyhunter to remove virtumonde virus

Rerun HJT,and put a checkmark beside these :-

O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKUS\S-1-5-18\..\RunOnce: [gi511197217] "C:\Windows\TEMP\giG0MRVM.exe" /resume:"C:\Windows\TEMP\2SG0MAPA" /exename:"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOOYTLYO\SpyHunter-3.4.0009-Installer[1].exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [gi511197217] "C:\Windows\TEMP\giG0MRVM.exe" /resume:"C:\Windows\TEMP\2SG0MAPA" /exename:"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOOYTLYO\SpyHunter-3.4.0009-Installer[1].exe" (User 'Default user')
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/MyFunCardsFWBInitialSetup1.0.1.0.cab
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)

now close all windows and browsers and click FIX CHECKED

You need to update your java.

Please go to the add/remove utility in the control panel and uninstall the following:

J2SE Runtime Environment 6. Update 0 (and any other java updates that are there)

Reboot the Computer.

Then update your Sun java from here:

http://java.sun.com/javase/downloads/index.jsp

then :-

DISABLE SYSTEM RESTORE
To flush out infected restore points.
Then restart your system restore.(same page).then create a new restore point :-

click START\ALL PROGRAMS\ACCESSORIES\SYSTEM TOOLS\SYSTEM RESTORE. click on "create new restore point"
click on NEXT and follow the prompts.

this is to ensure that if you have to do a system restore in the future that you don't get all the infections reinstalled again.

Then :-

Download and scan with CCleaner

Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
Then select "Cookies"
Move any cookies you wish to retain, e.g. login cookies, in the left-hand window to the right-hand window by highlighting them and clicking the right arrow in the centre.
Then select the items you wish to clean up.
In the Windows Tab:

• Clean all entries in the "Internet Explorer" section.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:

• Clean all entries in the Mozilla Firefox Section.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.
Click the "Run Cleaner" button.
A pop up box will appear advising this process will permanently delete files from your system.
Click "OK" and it will scan and clean your system.
Click "exit" when done.

then DEFRAG your C:\ drive.

to help speed up your system.

then let us know how the computer is running.

HOW DID I GET INFECTED

--------------------
MY HELP IS FREE,BUT PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST SPYWARE.

You don't stop laughing when you get old, you get old when you stop laughing!

Post Extras