Kerespup's problems thread

Hello, it's me again... to stop me from posting several topics for my problems, I'll just stick to this one new topic for all my problems from now and on the future.

February 24 2007:

I seem to have acquired a virus or malware or whatever again. My Trend Micro PC-Cillin keeps on showing something about MS04-011, and that it has been blocked and what-so-ever.

Image:http://i12.photobucket.com/albums/a210/kerespup/ss.jpg

=========================================
Also, aside from that, I cannot seem to open my Windows Firewall anymore, and no, I don't have any other firewall so it must be the virus...

Screenshot:http://i12.photobucket.com/albums/a210/kerespup/ss1.jpg
=========================================

Another problem is that whenever I copy, paste, rename or do something likewise, Roxio appears and does something weird:

Screenshot:http://i12.photobucket.com/albums/a210/kerespup/ss2.jpg

=========================================

Here I will now post my HJT and AVG logs just as anyone would request me to do.

MS04-011 is a Microsoft security bulletin. If you go to www.microsoft.com you will perhaps get the info you need from their knowledge base.

Somehow I'm having a small problem. My browser won't seem to open any sites except specific ones...

Your HJT log is clean.

The reason you can`t get Windows firewall to work, is because you already have Trend`s firewall running, which is a hell of a lot better than the Windows firewall, so don`t worry about that.

As far as your copy and paste issue with Roxio goes, uninstall and reinstall Roxio and see if that helps.

Run Windows updates and install any security updates.

Regards Howard

This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Somehow I have doubts in my Trend... it never defended my computer from anything before...

How about the sasser problem?

And the sudden "can't open" some sites like microsoft. So far this is the only site I can open.

This is taken from your HJT log. It quite clearly shows you are running the Trend firewall. This will have automatically disabled the Windows firewall, as it`s designed to do. It`s not recommended to run more than one firewall at the same time, so forget about the the crap Windows firewall and continue to run the Trend firewall.

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

The clue is in the filename TmPfw.exe=Trend micro personal firewall.

As regards your lsass problem, not to be confused with the sasser virus. Do like I said and run Windows updates and install all security patches.

Regards Howard

Something new:

I have this thing in O17 and it never disappears no matter how much I fix it. How do I fix it for good Mr. Hopkins?

This is the info on that 017 entry, do you recognise it?

210.14.16.2
address: Philippine Long Distance Telephone Company
address: 14/F Ramon Cojuangco Building
address: Makati Avenue, Makati City 1200, Philippines
address: PLDT Co.
address: 3/F MGO Bldg., Legaspi cor. Dela Rosa Sts., Makati City 1229
address: PLDT Co., 3/F MGO Bldg., Legaspi cor Dela Rosa Sts., Makati City
address: PLDT Co., 3/F MGO Bldg., Legaspi cor. Dela Rosa Sts., Makati City
address: PLDT Co., 3/F MGO Bldg., Legaspi cor Dela Rosa Sts, Makati City 1229
address: PLDT Co., 3/F MGO Bldg., Legaspi cor Dela Rosa Sts., Makati City

If you don`t recognise the above, do the following.

Download AproposFix from the following link -> http://swandog46.geekstogo.com/aproposfix.exe
Save it to your desktop, but do NOT run it yet.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.


Doubleclick the aproposfix.exe and unzip it to the desktop.

Open the AproposFix folder on your desktop and doubleclick the file RunThis.bat.Follow the instuctions.

When it is ready, restart your computer normally.

Post a fresh HJT log.

Regards Howard

This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Oh... so it's from the Phone Company...

Now I have an even bigger problem...

EVER SINCE I UNINSTALLED THAT DAMN ROXIO PROGRAM, MY WINDOWS WON'T START ANYMORE!!!! DAAAAMMIT!!!! AND I HAVE TO FINISH SOMETHING IMPORTANT ON MY COMPUTER RIGHT NOW OR IT'S MY JOB!!!! >.<

THE WHOLE THING GOES TO THAT PART WHERE IT LET'S ME CHOOSE BETWEEN SAFEMODE OR NORMAL, THEN WHATEVER I CHOOSE IT WON'T LOAD AT ALL.

IF I CHOOSE THE SAFEMODE, THOSE FILES APPEAR AND THEN AFTER A WHILE, CLINK! NOTHING!

IF I CHOOSE NORMAL MODE, MY LOADING SCREEN APPEARS AND THEN AFTER THAT, CLINK! NOTHING!!!

I'M SERIOUSLY GONNA GO MAD AROUND THE HOUSE IF I CAN'T FIX THIS BY TODAY! X_X

That`s not good.

Try doing a Windows repair as per this thread HERE.

Regards Howard

One question, if I do the windows repair, do I lose all my files?

And... hmm... get the windows CD huh?... 3 day boat ride from here...

..........

Time to sacrifice family to the Computer God by burning them on the stake.

Anyways, back to my first question...

If I do windows repair... does that delete everything?

All you`ll lose by doing a Windows repair, is any Windows updates you`ve done since installing Windows. In other words, you`ll need to run windows updates again after you`ve finished. Obviously, as with any major undertaking, backing up your important data is a sensible precaution to take. However, since you can`t get into Windows, I realise this may be difficult or impossible.

Regards Howard

Oh thank you for the advice Mr. Hopkins.

tweaks_sav from in another topic I posted helped me out :3 It actually was coz of my CD Rom since it still had Roxio in its mind... x.x

:3 Thanks too for all the help you've done for me so far :3

XD *has a list of 1000 things to fix*

Waaaaaa!!!

My problem just got EXTREMELY bigger!

Because of my neighbors' welding hobbies, they ended up flactuating the electricity and made my computer's power supply break ;__; what's more is that my uncle says it affected the hard drive a bit...

Does this mean that all my files disappear??!?

NOOOOOOOOOOOOOO!!!!

I sincerely hope you haven`t lost your data.

You need to open a new thread for this problem in the appropriate forum.

Good luck.

Regards Howard

Okay, well, our files didn't go missing, but now I'm experiencing low speed and the like. Here's my HJT log.

Your HJT log is clean.

Go and read this thread HERE and see if it helps.

If it doesn`t, please open a new thread in our Windows OS forum.

Regards Howard

This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

:/ I don't know if this is a problem or not... but....

I'm starting to have this problem wherein I can't seem to go to other sites but this one...

Can't seem to access certain sites like Google and such.

You best post a fresh HJT log as per these instructions.

Regards Howard

This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Ummm, the previous thing was a problem with the ISP

but ummm... just to ask, where do I ask for some files to be scanned?

I received this file from my "friend" who claims to have made this AntiSpyWare program.

I just want someone to scan it for me, to be on the safe side.

KeanFlow.AntiSpy_Dragon_pack_trial by DragonCombat

*swt* The name already has me confused.