Hello and welcome to Techspot.
Delete all files in AVG Antispyware quarantine.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) -
http://www.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) -
http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://F:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB
O16 - DPF: {DF304508-B304-11D3-B860-00201857EBF5} (Pixami Print Layout Control) -
http://cal.americangreetings.com/pixami/AGControls.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) -
https://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab
O16 - DPF: {FA945BB6-9D37-43FC-9B2A-AF09F56CBBF0} (moDiagCollectionActiveX Object) -
http://www.musicmatch.com/form/support/tech/diagnostics/cabs/DiagCollectionContr ol.cab
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Click on the fix checked button.
Close HJT and reboot your computer.
Locate and delete the following
bold files and/or directories(if there).
C:\windows\
ALCXMNTR.EXE
Other than the above, your HJT log is clean.
Let`s check for any rootkits.
Download the
AVG Antirootkit programme.
Disconnect from the net and install the programme, then restart your computer.
Run the programme and click the click "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path"
* Select the Rootkit Driver by placing a checkmark against it and click "Remove selected items." Next, agree for the terms and conditions that is displayed by AVG and click "OK" to reboot the PC. Reconnect to the net.
Download and run the
Blacklight programme. Follow all the instructions carefully.
Also, run the Nolop programme as per these instructions.
Please Download NoLop to your desktop from one of the links below...
http://www.spywareedge.net/nolop/NoLop.exe
http://www.thespykiller.co.uk/forum/...pmod;dl=item16
First close any other programs you have running as this will require a reboot
Double click NoLop.exe to run it
Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Click OK
Now click the "REBOOT" Button.
A Message should popup from NoLop.
If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HJT log
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.--
http://www.boletrice.com/downloads/mscomctl.ocx
Let me know the results please.
Regards Howard :wave: :wave:
This thread is for the use of morem only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.