Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My antivirus doesn't work


  • This topic is locked This topic is locked

#46
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,723 posts
Hi. :)

I am beginning to suspect the actual connectivity issue is not software related but rather hardware.

Can you inform myself please what type of connection is in use...IE is a Router in use and if so is it either Wired or Wireless for example and or are you just using a Modem connected directly to your machine?
  • 0

Advertisements


#47
BonbonRose

BonbonRose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Hi, :)

I don't think so my sister's laptop is working just fine, in terms of the internet. I only have a wired router.

I performed a scan using Avira Rescue CD, though it's not updated, hoping it would help..

Avira / Linux Version 1.9.152.0
Copyright © 2010 by Avira GmbH
All rights reserved.
engine set: 8.2.4.186
VDF Version: 7.11.4.235
Scan start time: Tue Jul 19 15:51:54 2011
configuration file: /etc/avira/scancl.conf
ALERT: [TR/Crypt.XPACK.Gen] /media/Devices/hda1/Documents and Settings/aa/Desktop/New Folder/ComboFix.exe <<< Is the Trojan horse TR/Crypt.XPACK.Gen [archive scan abort]


[renamed]
WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa1.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa10.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa11.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa2.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa3.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa4.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa5.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa6.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa7.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa8.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/Alexa9.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar1.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar2.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/AlexaToolbar3.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/MicrosoftWindowsSecurityCenterAntiVirusOverride.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/SmitfraudCgp.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/WinAgentieu.zip


WARNING: [File is encrypted] /media/Devices/hda1/Documents and Settings/All Users/Application Data/Spybot - Search & Destroy/Recovery/WinFraudLoadedt.zip


WARNING: [Archive is invalid or corrupt] /media/Devices/hda1/Program Files/WinRAR/rarnew.dat


WARNING: [Unexpected end of file] /media/Devices/hda1/Program Files/FastStone Capture/uninst.exe


WARNING: [File is encrypted] /media/Devices/hda1/Program Files/JetAudio/jetUpdate.dat


WARNING: [Unsupported archive version] /media/Devices/hda1/Program Files/Common Files/DFX/Skins/Obsidian/Obsidian.exe


WARNING: [Unsupported archive version] /media/Devices/hda1/Program Files/Common Files/DFX/Skins/Obsidian_mini/Obsidian_mini.exe


WARNING: [Unsupported archive version] /media/Devices/hda1/Program Files/Common Files/DFX/Skins/SoundFX/SoundFX.exe


ALERT: [TR/Crypt.XPACK.Gen] /media/Devices/hda1/System Volume Information/_restore{6CEE1A09-B74E-4FEA-B146-373275ED31C6}/RP1/A0000317.exe <<< Is the Trojan horse TR/Crypt.XPACK.Gen [archive scan abort]


[renamed]
ALERT: [TR/Crypt.XPACK.Gen] /media/Devices/hda1/System Volume Information/_restore{6CEE1A09-B74E-4FEA-B146-373275ED31C6}/RP4/A0003389.exe <<< Is the Trojan horse TR/Crypt.XPACK.Gen [archive scan abort]


[renamed]
ALERT: [TR/Crypt.XPACK.Gen] /media/Devices/hda1/System Volume Information/_restore{6CEE1A09-B74E-4FEA-B146-373275ED31C6}/RP7/A0005552.exe <<< Is the Trojan horse TR/Crypt.XPACK.Gen [archive scan abort]


[renamed]
WARNING: [Error writing file] /media/Devices/hda1/WINDOWS/SoftwareDistribution/Download/fc3f02c23725a1702dd6e49c0664ea8b/BIT13.tmp


WARNING: [Error opening file. (Input/output error)] /media/Devices/hda1/WINDOWS/system32/perfc009.dat


WARNING: [Error opening file. (Input/output error)] /media/Devices/hda1/WINDOWS/system32/perfh009.dat


WARNING: [File is encrypted] /media/Devices/hda5/_FINISHED/New Folder (2))/OXFORD AIO BY ONLYONE.exe


