[Zabra]

Just ran a system anti virus check .
I use AVAST v6.0.1289

And it has gone and listed more than a 100 files as Win32. Sality threat ...
Almost all the files are .exe files without which their respective applications wont run ..
Avast is only allowing me to either move thees files to the virus chest or delete them..
But that would make all the major applications on my computer redundant ..

Please help .. Is this a real threat should I be worried ..??

Is there any alternative to deletion ... Cant I just somehow delete the specific virus files that's infecting them ...???


:wacko::wacko:

[Zabra]

Heres what you do man close out of avast and scan with a differnt anti virus to make sure avast isnt just going buggy.

Like maybe even a couple more than just 1 anti virus.

Ya..
I'll do that this evening....




But am really surprised ...
No one .. I mean No one around HC has any idea abt the Sality virus ... !!!

[Zabra]

That virus is a nightmare. Had it on my old computer and infected most of the files including system files. I would recommend a complete format without taking any backup. I know it will be hard, but its the best solution as far as I know.

Or install new os in some other partition login to the new windows and remove the infected file, without executing any programs on old partition (this might not work if autoruns are already created by it)

Aah... formatting is almost a sin for me...

Does it work in LInux too ..??
I mean maybe if it was specifically designed for windows I could try getting rid of it through LInux when its in its dormant state ...

and what are its genrl effects on the system .. 'coz so far there aint no perceptible changes ..
I mean what if I ignore it..???

[Jacob]

uac = user account control or something, windows xp has it, but its rarely used



uhmmm, sounds like a virus that is a relation to "virut" if you dont know about virut then you need to read this
http://www.microsoft.com/security/portal...2fvirut.bm

or in short, it fucks you hard.

Its rare you can find a way to remove it, but here is what i recommend. Do a system restore(doesnt mean type into cmd "%systemroot%/..../rstrui.exe") it means, put in an operating system disk (obviously yours) and DONT reformat your partition, just rewrite the files (this fixes all system files without losing "mydocuments and other saved data") then, as soon as you can(preferably with flash drive) install microsoft security essentials from here:

http://www.microsoft.com/en-us/security_...fault.aspx

Then install, and do a system scan, FULL. After it is done, it may or may not find infected files, do the preferred action on all, this should be "disinfect". MSSE is the only AV ive ever found to be able to disinfect Virut type trojans. Also, after this, you should also scan ALL flash drive, or portable storage devices that have been connected to your pc, dont execute ANY files that are stored on them, or else....youll get infected again.


how do i know all this?

had virut and its brothers about 4 times now -.-

[1234hotmaster]

sality is a nightmare as sage said. i once also had it. it will bind itself to every .exe ... NOD32 can fix that.

WARNING: this virus will delete 80% of your USB files once plugged and replace them with .lnk files which lead to opening the virus installed on the USB

[Zabra]

uac = user account control or something, windows xp has it, but its rarely used



uhmmm, sounds like a virus that is a relation to "virut" if you dont know about virut then you need to read this
http://www.microsoft.com/security/portal...2fvirut.bm

or in short, it fucks you hard.

Its rare you can find a way to remove it, but here is what i recommend. Do a system restore(doesnt mean type into cmd "%systemroot%/..../rstrui.exe") it means, put in an operating system disk (obviously yours) and DONT reformat your partition, just rewrite the files (this fixes all system files without losing "mydocuments and other saved data") then, as soon as you can(preferably with flash drive) install microsoft security essentials from here:

http://www.microsoft.com/en-us/security_...fault.aspx

Then install, and do a system scan, FULL. After it is done, it may or may not find infected files, do the preferred action on all, this should be "disinfect". MSSE is the only AV ive ever found to be able to disinfect Virut type trojans. Also, after this, you should also scan ALL flash drive, or portable storage devices that have been connected to your pc, dont execute ANY files that are stored on them, or else....youll get infected again.


how do i know all this?

had virut and its brothers about 4 times now -.-

Ya .. Thanks ..

Fortunately MY UAC was turned on .. so the virus has not spread to the system exe files ...
So actually No point in restoring ..

What I was looking for was a way to salvage the infected exe files .... purging the virus from them ..?/

I came across a software named Sality Killer by Symantec .. Havnt tried it out .. Does any body have any idea about it ... ??

---

sality is a nightmare as sage said. i once also had it. it will bind itself to every .exe ... NOD32 can fix that.

WARNING: this virus will delete 80% of your USB files once plugged and replace them with .lnk files which lead to opening the virus installed on the USB

You say NOD32 can "fix that"
can you please paraphrase ... Does it remove the virus from the exe files ..?
or does it identify the infected file .. try to do something with them and then delete them...:wacko: [Thats what AVAST does :headbash: ..]

[kamikaze_kid]

i hate this virus!!! i need to format my laptop when i got this virus...

[Zabra]

i hate this virus!!! i need to format my laptop when i got this virus...

Got rid of the Virus ..
Gonna write a detailed TuT for all the mis informed people whose best advice was to format my drives !

---

Here check this out ! :
http://www.hackcommunity.com/Thread-Win3...nd-Removal

[1234hotmaster]

i meant nod32 can clean binded .exe's =]

anyways glad you solved it.

[Jacob]

try salty killer, but microsoft security essentials has all that built it. it cna disinfect infected executables.