FIX FOR VIRUS SENT THROUGH PM'S
06-25-2008, 06:29 PM
#1
FIX FOR VIRUS SENT THROUGH PM'S
ok guys - bear with me here - just fixed my pc with the help of trend micro - i love those guys - here is what you need to do to fix this - if you are infected it will get worse - your desktop will dissappear - you will have to boot up in safe mode - here is the way to fix it - this is the first email sent to me to fix it - read this all the way through first - step two is lower
PLEASE DO THE FOLLOWING SO WE CAN GET THE INFORMATION WE NEED FROM YOUR SYSTEM:
1. Please click on the link below to download hijackthis.exe.
http://www.trendsecure.com/portal/en...kthis/download
2. Click on “Download HijackThis Installer”
3. Choose 'save' when prompted and save it to your desktop.
4. You should see the file: hijackthis.exe (icon looks like a detective), Double click on hijackthis.exe. A window will appear.
5. Click on “Do a system scan and save a log file”
6. A txt file will appear, you can close all the windows.
7. On your desktop, a new file will appear “hijackthis.log” (looks like a notepad)
Attach hijackthis.log when you reply to this email.
I hope to receive a reply from you soon regarding this case. Thank you very much for your cooperation.
Have a great day!
Best Regards,
Rolfe Garcia
Consumer Support Team
TrendLabs HQ, Trend Micro Incorporated
next this is how we fixed it and the trouble files
This is Rolfe from Trend Micro Consumer Support.
Thank you very much for your response. I have received the HijackThis log that you have sent us and please allow me to continue assisting you in this case.
Before doing the steps below, kindly boot your computer up ins Safe Mode. To do that, please follow the instructions below.
Start Computer in Safemode
1. Turn off Computer
2. Turn it on and repeatedly tap F8 Until Windows Advanced Options Menu
3. Choose Safemode and hit Enter twice
4. Log on to your name and click Yes to start Safemode
Now in Safe Mode, please open Hijackthis again and run a SYSTEM SCAN
CHECK THE FOLLOWING ENTRIES:
************************************************** **************************
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Owner\AppData\Local\Temp\efcARlih.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Owner\AppData\Local\Temp\iifeeBUo.dll,c
************************************************** **************************
- Then click Fix Checked to remove these entries.
- Click OK if prompted.
- Restart computer
After your computer restarts, kindly run a full scan using your Trend Micro program.
If we have successfully helped you with all of your concerns, please reply to this e-mail so that we can close this case. Thank you and have a great day!
Best Regards,
Rolfe Garcia
Consumer Support Team
TrendLabs HQ, Trend Micro Incorporated
HOPE THIS HELPS GUYS
PLEASE DO THE FOLLOWING SO WE CAN GET THE INFORMATION WE NEED FROM YOUR SYSTEM:
1. Please click on the link below to download hijackthis.exe.
http://www.trendsecure.com/portal/en...kthis/download
2. Click on “Download HijackThis Installer”
3. Choose 'save' when prompted and save it to your desktop.
4. You should see the file: hijackthis.exe (icon looks like a detective), Double click on hijackthis.exe. A window will appear.
5. Click on “Do a system scan and save a log file”
6. A txt file will appear, you can close all the windows.
7. On your desktop, a new file will appear “hijackthis.log” (looks like a notepad)
Attach hijackthis.log when you reply to this email.
I hope to receive a reply from you soon regarding this case. Thank you very much for your cooperation.
Have a great day!
Best Regards,
Rolfe Garcia
Consumer Support Team
TrendLabs HQ, Trend Micro Incorporated
next this is how we fixed it and the trouble files
This is Rolfe from Trend Micro Consumer Support.
Thank you very much for your response. I have received the HijackThis log that you have sent us and please allow me to continue assisting you in this case.
Before doing the steps below, kindly boot your computer up ins Safe Mode. To do that, please follow the instructions below.
Start Computer in Safemode
1. Turn off Computer
2. Turn it on and repeatedly tap F8 Until Windows Advanced Options Menu
3. Choose Safemode and hit Enter twice
4. Log on to your name and click Yes to start Safemode
Now in Safe Mode, please open Hijackthis again and run a SYSTEM SCAN
CHECK THE FOLLOWING ENTRIES:
************************************************** **************************
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Owner\AppData\Local\Temp\efcARlih.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Owner\AppData\Local\Temp\iifeeBUo.dll,c
************************************************** **************************
- Then click Fix Checked to remove these entries.
- Click OK if prompted.
- Restart computer
After your computer restarts, kindly run a full scan using your Trend Micro program.
If we have successfully helped you with all of your concerns, please reply to this e-mail so that we can close this case. Thank you and have a great day!
Best Regards,
Rolfe Garcia
Consumer Support Team
TrendLabs HQ, Trend Micro Incorporated
HOPE THIS HELPS GUYS
06-25-2008, 06:33 PM
#3
SEARCH
GOOGLE SEARCH IT THEN ON TREN MICROS WEBSITE - JUST TRYING TO HELP
06-25-2008, 06:33 PM
#4
Why would you even click on a link sent to you through PM from someone you do not know? Had you not clicked the link, you would not have had an issue in the first place. 
06-25-2008, 06:34 PM
#5
OOPS
TREND MICRO
06-25-2008, 06:37 PM
#6
IT WAS SENT
AS A YOUTUBE RC 200MPH VIDEO - that is irrelevant though - what is relevant is that there may be a lot of people that need help here
06-25-2008, 06:43 PM
#7
Hijack this a very, very common program that EVERYONE uses to asses viruses and trojans. Trust me, if you get a trojan or virus "hijack this" will be the first thing you need to look for and install. I know the name sounds crazy but its very good program.
06-25-2008, 07:24 PM
#8
If you opened the pm but didn't click on a movie are you ok???
06-25-2008, 07:25 PM
#9
Or AVG Free. Full free virus protection. You don't get all the bells and whistles however.
If anyone clicks on a supposed porn link in their PMs and gets a virus since they choose not to have any virus protection. My empathy for them is limited, while my cynicism is increased.
Rommel: You would have to click on the links in the PM to even get the chance to be exposed to them.
If anyone clicks on a supposed porn link in their PMs and gets a virus since they choose not to have any virus protection. My empathy for them is limited, while my cynicism is increased.
Rommel: You would have to click on the links in the PM to even get the chance to be exposed to them.
06-25-2008, 07:38 PM
#10
06-25-2008, 11:48 PM
#13
06-26-2008, 12:29 AM
#14
I have been in IT for 11 years and this little program helps you get tons of good info on how to get rid of the nasty viruses. Here is a link if you want to know more about hijack
http://forums.majorgeeks.com/showthread.php?t=38752
http://forums.majorgeeks.com/showthread.php?t=38752
06-26-2008, 11:02 AM
#15
I did a housecall scan and sorted it out.
Took a few tries but sorted.
Took a few tries but sorted.