re: Hijak This file scan--need advice Saturday, December 6, 2003 at 4:36 am Windows Me Annoyances Discussion Forum Posted by worm (792 messages posted) Hi Frank, Don't have Hijack This fix these two entries! O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab They will contain your passwords for the multiplayer games you play. Hope it's not too late. On Friday, December 5, 2003 at 11:15 pm, Carol wrote: > >Did you put any restrictions on this system, are you the sole user of this computer? >Get back to me on that, and let me know how things go after you do these things. > >For one thing you system's infected with the "W32.Xabot.Worm" (SysInit - wininit32.exe). >It's listed in your startups in at least a few places according to this log. After >you fix the entries in Hijack This, you'll need to clear out your System Restore >folder. You can check instr. on this site: > >http://securityresponse.symantec.com/avcenter/venc/data/w32.xabot.worm.html > >Run Hijack This again and select these. Have them fixed. Reboot. > >R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = >R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = >R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet >Explorer provided by InsightBB.com >R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = , >F1 - win.ini: run=LXDBOXCP.EXE >O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL >(file missing) >O4 - HKLM\..\Run: [LexStart] Lexstart.exe >O4 - HKLM\..\Run: [LoadQM] loadqm.exe >O4 - HKLM\..\Run: [SysInit] wininit32.exe >O4 - HKLM\..\RunServices: [SysInit] wininit32.exe >O4 - HKCU\..\Run: [SysInit] wininit32.exe >O4 - Startup: OFFICE STARTUP.LNK = C:\Program Files\Microsoft Office\Office\OSA.EXE >O4 - Startup: MICROSOFT FIND FAST.LNK = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE >O16 - DPF: {51045741-8C4E-4EAC-8F03-08E43A6FBB29} - http://aft.ancestry.com/aftfiles/files/install/AncestryFamilyTree.cab >O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB >O16 - DPF: {2C38A62E-D257-40E8-8BB7-5624E38FEB0A} - http://64.154.221.61/ads/lsdialer.cab >O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt0_x.cab >O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab >O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab >O16 - DPF: Yahoo! MLB StatTracker - http://aud7.sports.yahoo.com/java/y/mlbst8298_x.cab >O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://surechat.com:9000/Java/cfs31229.cab >O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - >http://64.124.45.181/downloads/ccpm_0237.cab >O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB >O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud12.sports.yahoo.com/java/y/nflgcst1008_x.cab >O16 - DPF: Yahoo! NBA StatTracker - http://aud3.sports.yahoo.com/java/y/nbast8264_x.cab > > Written in response to: re: Hijak This file scan--need advice (Ms. Eagle: Friday, December 5, 2003 at 11:15 pm) Responses to this message: re: Hijak This file scan--need advice (Frank: Saturday, December 6, 2003 at 6:44 am) That's not a big deal! (Ms. Eagle: Saturday, December 6, 2003 at 2:25 pm) All messages in this thread [show all] Hijak This file scan--need advice (Frank: Fri, Dec 5, 2003, 2:51 pm) re: Hijak This file scan--need advice (Ms. Eagle: Fri, Dec 5, 2003, 3:52 pm) re: Hijak This file scan--need advice (worm: Fri, Dec 5, 2003, 4:32 pm) re: Hijak This file scan--need advice (Frank: Fri, Dec 5, 2003, 5:26 pm) re: Hijak This file scan--need advice (Ms. Eagle: Fri, Dec 5, 2003, 7:35 pm) re: Hijak This file scan--need advice (Frank: Fri, Dec 5, 2003, 7:58 pm) re: Hijak This file scan--need advice (Ms. Eagle: Fri, Dec 5, 2003, 11:15 pm) re: Hijak This file scan--need advice (worm: Sat, Dec 6, 2003, 4:36 am) re: Hijak This file scan--need advice (Frank: Sat, Dec 6, 2003, 6:44 am) re: Hijak This file scan--need advice (worm: Sat, Dec 6, 2003, 7:37 am) re: Hijak This file scan--need advice (Frank: Sat, Dec 6, 2003, 10:11 am) re: Hijak This file scan--need advice (Frank: Sat, Dec 6, 2003, 10:33 am) re: Hijak This file scan--need advice (worm: Sat, Dec 6, 2003, 10:53 am) re: Hijak This file scan--need advice (Frank: Sat, Dec 6, 2003, 11:06 am) re: Hijak This file scan--need advice (worm: Sat, Dec 6, 2003, 12:13 pm) re: Hijak This file scan--need advice (Ms. Eagle: Sat, Dec 6, 2003, 2:34 pm) re: Hijak This file scan--need advice (worm: Sat, Dec 6, 2003, 4:50 pm) re: Hijak This file scan--need advice (Ms. Eagle: Sat, Dec 6, 2003, 5:50 pm) re: Hijak This file scan--need advice (worm: Sun, Dec 7, 2003, 3:38 am) re: Hijak This file scan (Ms. Eagle: Sat, Dec 6, 2003, 6:27 pm) re: Hijak This file scan (worm: Sun, Dec 7, 2003, 3:32 am) re: Hijak This file scan--need advice (Ms. Eagle: Sat, Dec 6, 2003, 3:58 pm) re: Hijak This file scan--need advice (Frank: Sun, Dec 7, 2003, 9:27 am) re: Hijak This file scan--need advice (Ms. Eagle: Mon, Dec 8, 2003, 3:02 pm) That's not a big deal! (Ms. Eagle: Sat, Dec 6, 2003, 2:25 pm) re: That's not a big deal! (Frank: Sun, Dec 7, 2003, 9:18 am) Reply or follow-up to this message Search this forum Start a new thread on a different subject Report abuse of the forum Return to the Windows Me Discussion Forum