TechSpot

hijackThis log - please review

By bka114
Dec 15, 2006
  1. please review the attached hijackThis log. I ran all four tools according to your instuctions. Initially, there were two icons in the system tray with pop ups that stated "critical system errors". Also, everytime i would open internet explorer, pop ups would constantly appear.

    After running the four removal tools, it appears that after I restarted the computer that the system tray is back to normal (no more critical system errors)...but, I still receive pop-ups when I access my browser.
     

    Attached Files:

  2. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Hello bka114 and Welcome to TechSpot :wave:

    Your system is infected with malware.

    Please copy and paste these instructions into notepad and save the file to your desktop.

    First of all, turn off system restore (see how here)

    Now, restart your computer in safe mode (see how here)


    Once your computer is started up, open the notepad file and follow these instructions exactly.

    Run HijackThis and have it save a logfile with no other programs open except notepad.

    Go into Task Manager by pressing down the ctrl and alt keys simaltaneously and then pressing delete.

    Go to the 'processes' tab and end the process for (if there):
    n?tepad.exe
    ALCXMNTR.EXE


    Now have HijackThis fix the following entries (if there):
    O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{301CB~1\Bar888.dll
    O2 - BHO: (no name) - {F0CD7EB1-A2DB-4872-A326-F4D0064F70D2} - C:\WINDOWS\system32\gebcd.dll
    O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{301CB~1\Bar888.dll
    O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Program Files\Safety Bar\SafetyBar.dll
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O20 - Winlogon Notify: gebcd - C:\WINDOWS\system32\gebcd.dll


    Now go into add/remove programs in the control panel and uninstall anything to do with (if there):
    Bar888
    SpywareQuake
    MalwareWipe
    BraveSentry
    VirusBust


    Search for the following files and delete each instance of them:
    Bar888.dll
    gebcd.dll
    SafetyBar.dll
    ALCXMNTR.EXE


    Go into 'C:\Program Files' and delete the entire 'SafetyBar' directory.

    Now restart your computer in normal mode and post a fresh HijackThis log.

    Cheers

    --kitty

    This thread is for the use of bka114 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
     
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is riddled with a variety of nasties.

    In Addition to the instructions given by kitty500cat, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.


    Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.


    Regards Howard :wave: :wave:


    This thread is for the use of bka114 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...