Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Big Problem!!!!!  (Read 30254 times)

0 Members and 1 Guest are viewing this topic.

Ivy

  • Guest
Big Problem!!!!!
« on: October 13, 2007, 10:24:49 AM »
Hi,
I recently checked for windows updates and downloaded all the updates, when the download was complete i got the prompt to restart my computer , so i restarted my computer but the computer would not load windows , since my means of communication with CH is through my computer i was not able to ask for help here , so i called up my comp manufacturers and told him that i had downloaded windows updates and he told me that my OS or windows is not orignal  so the updates have messed up my windows, he said i will have to reformat , so i had to take my CPU to his office to get it reformatted ( my seventh reformat in 2 months ), so i had to pay him again !!!!!
Then after the reformat i was trying to install sify broadband , it gave me the message that my antivirus is not compatible with sify , so i had to uninstall AVG and install Trend micro from sify , but from that very day i have been getting these two warnings:
PAK_Generic001
PE_CORELINKC-O

It says unable to quarantine .
I ran spybot but it shows no immediate threats, i run ccleaners everyday, nothing is working .
I ran ewido scan it showed tracking cookies  which kept coming back after every scan.
I was thinking about removing trend micro but then  sify will say i need a antivirus and it wont allow anyother anti virus .
I know this is a very big problem , hopefully someone will be able to help .
Thanks in advance.

Im using windows xp pro .
Trend micro antivirus plus firewall.

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #1 on: October 13, 2007, 10:44:10 AM »
----
« Last Edit: April 11, 2008, 02:56:45 AM by Ivy »

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #2 on: October 13, 2007, 10:47:14 AM »
I'll take a look...

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #3 on: October 13, 2007, 10:51:39 AM »
Before I check your HJT log, I did some search, and
- PAK_Generic 001 - is listed at Trend as a trojan
- PE_CORELINKC-O - no info whatsoever, the only thing I found is this web site: pe_corelinkc-o[/b]/]http://www.lenoza.com/seo-test/pe_corelinkc-o/, but it's in Chinese, so I had "some" problems, reading it.

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #4 on: October 13, 2007, 10:59:05 AM »
Before I check your HJT log, I did some search, and
- PAK_Generic 001 - is listed at Trend as a trojan
- PE_CORELINKC-O - no info whatsoever
I Checked them myself through trend micro , it says malware/virus , threat low.
And im sorry i checked the name again for the secong entry , I had overlooked the dot , its not PE_CORELINKC-O, its PE_CORELINK.C-O
Im unable to delete or remove them , after every 2 minutes i get this warning !!
Thankyou .

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #5 on: October 13, 2007, 11:08:22 AM »
I see...
- PE_CORELINK.C-O, then is listed as a trojan, too...

Now, as for your HJT log, it's mostly clean, except for this questionable entry:

O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE5BF47-CF53-4A96-BDE5-A8E1A087AF8B}: NameServer = 202.144.13.50,202.144.66.6

This particular IPs (202.144.13.50,202.144.66.6) are listed as "Asia Pacific Network Information Centre". If this is NOT your ISP provider, nor it doesn't ring a bell, it has to be fixed...

Here we go:

1. Print this post out, since you won't have an access to it at some point.

2. Download, and install Spybot (if you don't have it) from here: http://www.safer-networking.org/en/download/index.html

3. Close all windows, except for HJT.

4. Put a checkmark next to following HJT entries:

O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE5BF47-CF53-4A96-BDE5-A8E1A087AF8B}: NameServer = 202.144.13.50,202.144.66.6

5. Click on "Fix It" button.

6. Restart your computer in Safe Mode (F8)

7. Run Spybot (click on updates, first), and fix whatever it asks you to fix.

8. Turn off System Restore.

9. Restart in Normal Mode.

10. Turn System Restore on.

11. Run HJT again, and post back its log back here.

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #6 on: October 13, 2007, 11:16:38 AM »




It is part of my IP settings.
Do i still need to go for the further steps?
« Last Edit: April 11, 2008, 02:55:21 AM by Ivy »

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #7 on: October 13, 2007, 11:33:22 AM »
In that case, no.

Quote
after every 2 minutes i get this warning
Are you getting these warnings pop-ups from Trend?

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #8 on: October 13, 2007, 11:35:41 AM »
Quote
after every 2 minutes i get this warning
Are you getting these warnings pop-ups from Trend?
Yes.

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #9 on: October 13, 2007, 11:47:38 AM »
As I said, your HJT log is clean, so I suspect, it may be false-positive from Trend.
I don't know anything about Trend AV, but it may be some setting, which will allow you to turn those particular warnings off.

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #10 on: October 13, 2007, 11:51:16 AM »
It is in my console log files.
It also shows tracking cookies on Ewido scan , shall i post the results here of Ewido here?

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #11 on: October 13, 2007, 11:59:12 AM »
Quote
It is in my console log files
But you said something about every 2 minutes pop-ups.

Quote
shall i post the results here of Ewido here?
No need, just get rid of them.

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #12 on: October 13, 2007, 12:06:34 PM »
Quote
It is in my console log files
But you said something about every 2 minutes pop-ups.
By every 2 minutes i mean , a window  (Office scan notification message) appears again and again and When i check the antivirus console , it shows them in the logs.

Quote
shall i post the results here of Ewido here?
No need, just get rid of them.
I said before that i try to delete them in ewido but they keep coming back in the next scan(when i scan again)
I ran ewido scan it showed tracking cookies  which kept coming back after every scan.
Thanks.

Ivy

  • Guest
Re: Big Problem!!!!!
« Reply #13 on: October 13, 2007, 12:26:27 PM »
My Trend Micro Office Scan is running and it shows 37 files infected already , the files are increasing everytime i get  the Office scan notification message, im running Ewido and it shows trojan etc , im waiting for the scan to finish.

Broni


    Mastermind
  • Kraków my love :)
  • Thanked: 614
    • Computer Help Forum
  • Computer: Specs
  • Experience: Experienced
  • OS: Windows 8
Re: Big Problem!!!!!
« Reply #14 on: October 13, 2007, 12:36:27 PM »
I'd like you to go to Kaspersky free online scan, just to see, if same things will show up:
http://www.kaspersky.com/virusscanner

As for tracking cookies, they DO show up, and it's never ending chase.
You may try some extra free tools like "Spyware Terminator", or "Advanced WindowsCare". When installed, they'll monitor your computer in real time against malwares (tracking cookies included), but even with those tools kept up to date, there will always new tracking cookies, which are not in database, yet.
You have to also realize, that tracking cookies are NOT any life threatening  things. Just very little bad guys. They don't have any impact on your computer performance.