Hijackthis

Status
Not open for further replies.
Welcome to TS. Congratulations! You successfully created a new thread & used attachments.

Please describe your observations/situation. Please relate messages (if any) you're seeing indicating your problem.
For anyone seeking help with malware removal, the volunteers expect 3 logs: MBAM, SAS, & HJT. Following this procedure "normalizes" your case in that over 1000 malware threats have been addressed by the tools.

General: Acrobat 5.0\Reader is OLD & a security risk. Update to latest version.


Scan with HJT -- Tick & Fix
O4 - HKCU\..\Run: [MSFox] C:\DOCUME~1\Paddy\LOCALS~1\Temp\xxx9983.exe - - >confirmed malware

These are UNKNOWN. I suggest HJT > tick & fix. It is your decision.
O2 - BHO: offersfortoday - {cee59dec-6653-6f26-0fb7-e97d032a4767} - C:\WINDOWS\system32\nsr76.dll
O2 - BHO: offersfortoday browser enhancer - {E2C2DD6E-11FA-1103-F513-3705263F433C} - C:\WINDOWS\system32\xfilqmbuluvuyn.dll
O4 - HKLM\..\Run: [locks tick title proc] C:\Documents and Settings\All Users\Application Data\bags readme locks tick\Wipe media.exe
O4 - HKLM\..\Run: [sfempdnxreznvsgrr] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\xfilqmbuluvuyn.dll"
O4 - HKCU\..\Run: [ChinHtm] C:\DOCUME~1\Paddy\APPLIC~1\LESSRO~1\Barblongintra.exe
 
Status
Not open for further replies.
Back