[Info] About Alcxmntr

By learninmypc
Nov 24, 2011
  1. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    SystemLook 30.07.11 by jpshortstuff
    Log created at 10:07 on 26/11/2011 by HP_Administrator
    Administrator - Elevation successful

    Invalid Context: filefond

    No Context: Alcxmntr*

    ========== regfind ==========

    Searching for "Alcxmntr*"
    No data found.

    -= EOF =-
  2. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    I misspelled my code.

    Please try again with correct code:

    Code:
    :filefind
    Alcxmntr*
    :regfind
    Alcxmntr*
    
  3. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    SystemLook 30.07.11 by jpshortstuff
    Log created at 14:34 on 26/11/2011 by HP_Administrator
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "Alcxmntr*"
    C:\hp\drivers\audio_realtek\Alcxmntr.exe --a---- 50176 bytes [05:54 03/09/2004] [09:21 04/04/2003] D551E3A28BE31ADFA9EA4A3325481F65
    C:\WINDOWS\ALCXMNTR.EXE --a---- 57344 bytes [05:54 03/09/2004] [20:47 07/09/2004] 7B8875A5B04932AC73AFD8079864DB68
    C:\WINDOWS\Prefetch\ALCXMNTR.EXE-30324980.pf --a---- 64896 bytes [14:51 25/11/2011] [14:51 25/11/2011] 2C641FA3B4A68711D9957F58A600D816
    C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\ALCXMNTR.EXE --a---- 50176 bytes [23:10 23/08/2009] [09:21 04/04/2003] D551E3A28BE31ADFA9EA4A3325481F65

    ========== regfind ==========

    Searching for "Alcxmntr*"
    No data found.

    -= EOF =-
  4. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    Broni, when I did this http://www.techspot.com/vb/post1111435-16.html
    there is a possibility I didn't post the ENTIRE results thinking it would fit in one post,obviously it didn't. If you think I should re run it, I will. Sorry.
  5. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    You can delete this one:
    C:\WINDOWS\ALCXMNTR.EXE

    Download, and install Quick Startup: http://www.glarysoft.com/qs.html
    Go File>Export, save report, and paste it into your next post.
  6. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    Broni, I followed your instructions but when I clicked File>Export, I got this
    [​IMG]
  7. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    I don't know what "this" is.
  8. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    On the Quick Start I clicked File> Export as you told me to do & the Save As box popped up. I saw nothing to paste into a reply.
  9. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    Give the file some name, save it to some know location, open it, copy the content and paste it into your next reply.
  10. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    Startup List report created on 11/26/2011 by Startup Manager


    Name: ehTray
    Path: C:\WINDOWS\ehome\ehtray.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: hpsysdrv
    Path: c:\windows\system\hpsysdrv.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: HPHUPD06
    Path: c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: HPHmon06
    Path: C:\WINDOWS\system32\hphmon06.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: KBD
    Path: C:\HP\KBD\KBD.EXE
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Recguard
    Path: C:\WINDOWS\SMINST\RECGUARD.EXE
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: NvCplDaemon
    Path: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: nwiz
    Path: nwiz.exe /installquiet /keeploaded /nodetect
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: AGRSMMSG
    Path: AGRSMMSG.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: PS2
    Path: C:\WINDOWS\system32\ps2.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: AlcxMonitor
    Path: ALCXMNTR.EXE
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Microsoft Works Portfolio
    Path: C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Microsoft Works Update Detection
    Path: C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: avast5
    Path: C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: 00PCTFW
    Path: "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: UnlockerAssistant
    Path: "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: WinampAgent
    Path: "C:\Program Files\Winamp\winampa.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: ProcessLassoManagementConsole
    Path: "C:\Program Files\Process Lasso\processlasso.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: ProcessGovernor
    Path: "C:\Program Files\Process Lasso\processgovernor.exe"
    Location: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: ctfmon.exe
    Path: C:\WINDOWS\system32\ctfmon.exe
    Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------

    Name: Google Update
    Path: "C:\Documents and Settings\HP_Administrator.SEATTLE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    Location: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    Status: Enabled
    ------------------------------------------------------------------------------------------
    Total 21 Items
  11. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    Re-run Quick Startup and UN-check following entries:

    HPHUPD06
    HPHmon06
    NvCplDaemon
    nwiz
    AlcxMonitor
    Microsoft Works Update Detection
    WinampAgent
    Google Update

    Restart computer.
     
  12. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    Ok, I've UN checked them & restarted my pc. Next ? :)
  13. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    You're done.

    AlcxMonitor won't be running anymore.
  14. learninmypc

    learninmypc TechSpot Evangelist Topic Starter Posts: 5,104   +223

    Thank you & thanks for your patience with me:)
  15. Broni

    Broni Malware Annihilator Posts: 46,177   +251

    You're very welcome [​IMG]


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.