Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I lost my internet connection


  • Please log in to reply
No replies to this topic

#1 BonbonRose

BonbonRose

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:16 PM

Posted 06 June 2011 - 12:34 PM

Hi all,

Though I have sality for a while now, my internet connection was still on. Now I can't log on to the internet any more. It all started when I got this email with this attachment. As soon as I downloaded and opened it, the computer was shut down and restarted with no internet.

I scaned my computer using Avira rescue CD and this is the report:
PS: After this scan I did a scan with my Avira antivirus to delete or at least quarantine them, but nothing was found. (apparently this's Sality playing with me <_<)

Anyway here's the report

Avira / Linux Version 1.9.152.0
Copyright © 2010 by Avira GmbH
All rights reserved.
engine set: 8.2.4.186
VDF Version: 7.11.4.235
Scan start time: Fri May 27 16:32:37 2011
configuration file: /etc/avira/scancl.conf
WARNING: [Error reading file] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/DGDiNNpY.7z.part


WARNING: [Unexpected end of file] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/q9y8rGkw.nth.part


WARNING: [The files in archive are multiple volume] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/14ezXmYh.rar.part


WARNING: [The files in archive are multiple volume] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/KzZHOMWj.rar.part


WARNING: [The files in archive are multiple volume] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/Yy2sNqmF.rar.part


WARNING: [Unexpected end of file] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/is-GRFL5.tmp/item3.ztmp


WARNING: [Error reading file] /media/Devices/hda1/Documents and Settings/aa/Local Settings/Temp/MDjqajAB.exe.part


WARNING: [Unexpected end of file] /media/Devices/hda1/Documents and Settings/aa/My Documents/ENGLISH IDIOMS QUEEN.docx


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa1.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa10.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa11.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa2.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa3.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa4.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa5.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa6.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa7.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa8.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa9.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar1.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar2.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar3.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/MicrosoftWindowsSecurityCenterAntiVirusOverride.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/SmitfraudCgp.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/WinAgentieu.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/WinFraudLoadedt.zip


WARNING: [Archive is invalid or corrupt] /media/Devices/hda1/Program Files/WinRAR/rarnew.dat


WARNING: [Unexpected end of file] /media/Devices/hda1/Program Files/FastStone Capture/uninst.exe


WARNING: [File is encrypted] /media/Devices/hda1/Program Files/JetAudio/jetUpdate.dat


WARNING: [Unsupported archive version] /media/Devices/hda1/Program Files/Common Files/DFX/Skins/Obsidian/Obsidian.exe


WARNING: [Unsupported archive version] /media/Devices/hda1/Program Files/Common Files/DFX/Skins/Obsidian_mini/Obsidian_mini.exe


WARNING: [Unsupported archive version] /media/Devices/hda1/Program Files/Common Files/DFX/Skins/SoundFX/SoundFX.exe


WARNING: [Error writing file] /media/Devices/hda1/WINDOWS/SoftwareDistribution/Download/fc3f02c23725a1702dd6e49c0664ea8b/BIT13.tmp


ALERT: [TR/Rootkit.Gen] /media/Devices/hda1/WINDOWS/system32/drivers/651D9.sys <<< Is the Trojan horse TR/Rootkit.Gen [renamed]


ALERT: [TR/Rootkit.Gen] /media/Devices/hda1/WINDOWS/system32/drivers/afd.sys <<< Is the Trojan horse TR/Rootkit.Gen [renamed]


WARNING: [Error opening file. (Input/output error)] /media/Devices/hda1/WINDOWS/system32/perfc009.dat


WARNING: [Error opening file. (Input/output error)] /media/Devices/hda1/WINDOWS/system32/perfh009.dat


WARNING: [Unsupported archive version] /media/Devices/hda5/Pictures/New Folder/New Folder (6)/screensaver_diving_en_setup.exe.part


WARNING: [All files in archive are encrypted] /media/Devices/hda5/My Work/Books/Why Men don't listen and Women can't read maps.rar


WARNING: [File is encrypted] /media/Devices/hda5/My Work/Books/The Art of Deception - NC.rar