WARNING: [Unsupported archive version] /media/Devices/hda5/_FINISHED/New Folder (6)/screensaver_diving_en_setup.exe.part


WARNING: [Unexpected end of file] /media/Devices/hda5/_FINISHED/1 Harry Potter/_FINISHED/Harry Potter and the Deathly Hallows/Harry_Potter_4A_720.wmv.zip.part


WARNING: [Unexpected end of file] /media/Devices/hda5/_FINISHED/MzIwL3N1bW1vYmlsZWRfY3dlaTE0d2kuamFyfDEyMDEwMjcyOTZ8


WARNING: [Unsupported archive version] /media/Devices/hda6/_FINISHED/m3jpegv3.exe


WARNING: [Bad compressed data] /media/Devices/hda7/_FINISHED/VobSub_2.23.exe


WARNING: [Error reading file] /media/Devices/hda8/_FINISHED/Programs/_FINISHED/7zip/7zip.File


WARNING: [Unsupported archive version] /media/Devices/hda8/_FINISHED/Programs/_FINISHED/jetAudio/Skin_Graphite.exe


WARNING: [Unsupported archive version] /media/Devices/hda8/_FINISHED/Programs/_FINISHED/jetAudio/Skin_Special_bar.exe


WARNING: [Bad compressed data] /media/Devices/hda8/_FINISHED/Programs/_FINISHED/Easy RealMedia Tools/ermp_fullV1.94.exe --> [ProgramFilesDir]/Easy RealMedia Tools/ac3filter_1_01a_rc5.exe


WARNING: [Bad compressed data] /media/Devices/hda8/_FINISHED/Programs/_FINISHED/Easy RealMedia Tools/Easy RealMedia Tools/misc/ac3filter_1_01a_rc5.exe


WARNING: [Max file size reached] /media/Devices/sr0/initrd.gz


Statistics :
Directories............... : 9923
Archives.................. : 1425
Files..................... : 270670
Infected.............. : 4
Renamed........... : 4
Warnings.............. : 41
Suspicious............ : 0
Infections................ : 4


  • 0

#48
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,723 posts
Hi. :)

OK physically check the connections as in the cables are fully sited and if no change try a different eithernet cable also.

Next:

Download AVPTool from here and transfer to the desktop of your machine.

Run the programme you have just downloaded/transferred to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#49
BonbonRose

BonbonRose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Hi, :)

I did both scans, but the file size was too big to be attached. So I uploaded them to a diffrent site, here they are.
There were 6 incurable files, so I deleted them. As for what you said here..

Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip


I don't have this address.. this part "\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip" is not there. It's just C:\Users\your name\Desktop\setup_9.0.0.722_05.01.2011_20-34.exe\
  • 0

#50
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,723 posts
Hi. :)

It appears the file you uploaded is set to private, so I am unable to download it. You could send it to a Zip file then try and attach it in this topic in your next reply.

The other thing you mentioned, not to worry as it appears AVP has recently been updated and works slightly differently.

Anyway has your Internet connection been restored or not?
  • 0

#51
BonbonRose

BonbonRose

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Hi, :unsure:

Does it show now? Here.. The file size isn't small enough to be attached here.

No, I'm still disconnected :)
  • 0

#52
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,723 posts
Hi. :)

I strongly advise you remove the following from your backups, apart from being unethical, the use of such may be one of the reasons your machine became so badly infected in the first place.

J:\BACKUPS\Bookmarks\IE Favorites\Noha\Warez-bb.txt

Technically I am within my rights per this forums Terms of use, to withdraw my assistance but since it denotes a book mark I will relent in this instance. However if in the future you seek assistance again and it comes to light you kept the book mark/actively been using warez you will be declined any form of support from this forum.

OK I think we have gone as far as we can and the results of the AVP scan are favourable. Malware has basically made such a mess with regards to the connectivity issue I doubt I would be now able to rectify the situation and now is the time to perform the reformat and reinstallation of the Windows Operating System.
  • 0

#53
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,723 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP