SOLVED PLEASE HELP! I have a strange running process (MidnightBlueByte).

davehc

davehc

Joined
Nov 19, 2013
Messages
6,298
Reaction score
1,273
Ok. Another. In the search bar type the full program name (programrabbittechnology.) and see if it will allow you to delete every instance.

But, you haven't exactly said it, have you tried merely deleting the whole folder?
 
Radipta

Radipta

Joined
Dec 12, 2020
Messages
15
Reaction score
6
Kappa69 said:
As I wrote above I can't change anything from there..no option can be changed and I can't kill the process.

View attachment 12862
Click to expand...
You can force stop that service with CMD method. Follow these steps:
1. Search for "Command Prompt" > Run as administrator.
2. Type sc queryex ProgramRabbitechnologiesBFO > Enter.
3. Identify the PID.
4. Type taskill /pid [pid number] /f > Enter.
For example you get 0811, then you must type taskill /pid 0811 /f
5. Exit and make sure the service is stopped, then uninstall the program.
 
Radipta

Radipta

Joined
Dec 12, 2020
Messages
15
Reaction score
6
davehc said:
Ok. Another. In the search bar type the full program name (programrabbittechnology.) and see if it will allow you to delete every instance.

But, you haven't exactly said it, have you tried merely deleting the whole folder?
Click to expand...
It's impossible because the program still running.
 
davehc

davehc

Joined
Nov 19, 2013
Messages
6,298
Reaction score
1,273
I can see the owner is system - the plot thickens.

Run this reg utility, then right click the folder and "Take ownership" See if you can then get into it and delete anything
Fwiw. Have you ever download a backup program called rabbit-tech
 

Attachments

  • Add Take Ownership to Context menu.reg
    824 bytes · Views: 104
Last edited:
Bastet

Bastet

Joined
Feb 3, 2017
Messages
753
Reaction score
157
Have you tried my suggestions to run MalwareBytes & AdwCleaner & if so what was the outcome?
Have you registered with the removal forum?
Have you tried uninstalling with Revo Uninstaller?
https://www.revouninstaller.com/products/revo-uninstaller-free/ If it refuses to uninstall then continue with the scan to remove any leftovers, this will force uninstall. If it still fails then you’re infected imo. A browser hijack may not affect other Windows programs. If the browser is constantly redirecting you to other websites then this is a good indication of a browser infection.

Edit: Found this: https://blog.malwarebytes.com/detections/adware-specialsearchoffer/ & https://forums.malwarebytes.com/topic/241332-removal-instructions-for-special-search-option/ which show you ARE infected by a browser hijacker.
 
davehc

davehc

Joined
Nov 19, 2013
Messages
6,298
Reaction score
1,273
.? Silence? Hope the op comes back with info. This thread is very interesting. I cannot find any reference to this “virus” on the web, other than postings on other forums by the same op
 
K

Kappa69

Joined
Nov 24, 2020
Messages
28
Reaction score
5
Ok so now I'm trying to kill the process in cmd and then delete. If not working then I'll try with Revo Uninstaller. I did scan with MalwareBytes but nothing found. I did not try in safe mode to scan tho but that is in queue TO-DO list.
 
K

Kappa69

Joined
Nov 24, 2020
Messages
28
Reaction score
5
Radipta said:
You can force stop that service with CMD method. Follow these steps:
1. Search for "Command Prompt" > Run as administrator.
2. Type sc queryex ProgramRabbitechnologiesBFO > Enter.
3. Identify the PID.
4. Type taskill /pid [pid number] /f > Enter.
For example you get 0811, then you must type taskill /pid 0811 /f
5. Exit and make sure the service is stopped, then uninstall the program.
Click to expand...
Ok I wrote the first cmd.
Its saying WIN32_OWN_PROCESS and NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN.
Capture.PNG
 
K

Kappa69

Joined
Nov 24, 2020
Messages
28
Reaction score
5
Ok when I tried to delete its folder...(File in use) and it's back on task manager running.
 
davehc

davehc

Joined
Nov 19, 2013
Messages
6,298
Reaction score
1,273
What was the answer to my "Have you ever download a backup program called rabbit-tech"
 
davehc

davehc

Joined
Nov 19, 2013
Messages
6,298
Reaction score
1,273
OK. Tks for the feedback
I am still trying to trace the source! I see that BPO 's are often ransomeware. You haven't had anyt popups demanding money?

One of the notorious sites for getting this infection is an old Dos site - VETUSWARE.COM . Anything from there?
 
K

Kappa69

Joined
Nov 24, 2020
Messages
28
Reaction score
5
davehc said:
OK. Tks for the feedback
I am still trying to trace the source! I see that BPO 's are often ransomeware. You haven't had anyt popups demanding money?

One of the notorious sites for getting this infection is an old Dos site - VETUSWARE.COM . Anything from there?
Click to expand...
No, I have no pops up just the process sitting there and doing nothing. This is my first time when I clicked on that site so no I don't think i got it from that Dos site. Is there any way to force delete the process from cmd or something ? Taskkill /f did work but the process gets back up. And how can I change the start-up from automatic to manual in service if the option is not clickable ?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Please help me...usable RAM problem 3
SOLVED Help re Win 10 Home / Win 10 PRO network please 6
Photo mess please help 7
Please help with loss of files if possible... 2
Intel Wireless AC 9560 Code 10 error - please help! 2
I'm setting up a network for a local club. Need Help Please 7
Help me get my system back. Please! 10
SOLVED Please Help Me to Get "Backed Up" 6

Top