• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
tabuk

iroffer-help!

4 posts in this topic

today i rebooted my modem and when windows loaded i saw a program. now im not fluent in computer lingo so humor me, it was a black window and had a bunch of info in it that looked useless enough but I took note of the name IROFFER.EXE

and did a bit of research on the "program" because i hate the idea of somthing being put on my property without my consent... anywho i found out from some site that it could possibly be a trojan that allows some ass to controle my computer. even if it isnt i would like to rid myself of it because it uses up my bandwidth. you know when you techies go into windows cmd for whatever reason, well it looks like that. the same look, type and window so ill get to my point how do i completely rid myself of this kind of hellian.

 

 

windows xp

pentium 4 2.4 ghz

256 mb ram

Nvidia Geforce fx 5200

Share this post


Link to post
Share on other sites

heres the log plus i went to the mcaffee site, or however you spell it, and it found this

C:\Documents and Settings\...\Aiaigdcp.exe BackDoor-AXJ.gen

C:\Documents and Settings\...\Temp\efohbkgm.htm BackDoor-AXJ.htm

C:\Documents and Settings\...\Temp\fjfdnheh.htm BackDoor-AXJ.htm

C:\Documents and Settings\...\polall1t.exe Downloader-KL

C:\Documents and Settings\...\twaintec.cab Downloader-KL

C:\Documents and Settings\...\kk[1].gif BackDoor-AXJ.gen

it froze about 8000 files into it so im sure thers much more, another forum told me to locate and delete the files but theyre hidden or somthing because, for instance, a couple are loacated in a folder called "temp" but its empty. anyways heres the hijack this log.

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svsipconfig.exe

C:\WINDOWS\System32\video_32D.exe

C:\WINDOWS\System32\msgn.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\msmesg32.exe

C:\Documents and Settings\chad berryhill\Desktop\misc\HijackThis.exe

 

O4 - HKLM\..\Run: [Microsoft Update] msgn.exe

O4 - HKLM\..\Run: [Microsoft Message Machine] msmesg32.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Microsoft Update Clinic] svsipconfig.exe

O4 - HKLM\..\Run: [NVIDIA Video drivers] video_32D.exe

O4 - HKLM\..\RunServices: [Microsoft Update] msgn.exe

O4 - HKLM\..\RunServices: [Microsoft Message Machine] msmesg32.exe

O4 - HKLM\..\RunServices: [Microsoft Update Clinic] svsipconfig.exe

O4 - HKLM\..\RunServices: [NVIDIA Video drivers] video_32D.exe

O4 - HKCU\..\Run: [Microsoft Update] msgn.exe

O4 - HKCU\..\Run: [Microsoft Message Machine] msmesg32.exe

O4 - HKCU\..\Run: [NVIDIA Video drivers] video_32D.exe

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...372/mcfscan.cab

 

by the way i think i should tell you that more often than not when i delete a malicious object using hijack this it just comes back.

 

windows xp

pentium 4 2.4 ghz

256mb ram

nvidia geforce fx 5200

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0