TechSpot

Help isamonitor.exe isamini.exe etc.

By gcmain
Oct 23, 2006
  1. Hi, since earlier today I was receiving pop-up ballons warning me abotu a trojan virus and so i checked my task manager to find isamini.exe and isamonitor.exe that wont go away. I read the other posts but need help nonetheless. Please help me asap!

    - Gcmain
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    This is a common infection that`s doing the rounds.

    Go and read the Trojan Pakes and other nasties preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.


    Regards Howard :wave: :wave:


    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. gcmain

    gcmain TS Rookie Topic Starter

    this is what i get from doing hijackthis1991.exe



    this is what i got from virtumundo thing
     
  4. gcmain

    gcmain TS Rookie Topic Starter

    i dont know what im doing :'( please help me personally. I did all the hijack and smitfraud and avg 7.5 things
     
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).

    VideoCompressionCodec

    Close control panel.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    isamonitor.exe
    isamini.exe

    Close task manager.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\VideoCompressionCodec\isaddon.dll

    O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Program Files\VideoCompressionCodec\iesplugin.dll (file missing)

    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE

    O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/game...Plugin9USA.cab

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\Program Files\VideoCompressionCodec Delete the entire folder.

    Reboot into normal mode, turn system restore back on and rehide your protected OS files.

    Post fresh HJT and AVG Antispyware logs as attachments only.

    Let me know how your system is running.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  6. gcmain

    gcmain TS Rookie Topic Starter

    hey here it is from hijack
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is now clean.

    I asked you to post an AVG Antispyware log, I also asked you to let me know how your system is running.

    Please supply that information. Thanks.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. gcmain

    gcmain TS Rookie Topic Starter

    hey here is AVG thingy

    My system appears to be alright, maybe a bit sluggist due to all the programs i had to install for this :p.

    But isamonitor and isamini are both gone from my task manager.

    AVG found some codec Adware thing though :S
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That`s fine, your AVG Antispyware has clean the file and quarantined it.

    Delete the quarantined file.

    Your system looks clean.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. gcmain

    gcmain TS Rookie Topic Starter

    how do i delete the quarantined file?

    Also, what do you recommend I do with all these new programs, are than any i may remove?

    What do you recommend for the future to prevent anything from happening to me again?

    Also, thanks so much ur the best <3 :p

    This saved me lots of time and effort. You rock!
     
  11. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Open AVG Antispyware and click on the infections icon. Highlight the infection in quarantine and click the finally remove button. Close AVG Antispyware.

    I recommend you keep SS&D/Ad-Aware/Avg Antivirus/Ccleaner. You might also want to download and install Spyware Blaster from HERE. It doesn`t use any system resources and will block a lot of nasty websites/cookies etc.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  12. gcmain

    gcmain TS Rookie Topic Starter

    I just ran a new scan wit AVG and it already found 18+ threats.. how can this be possible :confused: how do i stay safe?
     
  13. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Is that AVG Antivirus or AVG Antispyware you`ve just ran?

    If it was AVG Antispyware please post the log.

    If it was AVG Antivirus can you give me details of what was found?

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  14. gcmain

    gcmain TS Rookie Topic Starter

    here -- avg anti-spyware
     
  15. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Their just tracking cookies and are nothing to be unduly concerned about.

    If you install spyware blaster and run Ccleaner on a regular basis, you won`t be troubled with those.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  16. gcmain

    gcmain TS Rookie Topic Starter

    ok thanks howard,
    you have been such a great help.

    If i am ever in need of help again, you are my main man! :)

    Also, if i'm ever in europe, ill come and give u a biiiiiiiiiiig hug :D

    again, thanks a billion.

    Goodnite
     
  17. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    No problem mate, it was my pleasure.

    Goodnight to you too.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  18. gcmain

    gcmain TS Rookie Topic Starter

    one last thing

    i have avg cc which appears to be the old version, and now have 7.5. how do i remove the old one, or should i just leave both on?

    I will only see this in the morning so take your time to respond, thanks again mate!
     
  19. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    The new version automatically updates the old version, so leave it be.

    Regards Howard :)

    This thread is for the use of gcmain only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  20. berget86

    berget86 TS Rookie

    i found the isamonitor.exe and isamini.exe in c/program/ActiveXcodec....something..something and this program totaly fu.ked up my computer TOTALY like when i was tryin 2 locate a cure for this crap it blocked me from sites that had it.Eventually it blacked out my computer and some errormess came up i didnt have the time 2 read it but it had something 2 do with big errors in both hard and softwares i had to do a systemrecovery 2 get it started again but the program was still there. Luckely for me i managed 2 get hold of a spyware remover named spybot search and destroy and it compeletly saved me from this terror named isa.
    This program is free,updated,easy 2 use and has made me immun vs isa.I recommend it 2 anyone that have problems with isa processes.
    I hope that this sh.t make sense 2 all u readers or else complain!
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...