Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Outerinfo..


  • Please log in to reply

#1
DarkFalled

DarkFalled

    New Member

  • Member
  • Pip
  • 1 posts
Recently my computer has be spamed with ad pop ups by outerinfo i followed most of what it said to do but it didnt work so i decided to use Hijack this heres the log.

Logfile of HijackThis v1.99.1
Scan saved at 9:30:15 PM, on 12/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdfserv.exe
E:\WINDOWS\system32\lxdfcoms.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
E:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
E:\Program Files\Common Files\eEye Digital Security\Application Bus\eeyeevnt.exe
E:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
E:\Program Files\Lexmark 6500 Series\lxdfmon.exe
E:\Program Files\Lexmark 6500 Series\lxdfamon.exe
E:\Program Files\LClock\LClock.exe
E:\Program Files\Messenger\MSMSGS.EXE
E:\PROGRA~1\COMMON~1\ASKS~1\iexplore.exe
E:\WINDOWS\system32\?racle\?ttrib.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\CursorXP\CursorXP.exe
E:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
E:\Program Files\eEye Digital Security\Blink\Blink.exe
E:\Program Files\eEye Digital Security\Blink\blinksvc.exe
E:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
E:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: (no name) - {224814AF-FE96-493D-A155-6256E0F8858C} - E:\WINDOWS\system32\efeeb.dll (file missing)
O2 - BHO: (no name) - {2E792000-E092-973A-B598-B56EFEEF99CE} - E:\WINDOWS\system32\tktfdya.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - E:\WINDOWS\system32\gwdgiqdq.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdfmon.exe] "E:\Program Files\Lexmark 6500 Series\lxdfmon.exe"
O4 - HKLM\..\Run: [lxdfamon] "E:\Program Files\Lexmark 6500 Series\lxdfamon.exe"
O4 - HKLM\..\Run: [Lexmark 6500 Series Fax Server] "E:\Program Files\Lexmark 6500 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [LClock] E:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Aaou] "E:\PROGRA~1\COMMON~1\ASKS~1\iexplore.exe" --ru -vt yazb
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] "E:\Program Files\CursorXP\CursorXP.exe" -s
O4 - Global Startup: Blink.lnk = E:\Program Files\eEye Digital Security\Blink\BLINK.EXE
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Sothink SWF Catcher - E:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - E:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm (file missing)
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - E:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.btsword.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...p1.0.0.15-3.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload....Plugin11USA.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.c.../acclaim_v5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1193194088061
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinn...ed/wwlaunch.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinn.../familyfeud.cab
O16 - DPF: {CFD7D0F6-CCAF-4FFA-9D7F-CE9B65F562EC} (AppCaller Control) - http://www.bombndash...n/AppCaller.ocx
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.gamengame...utComponent.cab
O18 - Filter: text/html - {72D50253-BE71-4c85-9B38-6331E5AD1499} - E:\Program Files\eEye Digital Security\Blink\IEMimeFilter.dll
O20 - Winlogon Notify: iiffebc - iiffebc.dll (file missing)
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - E:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: eEye Blink Engine (blinksvc) - eEye Digital Security - E:\Program Files\eEye Digital Security\Blink\blinksvc.exe
O23 - Service: DomainService - Unknown owner - E:\WINDOWS\system32\pgaylxlu.exe (file missing)
O23 - Service: eEye Application Bus (eeyeevnt) - eEye Digital Security - E:\Program Files\Common Files\eEye Digital Security\Application Bus\eeyeevnt.exe
O23 - Service: LiveUpdate - Unknown owner - E:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: lxdfCATSCustConnectService - Lexmark International, Inc. - E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe
O23 - Service: lxdf_device - - E:\WINDOWS\system32\lxdfcoms.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - E:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP