Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Jaymyka.wen9.com Virus, How To Remove It?


  • Please log in to reply
4 replies to this topic

#1 kmack

kmack

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 17 October 2007 - 02:57 AM

my PC is infected with this jaymyka virus. everytime i open a window, it always display jaymyka.wen9.com especially when i open internet explorer. How can i remove this spyware manually? spybot cant remove it.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:08 PM

Posted 17 October 2007 - 09:58 AM

Welcome to BC kmack

What OS (Win XP/2000, etc) are you using? What type of anti-virus are you using? Have you tried doing your scans in "SAFE MODE"? Are you doing scans while logged into the "Administrator Account" or an "account with administrator privileges"?

You need to start there first. If rescan in safe modes does not help, then do this:

Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.

Please download and install SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)
  • Under "General and Startup", make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "SAFE MODE" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
Then perform at least one of these online Virus scans:
(The following require Internet Explorer to work. Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.)
BitDefender Online Scanner <- Add a check by "Autoclean".
ESET Nod32 Online Scanner <- Vista compatible but Internet Explorer must be Run as Administrator.
F-Secure Online Scanner <- Be sure to follow the directions on the F-Secure page for proper Installation. (also checks for rootkits).

Edit: Update - see fix instructions here.

Edited by quietman7, 27 November 2007 - 08:04 AM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 dracuLa's mistress

dracuLa's mistress

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:08 PM

Posted 31 October 2007 - 12:55 AM

Hi there.
I'm a nursing student from the Philipines, and I guess I could say that my computer had been infected with the adware 'jaymyka' then was 'resurrected.' Here's how it happened:
I guess I really don't know when it all started, but I'm assuming that it was when my groupmates and I were constructing our case study at my place. They were using their flash drives, and I paid them no notice; we had AVG then, so I wasn't really THAT scared about being infected with viruses and stuff.
Suddenly, the local drives couldn't be opened. That's when I noticed the 'jaymyka' thing on the title bars and stuff. I tried to 'end' its process, but then my computer shut down on its own. So I got mad and I threw them all out of the house, and told them never to use my pc again.
I tried in vain to rid of it, I did researches and stuff, and I tried out several antiviruses. None of them worked, even the ones posted in here. Then, my brother's girlfriend, who's a computer programmer, checked out our computer (I was forced to ask for her help when I used AntiSpyware something, it got rid of many stuff, but when I tried to boot our pc again, it wouldn't boot). So I figured out what to do, watching her work. Here's what you should do:

1. Download HiJackThis. Don't use YET.
2. Restart your computer. DON'T, and I mean DON'T, double-click on anything YET.
3. Right-click on My Computer, then 'Search'
4. Search for jay.exe or anything that contains 'jay' in it. Delete everything that would be found.
5. Go to Drive C: by TYPING its destination on the address bar. (DON'T RIGHT-CLICK)
6. Show all files, including hidden files and folders.
7. Apparently, jay.exe has its 'autorun' thing installed on drive C:, which is why everytime you right-click on Drive C:, nothing happens. It works in a way that it's been programmed to automatically 'open' jay.exe everytime you double-click on your local drives, as well as your flash drives.
8. Delete autorun.inf from your drive C:
9. Another thing, the REAL virus behind the adware jaymyka is hidden somewhere deep inside your PC. search for mveo.exe and DELETE it. Don't you notice that everytime you delete jay.exe, it just keeps coming back again? It's because mveo.exe is the one behind it all.
10. Run HiJackThis, and then select 'Clean.' Check the box of the one with the line jaymyka.wen9.com and clean it.
11. Oh, last thing is, clean up your Recycle Bin!!!!!

To rid of infected flash drives or anything of the sort...
1. DO NOT open the flash drive by double-clicking on it. Instead, type its address on the address bar.
2. Delete jay.exe, and anything else that shouldn't be there. Your settings should be saying that ALL hidden files and folders are shown.

THAT'S ALL... Ta-ta!

#4 grace18

grace18

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:08 PM

Posted 07 August 2008 - 02:58 AM

Hi there! sorry to be such a burden. I have the jaymyka.wen9.com in my pc but unfortunately, it disabled my folder options in tools. even in the control panel. am using win xp service pack 2. I tried to use the safe boot w/ command prompt. but still it was not removed. I also used SUPERantispyware but still no chance. Also, i noticed when i pressed ctrl+alt+del, it prompts "Task has been disabled by administrator". Please help me. Thanks so much!

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:08 PM

Posted 07 August 2008 - 08:57 AM

Welcome to BC grace18

If you have an issue or problem you would like to discuss, please start your own topic. Doing that will help to avoid the confusion that often occurs when trying to help two or more members in the same thread with different problems. Even if your problem is similar to the original poster's problem, the solution could be different based on the kind of hardware, software, system requirements, etc. you are using and the presence of other malware. Further, posting for assistance in someone else's topic is not considered proper forum etiquette.

Thanks for your cooperation.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users