Help Me! Virus Name Mixa !
Help me
My computer is infected by a virus name Mixa ( Link virus below) 
<removed>
Thank you
/applications/core/interface/file/attachment.php?id=1400" data-fileid="1400" rel="">link.txt
Comments
-
Hello summer,
I moved your topic to Malware Talk.
Also, I removed the link from your post, and attached it as a text file.
Next time you post about malware, please use this section. Also, don't directly post links to infected files, because other users might get infected. Instead, write the link into a text file and attach it (on this section, only Virus Analysts and Moderators have access to attachments, so users cannot download infected files).
Cris.0 -
Help me
My computer is infected by a virus name Mixa ( Link virus below)
<removed>
Thank you
BitDefender will recognize the virus as Trojan.Mixa.A.
The malware copies itself in different locations (Windows and system32 folders). If you erase "%WINDOWS%\system32\systemio.exe" and "%Windows%\mixa.exe" it should do the trick. These files start on windows startup so you will need to close their processes too. It's very possible that you can't use taskmanager or regedit.
So use this tool : http://students.info.uaic.ro/~daniel.chipi...BDAspySetup.exe to erase the files. Install it and you will see on the "On demand" tab that you can choose a file to delete ( or a process ). Use the "choose from processes" with "Erase all traces" option and give the process "%Windows%\Mixa.exe" . After that press "Start Clean". It should do the work. ( you can access regedit or taskmanager )
If it didn't work then give the two files I mentioned to the "choose from disk" option. Optional : If this works then also delete this values from regedit ( start -> run -> regedit ) : "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" - from here delete only the "Mira I" value
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" - delete only the "Mira I" value.
Tell me how this went.
0
