also @ TechSpot: Exploit allows command prompt to launch at Windows 7 login screen

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

Is my PC clean? HJT log attached

Discussion in 'Virus and Malware Removal' started by Grafficks, Jan 26, 2007.

Thread Status:
Not open for further replies.

  1. Grafficks Newcomer, in training

    There comes a time when all people wonder: "Hey, is my PC clean?"

    I have quite a few security applications covering all areas (antivirus, spyware/adware removal, firewall, etc.) and I update and scan at least three times a week. My web-surfing behavior is safe in my opinion. I don't visit suspicious websites, download e-mail attachments, or open files named partypoker.exe :). Generally, I am very safe most (if not all) the time.

    However, nothing can assure me of my safety more than your confirmation. I want to confirm that my computer is clean, and the most powerful method of doing this is through analysis of a HJT log (...right?).

    I followed the instructions in the sticky on this board, and my HJT log is attached. I also allowed all my startup programs run for the purpose of this scan by, disabling Selective Startup in msconfig. It would be great if someone could have a look at my HJT log and tell me if I'm in good shape.

    Thanks! :D
    Grafficks, Jan 26, 2007
    #1

  2. howard_hopkinso Newcomer, in training

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    ALCMTR.EXE<This is classed as spyware as it phones home a lot.

    Close task manager.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    ALCMTR.EXESearch your system for this file and delete all instances found.

    Reboot your system.

    Other than the above, your HJT log is clean.

    Regards Howard :)

    This thread is for the use of Grafficks only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Jan 27, 2007
    #2

  3. Grafficks Newcomer, in training

    Thanks Howard! :) I have now removed all the things you listed.

    I remembered seeing this process, and I remember ignoring it too because the Google results say it is part of my Realtek sound drivers. And now, after I just Google'd "alcmtr.exe spyware" the truth is revealed! Thanks for the heads-up.
    Grafficks, Jan 27, 2007
    #3
Thread Status:
Not open for further replies.