MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Hijacked Browser Analysis

4-counter.com 3721

C2.lop browser hijacker

CWShredder

Edmond.exe

Intercom.exe Spyware

MWSOEMON.EXE - MyWebSearch

SearchPage CC Spyware

Spin4Dough Spyware

Sqwire.com home page hijack

Tips on removing spyware
Home » Spyware Protection » 

4-counter.com & 3721 Spyware

Another of my customer got another bad attack of Spyware - This time it automatically generated alot of item on the My Favourite Folder.  And it hijacked his Internet Explorer home page and point it to 4-counter.com.  If the browser is left on, after a while, it automatically starts downloading pronographic materials from it's list of random sites.  And also it uses the MS Outlook to spam its contact list - sending messages out to invite the user to click on a pronographic site.

It looks like there has a combination of:

  • 3721 - Chinese Search Engine
  • 4-counter.com / icanfindit.net - "I Can Find It, Search For Pleasure"

After a couple of research and experiment, I was able to remove them from the computer.

Here is my 4-counter removal procedure:

  1. Open Task Manager and end these processes:
    helper.dll
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\3721\helper.dll

  2. Deregister the above:
    regsvr32  /u  C:\PROGRA~1\3721\helper.dll
    regsvr32  /u  C:\WINDOWS\system32\rundll32.exe

  3. Remove Run - "helper" key from the registry.

  4. Restart the computer - run one of the following Spyware.
    • Ad-Aware
    • Spybot
    • Bazooka
    • AdMuncher
    • CWShredder
    • Spyware Blaster
    • WebRoot Spy Sweeper

 

commentPost your comment (42) 
Mail this pageMail this page


© 2006-2010. All Rights Reserved.