Logfile of HijackThis v1.99.1 - Sealy : MAC-NET Secures IT

MAC-NET

How to

Do more with Firefox^NEW

Hijacked Browser Analysis

4-counter.com 3721

C2.lop browser hijacker

CWShredder

Edmond.exe

Intercom.exe Spyware

MWSOEMON.EXE - MyWebSearch

SearchPage CC Spyware

Spin4Dough Spyware

Sqwire.com home page hijack

Home » Spyware Protection » Hijacked Browser Analysis »

Logfile of HijackThis v1.99.1 - Sealy

The following entries needs attention:

F2 - REG:system.ini: Shell=explorer.exe C: \ WINNT \ System32 \ svohost.exe

Scan saved at 11:36:43 AM, on 5 / 30 / 2005
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C: \ WINNT \ System32 \ smss.exe
C: \ WINNT \ system32 \ winlogon.exe
C: \ WINNT \ system32 \ services.exe
C: \ WINNT \ system32 \ lsass.exe
C: \ WINNT \ system32 \ svchost.exe
C: \ WINNT \ system32 \ spoolsv.exe
C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgamsvr.exe
C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgupsvc.exe
C: \ Program Files \ Common Files \ EPSON \ EBAPI \ SAgent2.exe
C: \ WINNT \ System32 \ svchost.exe
C: \ WINNT \ system32 \ regsvc.exe
C: \ WINNT \ system32 \ MSTask.exe
C: \ WINNT \ System32 \ WBEM \ WinMgmt.exe
C: \ WINNT \ explorer.exe
C: \ Program Files \ ahead \ InCD \ InCD.exe
C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgcc.exe
C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgemc.exe
C: \ Program Files \ Microsoft Office \ Office \ 1033 \ OLFSNT40.EXE
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ supervisor \ Desktop \ MicrosoftAntiSpywareInstall.exe
C: \ Documents and Settings \ supervisor \ Desktop \ HijackThis.exe

F2 - REG:system.ini: Shell=explorer.exe C: \ WINNT \ System32 \ svohost.exe
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C: \ WINNT \ System32 \ msdxm.ocx
O4 - HKLM \ .. \ Run: [Synchronization Manager] mobsync.exe / logon
O4 - HKLM \ .. \ Run: [NeroCheck] C: \ WINNT \ System32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [InCD] C: \ Program Files \ ahead \ InCD \ InCD.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [AVG7_EMC] C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgemc.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C: \ WINNT \ system32 \ spool \ drivers \ w32x86 \ 3 \ E_SRCV02EXE
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(4).lnk = C: \ WINNT \ system32 \ spool \ drivers \ w32x86 \ 3 \ E_SRCV04.EXE
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C: \ Program Files \ Microsoft Office \ Office \ 1033 \ OLFSNT40.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C: \ WINNT \ web \ related.htm
O9 - Extra ´Tools´ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C: \ WINNT \ web \ related.htm
O20 - Winlogon Notify: nwprovau - C: \ WINNT \ SYSTEM32 \ nwprovau.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C: \ PROGRA~1 \ Grisoft \ AVGFRE~1 \ avgupsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C: \ WINNT \ System32 \ dmadminexe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C: \ Program Files \ Common Files \ EPSON \ EBAPI \ SAgent2.exe

Post your comment

Mail this page