R/C Tech Forums

Go Back   R/C Tech Forums > General Forums > Electric On-Road

Reply
 
Thread Tools Search this Thread
Old 06-25-2008, 07:29 PM   #1
Tech Regular
 
jason douget's Avatar
 
Join Date: Mar 2008
Posts: 351
Trader Rating: 15 (100%+)
Default FIX FOR VIRUS SENT THROUGH PM'S

ok guys - bear with me here - just fixed my pc with the help of trend micro - i love those guys - here is what you need to do to fix this - if you are infected it will get worse - your desktop will dissappear - you will have to boot up in safe mode - here is the way to fix it - this is the first email sent to me to fix it - read this all the way through first - step two is lower
PLEASE DO THE FOLLOWING SO WE CAN GET THE INFORMATION WE NEED FROM YOUR SYSTEM:

1. Please click on the link below to download hijackthis.exe.

http://www.trendsecure.com/portal/en...kthis/download

2. Click on “Download HijackThis Installer”
3. Choose 'save' when prompted and save it to your desktop.
4. You should see the file: hijackthis.exe (icon looks like a detective), Double click on hijackthis.exe. A window will appear.
5. Click on “Do a system scan and save a log file”
6. A txt file will appear, you can close all the windows.
7. On your desktop, a new file will appear “hijackthis.log” (looks like a notepad)

Attach hijackthis.log when you reply to this email.

I hope to receive a reply from you soon regarding this case. Thank you very much for your cooperation.
Have a great day!


Best Regards,


Rolfe Garcia
Consumer Support Team
TrendLabs HQ, Trend Micro Incorporated

next this is how we fixed it and the trouble files

This is Rolfe from Trend Micro Consumer Support.


Thank you very much for your response. I have received the HijackThis log that you have sent us and please allow me to continue assisting you in this case.

Before doing the steps below, kindly boot your computer up ins Safe Mode. To do that, please follow the instructions below.

Start Computer in Safemode
1. Turn off Computer
2. Turn it on and repeatedly tap F8 Until Windows Advanced Options Menu
3. Choose Safemode and hit Enter twice
4. Log on to your name and click Yes to start Safemode


Now in Safe Mode, please open Hijackthis again and run a SYSTEM SCAN

CHECK THE FOLLOWING ENTRIES:
************************************************** **************************
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe

O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Owner\AppData\Local\Temp\efcARlih.dll,#1

O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Owner\AppData\Local\Temp\iifeeBUo.dll,c
************************************************** **************************

- Then click Fix Checked to remove these entries.
- Click OK if prompted.
- Restart computer

After your computer restarts, kindly run a full scan using your Trend Micro program.

If we have successfully helped you with all of your concerns, please reply to this e-mail so that we can close this case. Thank you and have a great day!



Best Regards,


Rolfe Garcia
Consumer Support Team
TrendLabs HQ, Trend Micro Incorporated


HOPE THIS HELPS GUYS
__________________
Ofna sc10-Ft sc10
Team Tekin
Kyosho MP9 TKI tekno rc v4 e conversion
Xray T3
www.irongate-security.com
jason douget is offline   Reply With Quote
Old 06-25-2008, 07:32 PM   #2
Tech Champion
 
abailey21's Avatar
R/C Tech Elite Subscriber
 
Join Date: Aug 2007
Location: SoCal
Posts: 5,224
Trader Rating: 36 (100%+)
Default

I think I'll not download anything with the word hijack in it, sounds just as sketchy as opening up random PM's
__________________
K.C.C.O.
abailey21 is offline   Reply With Quote
Old 06-25-2008, 07:33 PM   #3
Tech Regular
 
jason douget's Avatar
 
Join Date: Mar 2008
Posts: 351
Trader Rating: 15 (100%+)
Default SEARCH

GOOGLE SEARCH IT THEN ON TREN MICROS WEBSITE - JUST TRYING TO HELP
__________________
Ofna sc10-Ft sc10
Team Tekin
Kyosho MP9 TKI tekno rc v4 e conversion
Xray T3
www.irongate-security.com
jason douget is offline   Reply With Quote
Old 06-25-2008, 07:33 PM   #4
Tech Elite
 
Yeti35's Avatar
 
Join Date: Sep 2004
Location: SL, UT
Posts: 2,804
Trader Rating: 5 (100%+)
Default

Why would you even click on a link sent to you through PM from someone you do not know? Had you not clicked the link, you would not have had an issue in the first place.
__________________
JRXS Type R, I have four of them!! ;) ( Yes, I still have them!!)And racing one of them again!!
22 3.0SR
22T 2.0 w/ Exotech chassis
Yeti35 is offline   Reply With Quote
Old 06-25-2008, 07:34 PM   #5
Tech Regular
 
jason douget's Avatar
 
Join Date: Mar 2008
Posts: 351
Trader Rating: 15 (100%+)
Default OOPS

TREND MICRO
__________________
Ofna sc10-Ft sc10
Team Tekin
Kyosho MP9 TKI tekno rc v4 e conversion
Xray T3
www.irongate-security.com
jason douget is offline   Reply With Quote
Old 06-25-2008, 07:37 PM   #6
Tech Regular
 
jason douget's Avatar
 
Join Date: Mar 2008
Posts: 351
Trader Rating: 15 (100%+)
Thumbs up IT WAS SENT

AS A YOUTUBE RC 200MPH VIDEO - that is irrelevant though - what is relevant is that there may be a lot of people that need help here
__________________
Ofna sc10-Ft sc10
Team Tekin
Kyosho MP9 TKI tekno rc v4 e conversion
Xray T3
www.irongate-security.com
jason douget is offline   Reply With Quote
Old 06-25-2008, 07:43 PM   #7
Tech Master
 
jla8874's Avatar
 
Join Date: Jan 2007
Posts: 1,042
Trader Rating: 23 (100%+)
Default

Hijack this a very, very common program that EVERYONE uses to asses viruses and trojans. Trust me, if you get a trojan or virus "hijack this" will be the first thing you need to look for and install. I know the name sounds crazy but its very good program.
jla8874 is offline   Reply With Quote
Old 06-25-2008, 08:24 PM   #8
Tech Regular
 
