Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hello world, my name is Jim and I have lexplore


  • Please log in to reply

#1
I8lexplore

I8lexplore

    New Member

  • Member
  • Pip
  • 2 posts
Hi. My name is Jim and my computers are infected.
I know it is lexplore and hoped that a newer machine would not get infected (it was only a small file I transfered, just one). I was so happy without lexplore and now it is running around my newer laptop and affecting it worse than ME. Me so happy now that lexplore has been exposed and HJT is here to help me! I have bought several PGM's for my old LTE and they never worked. The packard bell (WIN95) lasted only a few weeks after a long sabatical. I am somewhat of a Ludite, and do not need a current machine on a 26.4k dial-up. It was hard enough to give up the 8088. (tears) Oh,.. for the simple years of slide-rules, pencils and paper, back when you could put a good record on and listen to the label for hours on-end.
So, my geekish compadres, here is the stuff for 'Diablo lexploro':


Logfile of HijackThis v1.99.1
Scan saved at 2:07:19 PM, on 1/7/2007 (the clock is hosed again)
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\ACCESSORIES\WORDPAD.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IrMon] irmon.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: NOTEPAD.lnk = C:\WINDOWS\NOTEPAD.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf&blobkey=id&blobtable=MungoBlobs&blobwhere=1130825948863&ssbinary=true: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll

Adobe Flash Player 9 ActiveX
Adobe Reader 6.0.2 CE
HijackThis 1.99.1
InterVideo WinDVD 4
WlanUtility

Put the PDF reader on this machine too, got it from a friend on a CD for looking at a manual for the Dart.
Seem to recall the infection around that time, but can not say for sure.
You guys are the best and Thanks so much for keeping on top of this stuff- I never wanted to be an IT specialist- I just wanted to use the machine. I do, as you can tell use the Internet and wished the Web page designers would offer low-fi for us Ludites who never saw a Nova or a dongle. I did see one of the first valves though, and love the distortion of them and AM radio. There is something beautiful in the analog world that words can not describe. It is distortion. It is what made the Roll in the Rock.

Jim

Edited by I8lexplore, 10 January 2007 - 09:09 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP