Please check HJT?

[ejames82]

i have scanned and followed all the procedures required with my sisters computer. an avg anti-spyware log will follow shortly. could Howard or Rik lend their expertise to ensure that sister's computer is given a clean bill of health? thanks again, Ed James and sister Gloria.

for some reason, this doesn't look right for a couple of reasons:
1. the date. it should be 1/31/2007
2. the action taken, should be removed, all but the toolbar.

i am looking into the matter. maybe i have uploaded the wrong report, and if so i will upload the proper report. Ed James

apparently it is a report that supercedes a previous report. it is the proper report. Ed James

 

[howard_hopkinso]

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ALCXMNTR.EXE

Close task manager.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)

O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm

O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O16 - DPF: {FB298ECE-4D17-414A-A5E8-FABC938796B2} (ActiveWebParts Illustration Viewer) - http://www.kohlerplus.com/_bin/AWSDrawingViewer.cab

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\ALCXMNTR.EXE<this is classed as spyware because it phones home a lot. It is not needed.

Reboot your computer.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and anything nast that`s in them. It will also have created a new, clean restore point.

Run the Ccleaner programme as per the instructions in this thread HERE.

Other than the above, your HJT log is clean.

Regards Howard

This thread is for the use of ejames82 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[ejames82]

howard,
everything went as smooth as silk. could you please check my new HJT? i hope it is a very boring HJT log. i have a very good feeling about this, because the computer is working excellently. thanks again, Ed James and sister Gloria

 

[howard_hopkinso]

Your HJT log is clean as a whistle.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of ejames82 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Edit: I forgot to add, you need to do the following.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and anything nasty that`s in them. It will also have created a new, clean restore point.

 

[ejames82]

howard,
i thought i disabled/enabled system restore properly, but i was probably mistaken if you see something in my HJT that suggests so. this is what i did.
i went into safe mode and became administrator. while i was still in safe mode i went into control panel>system>system restore. i disabled system restore because the status box at the bottom was "monitoring" at first. i can't recall for certain, but i think i checked the box>apply>ok. a pop-up window asked me something, but i can't remember what. i remember clicking yes. it appeared to me that the system restore was disabled, because the status box at the bottom now read "turned off". i was unable to enable system restore because a pop-up window said that this needed to be done in normal mode. i rebooted into normal mode and enabled system restore, or at least i thought i did, because it once again said "monitoring" in the status box.
i will double-check the system restore tomorrow when i go see her. i think i have to explore her user accounts and get a better understanding about what she has in there, as it's necessary to be administrator to make the needed changes.
i received your pm so that's why i am explaining what happened. both my computer, and hers, work great thanks to you. Ed James

 

[howard_hopkinso]

It sounds to me that you did indeed disable and enable system restore.

Regards Howard

This thread is for the use of ejames82 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.