Take your photography to the next level and beyond...

  • NEWS
  • REVIEWS
  • INSPIRATION
  • COMMUNITY
  • COMPETITIONS

Why not join for free today?

Join for Free

Your total photography experience starts here


Helping a muppet remove malware


Ewanneil 4 1.1k 2 Scotland
24 Mar 2013 6:23PM
@ jestertheclown. Your unwanted visitor appears to be the same as mine and Revo Unistaller was the first place I went to. Unfortunately it wasn't on the list so I moved on to other possible solutions none of which have worked .... yet.

@whipspeed. My mate actually runs a computer maintenance and servicing business so I'm hoping he will sort it out for me. I should have gone to him first before making the mess even worse by trying things out myself. Vainity is a terrible thing SadSad

Join ePHOTOzine for free and remove these adverts.

mikehit e2
5 6.8k 11 United Kingdom
24 Mar 2013 7:01PM
I registered (it's free) to Whatthetech.com and they have a step by step guide if you are infected :

http://forums.whatthetech.com/index.php?

Check the 'malware removal guide'

The problem with some trojans is that they interfere with the program trying to remove them so you first run a rootkit killer (I used 'rkill' downloaded from bleepingcomputer.com ) which stops all executable programs then ran malwarebytes. After a couple of rounds of both of these I have had no problems since.
Jestertheclown 6 6.4k 241 England
24 Mar 2013 7:09PM

Quote:The problem with some trojans is that they interfere with the program trying to remove them

I had a really nasty bit of malware on here about eighteen months ago, which took over 'Malwarebuytes' as I tried to use it.
The answer was to download a clean copy of 'Malwarebutes' using an uninfected machine, then store and run it from a Usb key, after renaming the exe.
I changed it from 'Mbam,' to Tbam. It still worked but the malware that I was trying to remove didn't/couldn't recognise it and got clobbered.
I still keep a renamed copy on a key to this day. I just update or replace it from time to time.
Ewanneil 4 1.1k 2 Scotland
24 Mar 2013 8:13PM
My mate has 'phoned back. He's coming on Tuesday morning so I am going to resist the temptation to do anything else. I'd probably just make things even worse - if that's possible.

Please, please don't be as daft as me. Learn a lesson from my mistake and be careful downloading stuff.

This happened because I downloaded "File Shredder" from Cnet.com. I was trying to do umpteen things at once and didn't pay enough attention to what was going to be installed along with the program I wanted. As a consequence I have spent the last 24 trying to dig myself out of a hole I've dug myself.

I would hate for anyone else to fall into the same trap as me.
bppowell 12 2.1k 2 England
24 Mar 2013 8:16PM
If you cannot wait until Tuesday try

SuperAntiSpywhere

The free addition should work.
mikehit e2
5 6.8k 11 United Kingdom
24 Mar 2013 8:28PM

Quote:The problem with some trojans is that they interfere with the program trying to remove them
I had a really nasty bit of malware on here about eighteen months ago, which took over 'Malwarebuytes' as I tried to use it.
The answer was to download a clean copy of 'Malwarebutes' using an uninfected machine, then store and run it from a Usb key, after renaming the exe.
I changed it from 'Mbam,' to Tbam. It still worked but the malware that I was trying to remove didn't/couldn't recognise it and got clobbered.
I still keep a renamed copy on a key to this day. I just update or replace it from time to time.



Just to check - have you tried running rkill (or other root killer) before installing/running MBAM? The instructions on whatthe tech explain that you should shut down the computer, open in safe mode then download/run rkill, then install MBAM without restarting the computer, because if you restart it the trojan reinstalls and you are back to square one.
Paul Morgan e2
13 15.7k 6 England
24 Mar 2013 8:33PM
If its a toolbar there should be some place to remove it, its usually via your browser under tools I believe.
Carabosse e2
11 39.5k 269 England
24 Mar 2013 8:51PM
Download Revo Uninstaller. It can get rid of any unwanted toobars.
Ewanneil 4 1.1k 2 Scotland
24 Mar 2013 8:54PM
Thanks bppowell. I'm going to try to wait until Tuesday.

Paul, I tried to get rid of it using the tools and settings available in Chrome but with no joy. I suspect the originators have adapted their "product" to get round the usual fixes because so many of the solutions suggested on the various forums I've checked didn't work.

From the quick look my pal had whilst we were talking on the phone it seems that this Mixi Dj thing particularly targets Chrome & Firefox.
Ewanneil 4 1.1k 2 Scotland
24 Mar 2013 8:55PM
Thanks Carabosse. Revo Unistaller was the first thing I tried. It didn't work I'm afraid.
Carabosse e2
11 39.5k 269 England
24 Mar 2013 9:09PM
Ultimately you might find you have to give it to an IT geek to sort out (at a price). I have had to do that - I hated doing it, as I've always been able to sort out my own, and sometimes other people's, computer problems. It felt like an admission of failure... if only to myself. Grin

It may be the hard drive needs to be physically removed from the computer and worked on; that sort of thing is beyond me. But it's what had to be done when I got a particularly nasty bit of malware on my PC a year or two back. There was no purely software solution.
Paul Morgan e2
13 15.7k 6 England
24 Mar 2013 9:18PM
Have you tried this.

Go to tools (spanner) extensions, then disable or uninstall the toolbar.
Paul Morgan e2
13 15.7k 6 England
24 Mar 2013 9:28PM
Ewanneil 4 1.1k 2 Scotland
24 Mar 2013 10:01PM
@ Caraboose. My mate is a computer geek and fortunately a good one so I am confident he will get the job done.

@ Paul. Thanks for the links. I have been to both early on in this debacle.

The first link identifies a load of problems then wants to charge a fortune to get rid of them.

I am pretty sure the second of your links relates to the mob who have installed this in the first place. It is a decoy to get you to think you have uninstalled it when all you have done is hide it.

Thanks so much for taking the time and trouble to help.

Ewan
primetime 2 3 England
24 Mar 2013 11:20PM
Hi,
If you feel you have exhausted all options, don't format just yet.

Go to the search box at the bottom of your start menu and type in Regedit.
This will open a Windows app that will let you look for registry keys and delete them.
By doing a search inside the registry for "Mixi-Dj" you may have keys identified with this name in the title. Go through deleting these keys (press F3 button to find the next).
This can fix the problem at its root.

Playing with the registry can be a bit dangerous for the novice but might just get you out without the full format.

Oh, a you risk this one....good luck

Sign In

You must be a member to leave a comment.

ePHOTOzine, the web's friendliest photography community.

Join For Free

Upload photos, chat with photographers, win prizes and much more.