WARNING: [Bad archive header] /media/Devices/hda5/My Work/Books/NON-FICTION/New Folder/CRAFTS/Beading/Beading with Herringbone Stitch (Beadwork series)/DJVU_installer.EXE


WARNING: [File is encrypted] /media/Devices/hda5/My Work/Books/NON-FICTION/New Folder/CRAFTS/Beading/Monoclonal_Antibodies-free-ebook-download.net.rar


WARNING: [File is encrypted] /media/Devices/hda5/My Work/Books/NON-FICTION/New Folder/SCIENTIFIC/www.linkra.com_oosbcd.rar


WARNING: [File is encrypted] /media/Devices/hda5/My Work/New Folder (2)/OXFORD AIO BY ONLYONE.exe


WARNING: [The files in archive are multiple volume] /media/Devices/hda5/New Folder (2)/tt1068680.avi.part1.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda5/New Folder (2)/tt1068680.avi.part2.rar


WARNING: [File is encrypted] /media/Devices/hda5/check/Variety/DwnlData/DwnlData/XPPRESP3/NewInTown2009_www_1848/NewInTown2009_www.fulloyunarsi


WARNING: [File is encrypted] /media/Devices/hda5/check/Variety/DwnlData/DwnlData/XPPRESP3/NewInTown2009_www_1852/NewInTown2009_www.fulloyunarsi


WARNING: [File is encrypted] /media/Devices/hda5/check/Variety/DwnlData/DwnlData/XPPRESP3/NewInTown2009_www_1853/NewInTown2009_www.fulloyunarsi


WARNING: [Unexpected end of file] /media/Devices/hda5/NCIS/mobail/themes/6233/Games & Applications/Trusted apps/Mobile Java Games Collection 2008/ChipsChallenge.jar


WARNING: [Unexpected end of file] /media/Devices/hda5/NCIS/mobail/games/6233 Games/New Folder (2)/Mobile Dictionary/MzIwL3N1bW1vYmlsZWRfY3dlaTE0d2kuamFyfDEyMDEwMjcyOTZ8


WARNING: [File is encrypted] /media/Devices/hda5/NCIS/mobail/programs/Nokia PC Suite/Nokia_PC_Suite_68_rel_20_ara_web.rar


WARNING: [Unexpected end of file] /media/Devices/hda5/NCIS/mobail/zedge games/app32514.jar


WARNING: [Unexpected end of file] /media/Devices/hda5/1 Harry Potter/Harry Potter and the Deathly Hallows/Harry_Potter_4A_720.wmv.zip.part


WARNING: [Unsupported archive version] /media/Devices/hda6/Ne0w Folder/New Folder (2)/m3jpegv3.exe


WARNING: [File is encrypted] /media/Devices/hda6/kg/New Folder/New Folder/noha/New Folder/Recover/AIODataRecovery/aiorecovery.exe


WARNING: [A malformed archive header was detected] /media/Devices/hda6/kg/New Folder/New Folder/noha/wagdi/Start Up Disks/???? xp/XPBOOT.ZIP --> xpboot.exe


WARNING: [A malformed archive header was detected] /media/Devices/hda6/kg/New Folder/New Folder/noha/wagdi/Start Up Disks/???? me/BOOTME.ZIP --> bootme.exe


WARNING: [A malformed archive header was detected] /media/Devices/hda6/kg/New Folder/New Folder/noha/wagdi/Start Up Disks/???? 98/BOOT98SE.ZIP --> boot98se.exe


WARNING: [File is encrypted] /media/Devices/hda6/DESKTOP/S40 Applications.YASH.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda6/Movies/Anastasia Movie/New Folder (3)/the.anastasia.mystery.the.true.story.ws.pdtv.xvid-remax.part1.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda6/Movies/Anastasia Movie/New Folder (3)/the.anastasia.mystery.the.true.story.ws.pdtv.xvid-remax.part2.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda6/Movies/Anastasia Movie/New Folder (3)/the.anastasia.mystery.the.true.story.ws.pdtv.xvid-remax.part3.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda6/Movies/Anastasia Movie/New Folder (3)/the.anastasia.mystery.the.true.story.ws.pdtv.xvid-remax.part4.rar


