also @ TechSpot: Nvidia GeForce GTX 780 Review

[Info] About Alcxmntr

Discussion in 'Virus and Malware Removal' started by learninmypc, Nov 24, 2011.

Post New Reply
Page 2 of 2

  1. Broni Malware Annihilator Posts: 39,349   +175

    No problem :)
    Broni, Nov 25, 2011
    #21

  2. learninmypc TechSpot Guru Posts: 3,023   +100

    Just to let you know, I do see ALCXMNTR.EXE in my Mike Lins start up so if you still think I should UN check the box, I will. Thanks for your patience Broni
    learninmypc, Nov 26, 2011
    #22

  3. Broni Malware Annihilator Posts: 39,349   +175

    You're very welcome [IMG]
    Broni, Nov 26, 2011
    #23

  4. learninmypc TechSpot Guru Posts: 3,023   +100

    learninmypc, Nov 26, 2011
    #24

  5. Broni Malware Annihilator Posts: 39,349   +175

    You can run scan I suggested so we can delete necessary items.
    Broni, Nov 26, 2011
    #25

  6. learninmypc TechSpot Guru Posts: 3,023   +100

    SystemLook 30.07.11 by jpshortstuff
    Log created at 10:07 on 26/11/2011 by HP_Administrator
    Administrator - Elevation successful

    Invalid Context: filefond

    No Context: Alcxmntr*

    ========== regfind ==========

    Searching for "Alcxmntr*"
    No data found.

    -= EOF =-
    learninmypc, Nov 26, 2011
    #26
     

  7. Broni Malware Annihilator Posts: 39,349   +175

    I misspelled my code.

    Please try again with correct code:

    Code:
    :filefind
Alcxmntr*
:regfind
Alcxmntr*
    Broni, Nov 26, 2011
    #27

  8. learninmypc TechSpot Guru Posts: 3,023   +100

    SystemLook 30.07.11 by jpshortstuff
    Log created at 14:34 on 26/11/2011 by HP_Administrator
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "Alcxmntr*"
    C:\hp\drivers\audio_realtek\Alcxmntr.exe --a---- 50176 bytes [05:54 03/09/2004] [09:21 04/04/2003] D551E3A28BE31ADFA9EA4A3325481F65
    C:\WINDOWS\ALCXMNTR.EXE --a---- 57344 bytes [05:54 03/09/2004] [20:47 07/09/2004] 7B8875A5B04932AC73AFD8079864DB68
    C:\WINDOWS\Prefetch\ALCXMNTR.EXE-30324980.pf --a---- 64896 bytes [14:51 25/11/2011] [14:51 25/11/2011] 2C641FA3B4A68711D9957F58A600D816
    C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\ALCXMNTR.EXE --a---- 50176 bytes [23:10 23/08/2009] [09:21 04/04/2003] D551E3A28BE31ADFA9EA4A3325481F65

    ========== regfind ==========

    Searching for "Alcxmntr*"
    No data found.

    -= EOF =-
    learninmypc, Nov 26, 2011
    #28

  9. learninmypc TechSpot Guru Posts: 3,023   +100

    Broni, when I did this http://www.techspot.com/vb/post1111435-16.html
    there is a possibility I didn't post the ENTIRE results thinking it would fit in one post,obviously it didn't. If you think I should re run it, I will. Sorry.
    learninmypc, Nov 26, 2011
    #29

  10. Broni Malware Annihilator Posts: 39,349   +175

    You can delete this one:
    C:\WINDOWS\ALCXMNTR.EXE

    Download, and install Quick Startup: http://www.glarysoft.com/qs.html
    Go File>Export, save report, and paste it into your next post.
    Broni, Nov 26, 2011
    #30

  11. learninmypc TechSpot Guru Posts: 3,023   +100

    Broni, I followed your instructions but when I clicked File>Export, I got this
    [IMG]
    learninmypc, Nov 26, 2011
    #31

  12. Broni Malware Annihilator Posts: 39,349   +175

    I don't know what "this" is.
    Broni, Nov 26, 2011
    #32

  13. learninmypc TechSpot Guru Posts: 3,023   +100

    On the Quick Start I clicked File> Export as you told me to do & the Save As box popped up. I saw nothing to paste into a reply.
    learninmypc, Nov 26, 2011
    #33

  14. Broni Malware Annihilator Posts: 39,349   +175

    Give the file some name, save it to some know location, open it, copy the content and paste it into your next reply.
    Broni, Nov 26, 2011
    #34

  15. learninmypc TechSpot Guru Posts: 3,023   +100

    Startup List report created on 11/26/2011 by Startup Manager


    Name: ehTray
    Path: C:\WINDOWS\ehome\ehtray.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: hpsysdrv
    Path: c:\windows\system\hpsysdrv.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: HPHUPD06
    Path: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: HPHmon06
    Path: C:\WINDOWS\system32\hphmon06.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: KBD
    Path: C:\HP\KBD\KBD.EXE
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Recguard
    Path: C:\WINDOWS\SMINST\RECGUARD.EXE
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: NvCplDaemon
    Path: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: nwiz
    Path: nwiz.exe /installquiet /keeploaded /nodetect
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: AGRSMMSG
    Path: AGRSMMSG.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: PS2
    Path: C:\WINDOWS\system32\ps2.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: AlcxMonitor
    Path: ALCXMNTR.EXE
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Microsoft Works Portfolio
    Path: C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Microsoft Works Update Detection
    Path: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: avast5
    Path: C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: 00PCTFW
    Path: "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: UnlockerAssistant
    Path: "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: WinampAgent
    Path: "C:\Program Files\Winamp\winampa.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: ProcessLassoManagementConsole
    Path: "C:\Program Files\Process Lasso\processlasso.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: ProcessGovernor
    Path: "C:\Program Files\Process Lasso\processgovernor.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: ctfmon.exe
    Path: C:\WINDOWS\system32\ctfmon.exe
    Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Google Update
    Path: "C:\Documents and Settings\HP_Administrator.SEATTLE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------
    Total 21 Items
    learninmypc, Nov 26, 2011
    #35

  16. Broni Malware Annihilator Posts: 39,349   +175

    Re-run Quick Startup and UN-check following entries:

    HPHUPD06
    HPHmon06
    NvCplDaemon
    nwiz
    AlcxMonitor
    Microsoft Works Update Detection
    WinampAgent
    Google Update

    Restart computer.
    Broni, Nov 26, 2011
    #36

  17. learninmypc TechSpot Guru Posts: 3,023   +100

    Ok, I've UN checked them & restarted my pc. Next ? :)
    learninmypc, Nov 26, 2011
    #37

  18. Broni Malware Annihilator Posts: 39,349   +175

    You're done.

    AlcxMonitor won't be running anymore.
    Broni, Nov 26, 2011
    #38

  19. learninmypc TechSpot Guru Posts: 3,023   +100

    Thank you & thanks for your patience with me:)
    learninmypc, Nov 26, 2011
    #39

  20. Broni Malware Annihilator Posts: 39,349   +175

    You're very welcome [IMG]
    Broni, Nov 26, 2011
    #40
Page 2 of 2

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.