Tech Support Forum - View Single Post - Hijack this log (IE URL Address bar not working)

MoralTerror · 04-14-2006, 01:50 PM

Hi scottv

That's no problem, the sticky is designed to remove a lot prior to you posting a log. Once you post a log it can take a while to analyse it and the fix we then prescribe won't be accurate if you continue to run removal tools. This wastes time on both our parts.

Please print out or copy this page to Notepad in order to assist you while carrying out the following instructions

Your installed Firewall has disabled Windows XP Firewall, which is normal. Spybot detecting this entry...HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0 is fine. Set it up to ignore the entry as it's an issue with Spybot and the entry is correct.

In order to do so please right click the entry to expand the find, then click on the sub-find, then right click...’exclude this detection from further searches'. That way, should any other part of security center settings change, Spybot will still detect those.

Please see this link (http://www.spybot.info/en/faq/46.html) at Safer Networking, Spybot's home, regarding these finds.

Your Java is outdated please follow these steps to update it

Go to Start > Control Panel double-click on add/remove programs.
Search in the list for all previous installed versions of Java (J2SE Runtime Environment.... )

It may have a coffee cup icon next to it.
Select it and click Remove.
Then Download and install the newest version from here:
http://www.java.com/en/download/manual.jsp

verclsid.exe is a legit Microsoft process included in the latest Security Update

There have been reports that HP Share to Web and verclsid.exe have been causing conflicts. Microsoft are working on an update at this time. If you have further problems then you could

Disable HP Share to Web

OR
Uninstall the Security Update (908531) via add/remove programs until the new update is released

Go to My Computer >Tools >Folder Options >View tab and select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Also make sure there is no checkmark beside Hide file extensions for known file types. Click OK.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Open Hijack This and click on Scan. Check the following entry

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

Please remember to close all other windows, including browsers then click Fix checked.

Delete the following File indicated in RED if it still exists.

ALCXMNTR.EXE <<<< find via start > search

Reboot your system in Normal Mode.

Perform an online scan with Internet Explorer with Panda ActiveScan

Click on the "Free To Use ActiveScan" located on the top right hand corner

Click Check Now and a "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
Enter your e-mail address, country, and state & click Scan Now * The download of the 8 MB Panda's ActiveX control will take place *

Begin the scan by selecting My Computer

If it finds any malware, it will offer you a report.

Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.

Click on See report then click Save report

* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan

Paste the Panda Scan report here together with a new HiJack This log.

04-14-2006, 01:50 PM	#6 (permalink)
MoralTerror Analyst, Security Team Join Date: Nov 2005 Location: UK Posts: 1,968 OS: xp	Hi scottv That's no problem, the sticky is designed to remove a lot prior to you posting a log. Once you post a log it can take a while to analyse it and the fix we then prescribe won't be accurate if you continue to run removal tools. This wastes time on both our parts. Please print out or copy this page to Notepad in order to assist you while carrying out the following instructions Your installed Firewall has disabled Windows XP Firewall, which is normal. Spybot detecting this entry...HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0 is fine. Set it up to ignore the entry as it's an issue with Spybot and the entry is correct. In order to do so please right click the entry to expand the find, then click on the sub-find, then right click...’exclude this detection from further searches'. That way, should any other part of security center settings change, Spybot will still detect those. Please see this link (http://www.spybot.info/en/faq/46.html) at Safer Networking, Spybot's home, regarding these finds. Your Java is outdated please follow these steps to update it Go to Start > Control Panel double-click on add/remove programs. Search in the list for all previous installed versions of Java (J2SE Runtime Environment.... ) It may have a coffee cup icon next to it. Select it and click Remove. Then Download and install the newest version from here: http://www.java.com/en/download/manual.jsp verclsid.exe is a legit Microsoft process included in the latest Security Update There have been reports that HP Share to Web and verclsid.exe have been causing conflicts. Microsoft are working on an update at this time. If you have further problems then you could Disable HP Share to Web OR Uninstall the Security Update (908531) via add/remove programs until the new update is released Go to My Computer >Tools >Folder Options >View tab and select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Also make sure there is no checkmark beside Hide file extensions for known file types. Click OK. Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears). Open Hijack This and click on Scan. Check the following entry O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE Please remember to close all other windows, including browsers then click Fix checked. Delete the following File indicated in RED if it still exists. ALCXMNTR.EXE <<<< find via start > search Reboot your system in Normal Mode. Perform an online scan with Internet Explorer with Panda ActiveScan Click on the "Free To Use ActiveScan" located on the top right hand corner Click Check Now and a "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it * Enter your e-mail address, country, and state & click Scan Now * The download of the 8 MB Panda's ActiveX control will take place * Begin the scan by selecting My Computer If it finds any malware, it will offer you a report. Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later. Click on See report then click Save report * You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report. * Turn off the real time scanner of any existing antivirus program while performing the online scan Paste the Panda Scan report here together with a new HiJack This log.