Ishost Is... Etc. Plus More

Status
Not open for further replies.
The process that`s slowing your machine is update.exe. It`s using 99% of your cpu.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

update.exe

Close task manager.

Reboot your computer and open your task manager, see if the update.exe is still there and what percentage of the cpu it`s using.

Post a fresh HJT log.

Regards Howard :)
 
Your HJT log is still clean.

It`s possible the update.exe had crashed, or got stuck in an infinite loop. keep your eye on it for a few days and see what happens.

Regards Howard :)

This thread is for the use of pc_noob005 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
slight problem, to you ima noob, to my friends im a genuis at computers. im amazed as you are. and one fo my friends bneeds help. his internet wont work, and he does have and anti virus,thing but norton but norton isnt working either. he can only log in to safe mode, ause when windoews starts up it atoum,atically takes him to asaafe mode. and when he get there every time he opends something it either deletes the hting he o-pened, or retsarts his computer, this sounds bad. the only i saw that he could do waws clear the database, and go back to a restore point. is there any suggestions. hes using a hp thats all i no.
 
sry couldnt get bakc to u schools stating for me and thats what im doing anyhting else i should take? y i am at it
 
apparently i have ipwins now, but my computer is running fine, i just get annoying pop ups when i ru n my browser, firefox. heres a hjt.
 
pc_noob005 said:
ok i finally got hijack this on his computer heres his log file.
Click to expand...

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html


Have your friend go to add remove programme in his control panel and uninstall anything to do with(if there).

MarketBrowser

Close control panel.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = exit.megago.com/? CLICK YES TO CONTINUE

O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL

O4 - Global Startup: customize__IE.lnk = C:\hp\region\customizeIe.wsf

O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe

O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe

O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy

O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\MarketBrowser

Reboot into normal mode, turn system restore back on and rehide your protected OS files.


Rename the HijackThis.exe file to HijackThis1991.exe and post a fresh HJT log.

Regards Howard :)
 
pc_noob005 said:
apparently i have ipwins now, but my computer is running fine, i just get annoying pop ups when i ru n my browser, firefox. heres a hjt.
Click to expand...

Go HERE and follow the instructions exactly.

Post fresh HJT and Ewido logs, only after doing the above.

Regards Howard :)

This thread is for the use of pc_noob005 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I restarted my computer and got isamonitor and that stuff, i saw on other posts the links and i'm gonna start that tomrow, please help,
 
I've done all tools ,but L2M, I can't get L2M to run after clicking the running as task button it gives me the 1 minute message i click yes w8 a minute and it comes up, but tis not responding any help? here my hjt anyway, and my avg is scanning. oh and the virus and the blinking stuff in teh notification area is gone. and the isamonitor and stuf fisnt in taskmanager so i dont think i need L2M, anymore, buyt your choice.
 
Download the Pocket Killbox programme from HERE. Extract it but don`t run it yet.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how HERE.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

rlvknlg.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot

O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL

O8 - Extra context menu item: StumbleUpon: &Blog This - res://StumbleUponIEBar.dll/blogimage

O15 - Trusted Zone: *.stumbleupon.com

O18 - Filter: text/html - (no CLSID) - (no file)

O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\windows\system32\rlvknlg.exe

Run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and check the delete file on reboot button. press the Delete File button (looks like a red circle with a white X). It will prompt you to reboot, select no until you have finished inputting the files you want to delete, only then allow it to reboot and hopefully your files will now be deleted. If your computer doesn`t automatically restart, restart it manually.

This is the filepath you need to enter into killbox.

C:\WINDOWS\system32\rlls.dll

One your system has rebooted, turn system restore back on and rehide your protected OS files.

Post a fresh HJT log as well as an AVG Antispyware log.

Regards Howard :)

This thread is for the use of pc_noob005 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

Shawn Knight
Netflix unveils game lineup for 2024 including Sonic Mania Plus, Game Dev Tycoon, more
Replies
0
Views
236
Shawn Knight
Shawn Knight
midian182
Amazon's strict return-to-office policy is pushing more employees into quitting
2
Replies
40
Views
1K
lonetac
L
A
Roblox says is not exploiting children, just helping teens that might need it
Replies
8
Views
145
NumberNine
NumberNine

Latest posts

Back