WARNING: [Bad compressed data] /media/Devices/hda7/1 pro/VobSub_2.23.exe


WARNING: [The files in archive are multiple volume] /media/Devices/hda7/z/New Folder (3)/_M_HC__Y__Bel__ong__T_M.part1.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda7/z/New Folder (3)/_M_HC__Y__Bel__ong__T_M.part2.rar


WARNING: [All files in archive are encrypted] /media/Devices/hda7/z/New F older/msob07rar.part1.rar


WARNING: [All files in archive are encrypted] /media/Devices/hda7/z/New F older/msob07rar.part2.rar


WARNING: [All files in archive are encrypted] /media/Devices/hda7/z/New F older/msob07rar.part3.rar


WARNING: [All files in archive are encrypted] /media/Devices/hda7/z/New F older/msob07rar.part4.rar


WARNING: [Error reading file] /media/Devices/hda8/Programs/7zip/7zip.File


WARNING: [Bad compressed data] /media/Devices/hda8/Programs/vip/Easy RealMedia Tools/ermp_fullV1.94.exe --> [ProgramFilesDir]/Easy RealMedia Tools/ac3filter_1_01a_rc5.exe


WARNING: [Bad compressed data] /media/Devices/hda8/Programs/vip/Easy RealMedia Tools/Easy RealMedia Tools/misc/ac3filter_1_01a_rc5.exe


WARNING: [Unsupported archive version] /media/Devices/hda8/Programs/jetAudio/Skin_Graphite.exe


WARNING: [Unsupported archive version] /media/Devices/hda8/Programs/jetAudio/Skin_Special_bar.exe


WARNING: [The files in archive are multiple volume] /media/Devices/hda8/tv shows/NCIS/NCIS.S01E03__warezhr.org__part1.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda8/tv shows/NCIS/NCIS.S01E03__warezhr.org__part2.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda8/tv shows/NCIS/NCIS.S01E04__warezhr.org__part1.rar


WARNING: [The files in archive are multiple volume] /media/Devices/hda8/tv shows/NCIS/NCIS.S01E04__warezhr.org__part2.rar


WARNING: [Max file size reached] /media/Devices/hda8/tv shows/Supernatural 4/SN.4x22.DMHD_by.tenzin.rar


WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (69316608) reached] /media/Devices/hda8/Cartoon/???????/??????? 2.rar


WARNING: [Max file size reached] /media/Devices/hda8/Cartoon/???????/??????? 2.rar


WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (69316608) reached] /media/Devices/hda8/Cartoon/???????/??????? 2.rar


WARNING: [Max file size reached] /media/Devices/hda8/Cartoon/???????/??????? 2.rar


WARNING: [Archive not completly scanned. Reason: maximum uncompressed size (69316608) reached] /media/Devices/hda8/Cartoon/???????/??????? 2.rar


WARNING: [Max file size reached] /media/Devices/hda8/Cartoon/???????/??????? 2.rar


WARNING: [File is encrypted] /media/Devices/hda8/Cartoon/?????/3.rar


WARNING: [File is encrypted] /media/Devices/hda8/Cartoon/?????/8.rar


WARNING: [File is encrypted] /media/Devices/hda8/Cartoon/?????/10.rar


WARNING: [File is encrypted] /media/Devices/hda8/Cartoon/?????/13.rar


WARNING: [Archive is invalid or corrupt] /media/Devices/hda8/laila/New WinRAR archive.rar


WARNING: [Max file size reached] /media/Devices/sr0/initrd.gz


Statistics :
Directories............... : 11416
Archives.................. : 1709
Files..................... : 246163
Infected.............. : 2
Renamed........... : 2
Warnings.............. : 93
Suspicious............ : 0
Infections................ : 2


I managed to locate the infected files but I don't know if I deleted them, the copmuter will crash or not. Sence I have Sality I plan on reformating my system but I didn't finish backing up so I'm afraid if I deleted those infected files, I wouldn't be able to finish backing up.

Thanks in advance

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users