Update.exe +other unknowns.

[jeremiah_eng]

Need help removing update.exe and other infections.

Hey there. First time user at this board. I'm having some trouble getting rid of a virus or trojan or something on my computer. It seems to be update.exe. I have found that when I kill it from the process tree whenever I start up, I have fewer problems, but when I don't, I seem to get a lot of extra virus alerts.

Attached is the hijackthis log, and the antivir spyware log.

Thanks in advance for the help.

 

[Rik]

In order to help you i need to see a HJT log with the update.exe still running as it is not evident in the log in your previous post.


This thread is for the use of jeremiah_eng only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[jeremiah_eng]

Thanks for the response. After installing Zone Alarm as part of the recomended actions, I no longer get update.exe showing up. (I was previously using Windows Firewall). Since I can't get it to appear (and don't particularly want it appearing again), I suppose I'll thank you for your pre-cleaning help that seems to have...well...helped. I know that installing a firewall shouldn't prevent a process from running, so maybe it was the AVG spyware remover that got it...who knows **shrug**

As a side note, is it normal to have over 5000 blocked access attempts by Zone Alarm in under a day of usage?

 

[Rik]

5000 blocks in one day is a fair bit but not hugely unusual.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {39E9CE80-4AF7-4E0B-BBBA-58B6C9F20A85} - C:\WINDOWS\system32\jkhhg.dll (file missing)
O2 - BHO: (no name) - {876436BF-80F8-4303-AE35-4FD8838DF533} - C:\WINDOWS\system32\jkhhg.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in) -
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Plug-in) -
O20 - Winlogon Notify: jkhhg - C:\WINDOWS\system32\jkhhg.dll (file missing)


Click on the fix checked button.

Close HJT.

Other than the above inactive entries, your HJT log is clean. If you have any further virus/spyware problems, please post them in this thread.


This thread is for the use of jeremiah_eng only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.