Newbie dot Org HomePage
Visit one of our web buddies
spyware
Jay Rowell
jay@rowell.org
07/31/04 		Hello-

I could really use some help with this. I know that the res://C:\WINDOWS\system32\gippk.dll/sp.html#96676
is messing this up but everytime I delete it and other similiar ones it just keeps coming back. Any thoughts?

Thanks in advance.

Jay

Logfile of HijackThis v1.98.0
Scan saved at 12:21:18 PM, on 7/31/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\msiq.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
C:\WINDOWS\sysyh32.exe
C:\WINDOWS\SYSTEM32\monitorbk.exe
C:\Program Files\QUICKENW\QW.EXE
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\MICROS~4\Office\OUTLOOK.EXE
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\Documents and Settings\Jay\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\gippk.dll/sp.html#96676
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://gippk.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://gippk.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\gippk.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\gippk.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://gippk.dll/index.html#96676
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://mail.yahoo.com/?.intl=us"); (C:\Documents and Settings\Jay\Application Data\Mozilla\Profiles\default\fhstfrw9.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Jay\Application Data\Mozilla\Profiles\default\fhstfrw9.slt\prefs.js)
O2 - BHO: (no name) - {89E5B9B5-75EB-DD47-2CDA-AEE61977C3C4} - C:\WINDOWS\system32\syswy32.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~2\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [sysyh32.exe] C:\WINDOWS\sysyh32.exe
O4 - HKLM\..\RunOnce: [msiq.exe] C:\WINDOWS\system32\msiq.exe
O4 - HKLM\..\RunOnce: [atlbl32.exe] C:\WINDOWS\atlbl32.exe
O4 - HKLM\..\RunOnce: [mfcme32.exe] C:\WINDOWS\mfcme32.exe
O4 - HKLM\..\RunOnce: [ntts.exe] C:\WINDOWS\ntts.exe
O4 - HKLM\..\RunOnce: [netkd32.exe] C:\WINDOWS\system32\netkd32.exe
O4 - HKLM\..\RunOnce: [mfcck.exe] C:\WINDOWS\mfcck.exe
O4 - HKLM\..\RunOnce: [ieax32.exe] C:\WINDOWS\system32\ieax32.exe
O4 - HKLM\..\RunOnce: [syspp32.exe] C:\WINDOWS\syspp32.exe
O4 - HKLM\..\RunOnce: [apiux32.exe] C:\WINDOWS\apiux32.exe
O4 - HKLM\..\RunOnce: [addju.exe] C:\WINDOWS\addju.exe
O4 - HKLM\..\RunOnce: [mfchm.exe] C:\WINDOWS\mfchm.exe
O4 - HKLM\..\RunOnce: [ntgv32.exe] C:\WINDOWS\ntgv32.exe
O4 - HKLM\..\RunOnce: [iptd32.exe] C:\WINDOWS\iptd32.exe
O4 - HKLM\..\RunOnce: [javahw.exe] C:\WINDOWS\system32\javahw.exe
O4 - HKLM\..\RunOnce: [apixf32.exe] C:\WINDOWS\system32\apixf32.exe
O4 - HKLM\..\RunOnce: [d3ng.exe] C:\WINDOWS\d3ng.exe
O4 - HKLM\..\RunOnce: [iexr.exe] C:\WINDOWS\system32\iexr.exe
O4 - HKLM\..\RunOnce: [appes32.exe] C:\WINDOWS\system32\appes32.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Belkin PCMCIA WLAN Monitor.lnk = C:\WINDOWS\SYSTEM32\monitorbk.exe
O4 - Global Startup: PowerReg Scheduler.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll

Anti-SpyWare: Hijack This v 1.98.0
Anti-Virus: Norton System Works 2002
Browser: IE
Firewall: WinXP
OS: WinXP

© Copyright 1998-2004 Newbie dot Org -- All rights reserved --
This site maintained by Galaxy Website Design


--|--