TechSpot

Update.exe +other unknowns.

By jeremiah_eng
Dec 18, 2006
  1. Need help removing update.exe and other infections.

    Hey there. First time user at this board. I'm having some trouble getting rid of a virus or trojan or something on my computer. It seems to be update.exe. I have found that when I kill it from the process tree whenever I start up, I have fewer problems, but when I don't, I seem to get a lot of extra virus alerts.

    Attached is the hijackthis log, and the antivir spyware log.

    Thanks in advance for the help.
     
  2. Rik

    Rik Banned Posts: 3,814

    In order to help you i need to see a HJT log with the update.exe still running as it is not evident in the log in your previous post.


    This thread is for the use of jeremiah_eng only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. jeremiah_eng

    jeremiah_eng TS Rookie Topic Starter

    Thanks for the response. After installing Zone Alarm as part of the recomended actions, I no longer get update.exe showing up. (I was previously using Windows Firewall). Since I can't get it to appear (and don't particularly want it appearing again), I suppose I'll thank you for your pre-cleaning help that seems to have...well...helped. I know that installing a firewall shouldn't prevent a process from running, so maybe it was the AVG spyware remover that got it...who knows **shrug**

    As a side note, is it normal to have over 5000 blocked access attempts by Zone Alarm in under a day of usage?
     
  4. Rik

    Rik Banned Posts: 3,814

    5000 blocks in one day is a fair bit but not hugely unusual.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: (no name) - {39E9CE80-4AF7-4E0B-BBBA-58B6C9F20A85} - C:\WINDOWS\system32\jkhhg.dll (file missing)
    O2 - BHO: (no name) - {876436BF-80F8-4303-AE35-4FD8838DF533} - C:\WINDOWS\system32\jkhhg.dll (file missing)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in) -
    O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Plug-in) -
    O20 - Winlogon Notify: jkhhg - C:\WINDOWS\system32\jkhhg.dll (file missing)


    Click on the fix checked button.

    Close HJT.

    Other than the above inactive entries, your HJT log is clean. If you have any further virus/spyware problems, please post them in this thread.


    This thread is for the use of jeremiah_eng only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...