Annoyances.org
Home » Windows 98 Discussion Forum » Message 1086729265 Search | Help | Home
  
Tip: Run a free scan for common Windows errors ad

re: Evil "lexplore" virus hijacked me
Tuesday, June 8, 2004 at 2:14 pm
Windows 98 Annoyances Discussion Forum
Posted by Ms. Eagle (33507 messages posted) 





This may work out, but try running Spybot again after fixing these and following 
the rest of the instructions. I don't know where it's hanging at, just by those numbers 
you posted.

First move HIJACKTHIS into a folder, any folder but a temp folder. It creates backups 
and places them in the same location as Hijackthis is in.

Next, uninstall Wild Tangent in Add/Remove programs. Reboot. Run HijackThis. Select 
Fix checked. Reboot. Delete the items I mentioned below.

C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\WINDOWS\WT\UPDATER\WCMDMGR.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c99&s=search&i=enu
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c99&s=search&i=enu
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=1c99&s=search&i=enu
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {08351226-6472-43BD-8A40-D9221FF1C4CE} - :\WINDOWS\DOWNLOADED 
PROGRAM FILES\SBCIE026.DLL
O2 - BHO: (no name) - {bcfad060-b146-11d7-8ce3-0008c713a59e} - (no file)
O2 - BHO: (no name) - {08227B4B-54FE-4C4D-809F-BCA46292FC5B} - C:\WINDOWS\SYSTEM\ZEDD4.DLL
O2 - BHO: (no name) - {EFF80427-F837-4B74-8834-BAF18E0553FD} - C:\PROGRA~1\SYSTEM\MISC\MBH19.DLL 
(file missing)
O3 - Toolbar: (no name) - {5E92F538-B50B-46c5-9C5F-C6EECED3F6C6} - (no file)
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [OEMCLEANUP] c:\windows\OPTIONS\oemreset.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" 
-osboot
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [Installer] C:\WINDOWS\SYSTEM\WINST.EXE
O4 - HKCU\..\Run: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} (SideStep IE Inst) - http://download.sidestep.com/get/k00719/sb026.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

MiniBug is spyware app installed with Weatherbug spyware app. Not needed-->>
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?

Delete the entire TV Media folder:
C:\TV MEDIA\TVM.EXE

Delete these files->>
C:\WINDOWS\SYSTEM\ZEDD4.DLL
C:\WINDOWS\SYSTEM\WINST.EXE

Wild Tangent folder/files. Look for a WT folder containing these files, delete if 
there->>
C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

Download this IEFIX.reg file to your Desktop. Double-click on it and answer Yes, 
to merge into your registry. It will restore all the default Search settings for 
IE. 
SpywareInfo.com-IEFIX.reg



Written in response to:
re: Evil "lexplore" virus hijacked me (geehawgirl: Tuesday, June 8, 2004 at 11:24 am)

Responses to this message:
*re: Evil "lexplore" virus hijacked me (geehawgirl: Tuesday, June 8, 2004 at 6:26 pm)

All messages in this thread [show all]
-Evil "lexplore" virus hijacked me (geehawgirl: Thu, Jun 3, 2004, 10:30 pm)
*re: Evil "lexplore" virus hijacked me (Ms. Eagle: Thu, Jun 3, 2004, 11:59 pm)
*re: Evil "lexplore" virus hijacked me (Carl S.: Fri, Jun 4, 2004, 4:26 am)
-re: Evil "lexplore" virus hijacked me (David: Fri, Jun 4, 2004, 2:32 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Fri, Jun 4, 2004, 6:16 pm)
-re: Evil "lexplore" virus hijacked me (David: Fri, Jun 4, 2004, 6:26 pm)
*re: Evil "lexplore" virus hijacked me (Ms. Eagle: Fri, Jun 4, 2004, 11:30 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Fri, Jun 4, 2004, 7:36 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Fri, Jun 4, 2004, 7:50 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Fri, Jun 4, 2004, 11:23 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Sun, Jun 6, 2004, 9:38 am)
-re: Evil "lexplore" virus hijacked me (David: Sun, Jun 6, 2004, 9:04 pm)
*re: Evil "lexplore" virus hijacked me (geehawgirl: Mon, Jun 7, 2004, 12:04 am)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Mon, Jun 7, 2004, 2:53 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Mon, Jun 7, 2004, 10:51 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Mon, Jun 7, 2004, 11:16 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Tue, Jun 8, 2004, 11:24 am)
*re: Evil "lexplore" virus hijacked me (Dan: Tue, Jun 8, 2004, 1:08 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Tue, Jun 8, 2004, 2:14 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Tue, Jun 8, 2004, 6:26 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Tue, Jun 8, 2004, 7:01 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Tue, Jun 8, 2004, 9:32 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Tue, Jun 8, 2004, 11:43 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Wed, Jun 9, 2004, 12:53 am)
*re: Evil "lexplore" virus hijacked me (Ms. Eagle: Wed, Jun 9, 2004, 1:09 am)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Wed, Jun 9, 2004, 2:00 am)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Wed, Jun 9, 2004, 8:58 am)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Wed, Jun 9, 2004, 3:44 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Wed, Jun 9, 2004, 11:25 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Thu, Jun 10, 2004, 11:38 am)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Thu, Jun 10, 2004, 9:48 pm)
*re: Evil "lexplore" virus hijacked me (Ms. Eagle: Fri, Jun 11, 2004, 12:35 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Fri, Jun 11, 2004, 12:50 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Fri, Jun 11, 2004, 10:23 pm)
-re: Evil "lexplore" virus hijacked me (Ms. Eagle: Fri, Jun 11, 2004, 11:05 pm)
-re: Evil "lexplore" virus hijacked me (geehawgirl: Sat, Jun 12, 2004, 12:24 am)
*re: Evil "lexplore" virus hijacked me (Ms. Eagle: Sat, Jun 12, 2004, 12:57 am)
Return to the Windows 98 Discussion Forum


All content at Annoyances.org is Copyright © 1995-2009 Creative Elementtm All rights reserved.
Please do not plagiarize; redistributing these pages without permission is strictly prohibited.