Rommel's Avatar
R/C Tech Elite Subscriber
 
Join Date: Jun 2007
Posts: 305
Trader Rating: 3 (100%+)
Default

If you opened the pm but didn't click on a movie are you ok???
Rommel is offline   Reply With Quote
Old 06-25-2008, 08:25 PM   #9
Tech Champion
 
oXYnary's Avatar
 
Join Date: Dec 2003
Posts: 6,301
Trader Rating: 4 (100%+)
Send a message via AIM to oXYnary Send a message via Yahoo to oXYnary
Default

Or AVG Free. Full free virus protection. You don't get all the bells and whistles however.

If anyone clicks on a supposed porn link in their PMs and gets a virus since they choose not to have any virus protection. My empathy for them is limited, while my cynicism is increased.

Rommel: You would have to click on the links in the PM to even get the chance to be exposed to them.
__________________
www.3drcracing.com <<RC Video Game.
Kyosho Mini-Z Buggy, Moto Racer | Losi Micro SCT, 8ight Mini
oXYnary is offline   Reply With Quote
Old 06-25-2008, 08:38 PM   #10
Tech Regular
 
Rommel's Avatar
R/C Tech Elite Subscriber
 
Join Date: Jun 2007
Posts: 305
Trader Rating: 3 (100%+)
Default

Quote:
Originally Posted by oXYnary View Post
Rommel: You would have to click on the links in the PM to even get the chance to be exposed to them.
Rommel is offline   Reply With Quote
Old 06-25-2008, 09:01 PM   #11
Tech Elite
 
RCSteve93's Avatar
 
Join Date: Dec 2005
Location: Long Island, New York
Posts: 4,601
Trader Rating: 11 (100%+)
Default

Quote:
Originally Posted by oXYnary View Post
If anyone clicks on a supposed porn link in their PMs and gets a virus since they choose not to have any virus protection. My empathy for them is limited, while my cynicism is increased.
Who needs virus protection when you have Linux. I opened the PM... computer didn't even skip a beat. I checked the file system and all my folders and all that good stuff and nothing.
__________________
rm -rf /windows
RCSteve93 is offline   Reply With Quote
Old 06-25-2008, 09:37 PM   #12
Tech Champion
 
Join Date: Oct 2005
Location: Cincinnati, OH
Posts: 5,360
Trader Rating: 38 (100%+)
Default

Quote:
Originally Posted by RCSteve93 View Post
Who needs virus protection when you have Linux. I opened the PM... computer didn't even skip a beat. I checked the file system and all my folders and all that good stuff and nothing.
Its how you surf not the platform that causes you to get virus's. Ive ran without virus protection on Windows for 15 years without problem.
or8ital is offline   Reply With Quote
Old 06-26-2008, 12:48 AM   #13
Tech Fanatic
 
Join Date: Jun 2007
Posts: 947
Trader Rating: 1 (100%+)
Default

Quote:
Originally Posted by RCSteve93 View Post
Who needs virus protection when you have Linux. I opened the PM... computer didn't even skip a beat. I checked the file system and all my folders and all that good stuff and nothing.
Those days are numbered, I'm afraid.
Sabin is offline   Reply With Quote
Old 06-26-2008, 01:29 AM   #14
Tech Master
 
espresso1967's Avatar
 
Join Date: Mar 2008
Location: Los Angeles
Posts: 1,102
Trader Rating: 18 (100%+)
Default

I have been in IT for 11 years and this little program helps you get tons of good info on how to get rid of the nasty viruses. Here is a link if you want to know more about hijack

http://forums.majorgeeks.com/showthread.php?t=38752

Quote:
Originally Posted by abailey21 View Post
I think I'll not download anything with the word hijack in it, sounds just as sketchy as opening up random PM's
__________________
www.cityofangelstshirts.com
espresso1967 is offline   Reply With Quote
Old 06-26-2008, 12:02 PM   #15
Tech Elite
 
razzor's Avatar
 
Join Date: Aug 2005
Location: Durban, South Africa
Posts: 2,810
Default

I did a housecall scan and sorted it out.
Took a few tries but sorted.
__________________
Casterracing ZX1.5R
casterracing EX-1 Pro, SP Silver Arrow
TOP Racing Scythe, SP 17.5, SP GT Pro 2.0
TOP Racing Scythe, SP 4.5 V2, Hobbywing Xerun 120SD 2.0
TOP Racing Scythe, SP 13.5, Hobbywing Xerun 120SD 2.0
razzor is offline   Reply With Quote
Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virus alert on RCTECH.... Private Message with virus billneu Minnesota and North/South Dakota Racing 0 06-25-2008 09:46 PM
Problem with Pm's xsxracing R/C Tech Site Forum 6 01-19-2008 10:36 PM
Spam in PM's now? Ashley Cobb R/C Tech Site Forum 0 01-01-2008 07:15 PM
PM's Paul_TC4 Rookie Zone 5 03-09-2005 07:16 PM



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -7. It is currently 09:50 PM.


We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.
Powered By: vBulletin v3.9.2.1
Privacy Policy | Terms of Use | Advertise Content © 2001-2011 RCTech.net