Esato
News Forum Phones Photos Reviews Themes Wallpapers

Forum > General discussions > Non mobile discussion > Has anyone heard about this virus?

Author Has anyone heard about this virus?
sunils120
W705 Red
Joined: Nov 08, 2006
Posts: 480
From: India
PM
Posted: 2008-05-29 10:59
Reply with quoteEdit/Delete This PostPrint this post
Guys my pc is infected with "Virus.Win32.Sality.q" through a usb flash drive.
I am currently using an updated copy of Kaspersky AV and it can only detect it and doesn't disinfect it. My task manager and registry editor is disabled! Can anybody help? ITS URGENT.
i my k700i and 810i
Cycovision
P990
Joined: Nov 30, 2003
Posts: > 500
From: England
PM, WWW
Posted: 2008-05-29 11:06
Reply with quoteEdit/Delete This PostPrint this post
There are manual removal instructions and an automatic removal tool here:

http://www.2-spyware.com/remove-sality.html

It used to work a few months ago so hopefully it still does now.

Good luck!
+7, -0 A-Z of Trusted Traders
kenoby
P1
Joined: Dec 17, 2007
Posts: 407
From: 404
PM
Posted: 2008-05-29 11:11
Reply with quoteEdit/Delete This PostPrint this post
You should try booting in the safe mode by pressing F8 when BIOS ends and before boot sequence starts. Scan your drive with KAV, it should have a cli scan available.

Here is some more info:
http://www.york.ac.uk/services/cserv/security/spyware.html

and very good instructions are here
_________________
P1i - K850i

[ This Message was edited by: kenoby on 2008-05-29 10:19 ]

[ This Message was edited by: kenoby on 2008-05-29 10:23 ]
ronkx
W910 Red
Joined: May 05, 2008
Posts: 48
PM
Posted: 2008-05-29 12:02
Reply with quoteEdit/Delete This PostPrint this post
try using hijack this and scan then find the file in there then slect then fix. restart and try if it is still there.
sunils120
W705 Red
Joined: Nov 08, 2006
Posts: 480
From: India
PM
Posted: 2008-05-29 17:51
Reply with quoteEdit/Delete This PostPrint this post
thanks for the replies guys but it has disabled msconfig,task manager and regisrty editor. i have no option other than formatting the hard drive.
i my k700i and 810i
kenoby
P1
Joined: Dec 17, 2007
Posts: 407
From: 404
PM
Posted: 2008-05-29 17:57
Reply with quoteEdit/Delete This PostPrint this post
Did you reboot in the safe mode?

Anyway, there is more work on it than if you just reformat. It is an XP, I guess. Disable the Autorun option on the fresh install...
And scan before you enter any portable drive. I am surprised your AV didn't react the moment virus was read..



[ This Message was edited by: kenoby on 2008-05-29 17:03 ]
Cycovision
P990
Joined: Nov 30, 2003
Posts: > 500
From: England
PM, WWW
Posted: 2008-05-29 18:00
Reply with quoteEdit/Delete This PostPrint this post
Hijack this should work too, as ronkx suggested?

[ This Message was edited by: Cycovision on 2008-05-29 17:02 ]
arien617
W810 black
Joined: Feb 01, 2006
Posts: > 500
PM
Posted: 2008-05-29 18:51
Reply with quoteEdit/Delete This PostPrint this post
May I ask where you got this flash drive from in the first place?
Access the forum with a mobile phone via esato.mobi
Archive
Sitemap | Contact | About