Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help Me Get Rid Of Outerinfo Please!


  • Please log in to reply
14 replies to this topic

#1 S1L3N7_SWAT

S1L3N7_SWAT

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 04 July 2007 - 04:36 PM

Hi, Im new to these forums but I've come here for some help. Some how this Outerinfo crap has found its way onto my computer and I cant get rid of it. I'm so frustrated I'm seriously contemplating the idea of blowing my computer up for the 4th of July. :thumbsup:

I've "uninstalled" Outerinfo when I first noticed it a few days ago, but the uninstall doesnt work and the crap was still there. Then I went and deleted it from "Add\Remove programs" and it stopped it from showing up on the taskbar(down by the clock). I also did a search of my C:\ drive for "OuterInfo" and I deleted the files it found. I'm still getting constant pop-ups every time in start IE and their all from this OuterInfo bleep.

I'm also getting windows error pop-ups that say netdde.exe has encountered a problem and needs to close, and the "debug", "send error report" buttons. I've tried to delete this file but it comes back, and I see it in windows task manager under the processes tab.

If someone could guide me through the process of eradicating this scourge it would be much appreciated. I've seen other people who had the same problem and it seems to me like a arduous task.

I have Windows XP Home Edition with Service Pack 2.

Thank You.

P.S. Sorry about the typo in the Topic line.

Edited by S1L3N7_SWAT, 04 July 2007 - 04:39 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,201 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:44 PM

Posted 04 July 2007 - 04:58 PM

Have you seen the instructions in the link below?
http://www.geekstogo.com/forum/How-to-remo...IN-t134763.html

You can also follow the instructions below.
Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 04 July 2007 - 05:24 PM

Thanks, but I need a little more help. Every time I look at one of these tutorials they all have different programs that you need to download and install, including this one. It didn't even mention Hijack This, which every other tutorial I've seen did mention it. I also heard that this process varies from computer to computer and it cant be determined with out seeing a HJT log. If any one out there can give a a more detailed tutorial that is tailored for my computer it would be helpful.

#4 buddy215

buddy215

  • Moderator
  • 13,201 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:44 PM

Posted 04 July 2007 - 05:37 PM

At the top of the tutorial I linked to is This:
"Outerinfo is now being installed with other nasty malware that this procedure may not fix, so after following it I strongly suggest you post your HiJackThis log as well as the other logs on the forum and we'll clean up the rest of it."

The second paragraph in my first post was this:
You can also follow the instructions below.
Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 04 July 2007 - 05:43 PM

Yes buddy215. I'm fully aware of what you posted, but I was not very helpful to me. Im a little confused as to why there are several different tutorial out there that all say different things. How the hell am I supposed to know which one is correct? This is why this kind of stuff is so damn frustrating, your computer is F'ed and when you try to get help all you get is the run-around. If any one here besides buddy215 can help me please do before I put this damn computer out of its misery.

#6 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:04:44 PM

Posted 04 July 2007 - 07:10 PM

S1L3N7_SWAT - You have been given proper instructions to begin cleaning up your system by buddy215.

If you choose not to follow these beginning steps in order to help other Malware/HJT Techs diagnose all your problems, that is your decision and we'll not be able to help you then. It appears you have much more than just an Outerinfo info infection.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#7 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 July 2007 - 12:19 PM

Hey, my bad. I didnt look at the instructions throughly enough, my bad. Im in the process of runing all the anti spyware programs then I'll post a HJT Log.

Thanks.

#8 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 July 2007 - 02:27 PM

Ok, I just ran SpyBot a few times and got rid of a lot of things, one in particular a firewall bypass. Amoungts the crap Spybot found was Smitfraud-C.CoreService. It says it cant delete 3 of the items associated with it. There's one registry file:

HKEY_LOCAL_MACHINE\System\Control001\services\core

I tracked it down by going into the registry and deleting it but I dont think it worked. The other two where files,

C:/WINDOWS\System32\drivers\core.cache.dsk

and

C:\WINDOWS\System32\drivers\core.sys

I found both of these files and attempted to delete them but I wasnt able because it said that these where being used by another program. I closed every thing and tried again, still didn't work. Then I hit ctrl,alt delete and closed all the unfamiliar looking programs under the processed tab. I ended up forcing windows to restart because i interrupted a protocol or something. I searched my C:\ drive for Smitfraud and got a bunch of Winrar zipped files, i deleted them and to my knowledge they're gone. Im not to sure if this is an outerinfo problem anymore because I deleted PrurityScan when I saw it come up in a virus scan yesterday.

Im going to scan once more with another program to see if Smitfraud is my only problem right now. Im still getting pop-ups which really the only symptom im experiencing. The title on the top bar of a pop-up that frequently shows up says "TARGETED", which is a little spooky. I would like to know if i still need to proceed with this process then run HJT or not. If someone can tell me how to forcibly remove those files that would be great too. Hopefully this is coming to a close because this is really a pain in the ass.

Thank you.

Edited by S1L3N7_SWAT, 05 July 2007 - 02:44 PM.


#9 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 July 2007 - 06:08 PM

Ok, I completed all the nesecary steps before running HJT. Thanks to all that helped me.

#10 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 July 2007 - 06:18 PM

This is bullbleep. I just Downloaded HJT. I did every thing it told me to, unzip it, click close, go to C:\program files\Hijack This, i click the HJT Icon and BOOM, Error message saying theres some file, MSVBVM60.DLL missing or not found. It tells me to try to re-install it but after 3 or 4 tries I still got nothing. Please someone tell what the hell am doing wrong if anything. This is getting really bleeping old, I've been at this for about 2 days straight.

#11 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:02:44 PM

Posted 05 July 2007 - 06:53 PM

You can find the necessary dll, here:
msvbvm60.dll
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#12 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 July 2007 - 06:56 PM

Thank You so much. :thumbsup:

Wait, where exactly do I extract it to, the readme just says windows\system directory. That petty freaking vague. Please, if you know, where dose it go??

Edited by S1L3N7_SWAT, 05 July 2007 - 06:59 PM.


#13 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:02:44 PM

Posted 05 July 2007 - 07:27 PM

Depends on your operating system:
Windows 95/98/Me - C:\Windows\System
Windows NT/2000 - C:\WINNT\System32
Windows XP - C:\Windows\System32

Instructions for installation, can be found here:
How to install

Un-zipped it to the location indicated above, that applies to you, then complete the rest of step #6.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#14 S1L3N7_SWAT

S1L3N7_SWAT
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:02:44 PM

Posted 05 July 2007 - 07:30 PM

Thank You. Disreagard the PM I sent you.

#15 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:02:44 PM

Posted 05 July 2007 - 07:36 PM

You're welcome.
Already replied to it. :thumbsup:
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users