Trojan-spy.win32@mx HELP!!!
- Thread starter SLB
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
You must have missed this bit from within the instructions.
If you are having problems with the updater, you can get the manual update at http://download.ewido.net/ewido-signatures-full-current.exe
When you have finished updating, exit AVG Antispyware.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
If you are having problems with the updater, you can get the manual update at http://download.ewido.net/ewido-signatures-full-current.exe
When you have finished updating, exit AVG Antispyware.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Ok, let`s try this then.
Make sure any firewall software your running isn`t blocking the AVG updater. If that`s not the problem, do the following.
Uninstall AVG Antispyware, download is again and reinstall. See if you can then run the updates. I`ve just checked with my AVG Antispyware uodater and it works fine, so I know it`s not a problem with the update server.
As much as I`d love to hop on a plane and come and sort your system out, I`m afraid I`m a little busy at the moment lol.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Make sure any firewall software your running isn`t blocking the AVG updater. If that`s not the problem, do the following.
Uninstall AVG Antispyware, download is again and reinstall. See if you can then run the updates. I`ve just checked with my AVG Antispyware uodater and it works fine, so I know it`s not a problem with the update server.
As much as I`d love to hop on a plane and come and sort your system out, I`m afraid I`m a little busy at the moment lol.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
See HERE for instructions on how to attach your HJT log. You attach your AVG Antispyware log in exactly the same way.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
ALCXMNTR.EXE
Close task manager.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/search/index.html?src=ssb
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {38D63471-E630-4492-A986-B8C48B79F2F8} (CVideoEgg_ActiveXCtl Object) - http://update.videoegg.com/wintel/VideoEggPublisher.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1820085-4A6D-4D4D-A4D4-385956FD0AAB}: NameServer = 205.188.146.145<Only fix this if it doesn`t belong to your ISP.
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
ALCXMNTR.EXE<Search your system for this file and delete all instances found.
Reboot your system.
Post a fresh HJT log and let me know how your system is running.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Click on the processes tab and end process for(if there).
ALCXMNTR.EXE
Close task manager.
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/search/index.html?src=ssb
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEB utton\support.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {38D63471-E630-4492-A986-B8C48B79F2F8} (CVideoEgg_ActiveXCtl Object) - http://update.videoegg.com/wintel/VideoEggPublisher.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1820085-4A6D-4D4D-A4D4-385956FD0AAB}: NameServer = 205.188.146.145<Only fix this if it doesn`t belong to your ISP.
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
ALCXMNTR.EXE<Search your system for this file and delete all instances found.
Reboot your system.
Post a fresh HJT log and let me know how your system is running.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
Apart from you not having got rid of the ALCXMNTR.EXE file, your HJT log is clean.
Now would be a good time to clean out your old system restore points and anything nasty that`s in them. We will then create a new clean restore point.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Now would be a good time to clean out your old system restore points and anything nasty that`s in them. We will then create a new clean restore point.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
I have merged your new thread into this one.
Your system is infected with a variety of nasties.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, Combofix and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is infected with a variety of nasties.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, Combofix and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard
This thread is for the use of SLB only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
Apple Vision Pro is facing declining interest and sales among consumers- Atmajaya2020 replied
-
SuperAntiSpyware problem- learninmypc replied
