Home > Hjt Log > HJT Log - Possibly Trojan Getcodec.a

HJT Log - Possibly Trojan Getcodec.a

While you are in SAFE mode, open C:\SDFix folderDouble-click RunThis.batType Y to start cleaning with SDFixIf it finish removing what it can detect and remove, press any key to reboot the Post new HijackThis log. :icon_neutral: 0 Discussion Starter LittleBlue 8 Years Ago :icon_neutral: I'm so sorry, wasn't thinking straight. Obviously they weren't threats even though they were .exe files, so I guess those were false positives. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. have a peek at these guys

Regards, -Phil Member of the Unified Network of Instructors and Trusted EliminatorsProudly Supporting Bleeping Computer to Defend the Freedom of Speech Back to top #49 ep2002 ep2002 Topic Starter Members 321 I already told you that it didn't JUST scan the boot sector which is why it took so long. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. button.

Next click on Open uninstall manager. This applies only to the original topic starter. by bill0224 / February 26, 2009 12:09 AM PST In reply to: Yes, it's still there Here's the combofix log.ComboFix 09-02-24.02 - bill 2009-02-26 9:57:29.9 - NTFSx86Running from: c:\documents and settings\bill\Desktop\Virus I even redid the kapersky scan and it wasn't there?!

If asked to restart the computer, please do so immediately. Now you should Create a New Restore Point to prevent possible reinfection from an old one. I did delete the files that were in quarantine, but the problem still remains. You're welcome!

I need to see another log from HijackThis. By the power of truth, I, while living, have conquered the universe. ~Scratch~My help is always free, but if you want to donate to help me continue my fight against malware Sorry, there was a problem flagging this post. Click Run.When the downloads have finished, click on Settings.Make sure these boxes are checked (ticked).

The RKill notepad never popped up, but I did find it on my desktop. 3. I've been working with computers since '84 & I've been online full time since '98. 5. Thread Status: Not open for further replies. Uninstall list Malwarebytes log - also post the log from your first scan if you have it.

Run ATF Cleaner again then select all items then click Empty all selected items.2. Once the scan is complete, it will display if your system has been infected.Save the scan results as a Text file ... Limewire's gone, didn't use it that much but that's probably where I got infected...Ran the ATF scanner tooKASPERSKY ONLINE SCANNER 7 REPORT Monday, February 23, 2009 Operating System: Microsoft Windows XP c:\WINDOWS\system32\gukejibu.dll (Trojan.Vundo.H) -> Delete on reboot.

Several functions may not work. http://exomatik.net/hjt-log/hjt-log-zlob-trojan-and-c-exe.php Please refer to this page if you are not sure how. No, create an account now. Please include the C:\ComboFix.txt in your next reply, along with a new HijackThis log.

Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe O4 A day or two ago, according to others that use this computer, our web browsers starting popping up to random ad sites in IE. check my blog If you were using Bitdefender, then I would know exactly how to proceed because that is what I have personally used for years.

Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. Download and Run ATF Cleaner Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop. If it's broken, fix it!

Double-click that icon to launch the program.

The only thing that's weird is no matter what I do or what scanner/fix I use it always comes back on reboot. Thank You ! The program should not take long to finish its jobOnce its finished it should reboot your machine, if not, do this yourself to ensure a complete cleanPlease download Malwarebytes' Anti-Malware from The PC is behaving perfectly normally now - actually is has been for a while, except for the MSCONFIG behavior.--------------------------------------------------------------------------------KASPERSKY ONLINE SCANNER 7.0 REPORT Saturday, July 4, 2009 Operating System: Microsoft

Typically there are two ways to find a file when you don't know what folder it is in. There is NO need to double-click the icon of SAS in your desktop because SAS will open automatically.The SAS setup wizard will run to offer you to protect the home page See if any will try to delete any trojan or malware.You might need to run another scan using Combofix so please follow again the self-help guide in using Combofix and post http://exomatik.net/hjt-log/hjt-log-to-remove-trojan.php Share this post Link to post Share on other sites SteveAckerman    New Member Topic Starter Members 24 posts ID: 31   Posted July 6, 2009 I tried your advice re:

Join over 733,556 other people just like you! I attempted to download Comodo firewall via Opera10 and as soon as I click on the save button for to begin the download XP bluescreens and reboots. Getmodule was back again after rebooting so I did the Combofix and rebooted- getmodule is back in the startup menu, I scanned with HJT and it's still there. Your HijackThis log was posted in the Vista forum.

Keep a log of this so you can find it easily should you need to use System Restore.Then use the Disk Cleanup to remove all but the most recently created Restore Click on Save Report As....Save this report to a convenient place. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content The Elder Geek on Windows Forums Members Calendar cybertech, Jun 26, 2008 #20 Slickness Thread Starter Joined: Jun 14, 2008 Messages: 13 i did what you said and i still see the scvhost.exe roaming folder but the reg keys

All Activity Home Malware Removal Help Malware Removal for Windows Resolved Malware Removal Logs neither HijackThis nor Malwarebytes working Privacy Policy Contact Us Back to Top Malwarebytes Community Software by Invision