1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Win32/Sality

Discussion in 'Networking & Security' started by Bokteelo, Mar 13, 2009.

  1. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    I've been infected with this for a while now, and can't get rid of it... I know of a method where I have to take my hard drive out, put it on a another system with Kaspersky, and rid myself of the virus; but is there an easier way?

    Update: The symptoms of this virus are: Locked registry, task manager, and something else I forgot. I've used a tool to unlock my task manager for about 5 seconds allowing me access the task manager and leave it open. I've noticed that if left unchecked, my computer would have multiple .exe's running with the names "win[random letters here].exe" in them. The amount of .exe's reached over 260 at one point, causing me heavy computer lag.

    I cannot visit certain websites, an example would be Kaspersky's website nor can I install antivirus software downloaded.
     
    Last edited: Mar 16, 2009
  2. francis511

    francis511

    Joined:
    Oct 16, 2006
    Messages:
    2,547 (0.85/day)
    Thanks Received:
    271
    Location:
    N.Ireland
    Have you tried googling it ?
     
  3. 95Viper

    95Viper

    Joined:
    Oct 12, 2008
    Messages:
    4,450 (1.97/day)
    Thanks Received:
    1,627
    Location:
    στο άλφα έως ωμέγα
  4. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    No sorry, I just decided to post here without looking up any background information and/or possible solutions in the 2 months that I've been infected so that people like you could get a free post count increase.

    Viper, I've tried both methods, not only that but I've tried Combofix with custom written scripts by the wonderful volunteers of TechSupportForum as well. I have a recovery kit from HP, but I would like to see if there are any possible ways of cleaning my PC without turning my hard drive to 0's.

    Edit: Updating post #1.
     
  5. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    do you have another harddrive, if so make the other one your primary boot up into safe mode have the infected one as a slave, and remove it with kaspery
     
    Kantastic says thanks.
  6. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    This is a similar method to what I mentioned in my first post, removing the virus with Kaspersky so long as I have another hard drive. It's a little bit too advanced for me, seeing as I've yet to even put together a computer.
     
  7. sneekypeet

    sneekypeet Unpaid Babysitter Staff Member

    Joined:
    Apr 12, 2006
    Messages:
    21,709 (6.84/day)
    Thanks Received:
    6,227
    Do you have a second PC to do this on? Does it have kaspersky on it already?
    It really isnt that tough of an opperation to do. Im sure we could talk you through it.
     
    Kantastic says thanks.
  8. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    oh, its not really complicated...well, i guess it could be, um....just reformatt, or boot up in safe mode, go into program files, kaspery folder, open up there scanner manually and run a scan and remove it in safe mode, make sure to unplug your ethernet cable, run it again, then again, reboot back into normal mode keep ethernet unplugged and then run scan again, plug in your cable run scan again, make sure to enable deep scan in kaspery in under settings in the full scan area
     
    Kantastic says thanks.
  9. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    I have 4 working computers at home, 2 of which are laptops, 1 is my sister's very vintage desktop. Perhaps I could install Kaspersky on my sister's desktop, but taking apart both computers and installing my drive in her computer then going into the bios and turning my drive into a "slave" drive scares me a little. I have complete faith in TPU and know that if I'm willing to, someone would be willing to walk me through it no problem. I'm afraid I'll need to have live support through AIM/MSN/Yahoo Messenger or whatever during the entire process.
     
  10. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    its dangeroud and i really dont recommend it at all, if its a virus that can jump networks, but hook on of your laptops to the same network that computer is on and scan its hardrives with the laptop!~ not reccomened if my last one wasnt good enough! THAT VIRUS CANT LOAD IN SAFE MODE! DO A MANUAL SCAN!
     
    Kantastic says thanks.
  11. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    I'm not sure if it can jump networks as you say, but I've read on a blog that putting my drive into somebody else's computer does work, so long as I have Kaspersky to clean it up.

    When you say "same network" do you mean internet connection? I'm not really sure, and I'm completely lost when you say scan my hard drives with the laptop.

    Edit: I've tried booting into the safe mode by tapping F8 during bootup and selecting safe mode, but my computer simply won't allow it. It will reboot and give me the message saying hard drive did not boot up correctly and give me the menu to select which mode to boot up again, and I'll have to select normal.
     
  12. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    bok, when your computer starts hit keep hitting f8 now dont be alarmed a black screen some come up with options now go up to the one that says safe mode, hit enter on it, now all kinds of prompts will scroll dont worry thats support to happen windows will boot up, this way itll only boot up the windows core processors nothing else it might take a minute, now go my computer your c drive then program files, then the folder that says kaspery lab open that, open the folder inside that one then go to the avp that looks like the icon of K double click on that, it should bring up your scanner and do a full system deep scan at this point. this is all the guidance i can give you at this time
     
    Kantastic says thanks.
  13. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    When you say "your" computer, you mean the clean computer that I will be putting my infected hard drive in right? Because my computer cannot boot into safe mode, I tried yesterday using your method, and I cannot install Kaspersky or BitDefender due to the virus.
     
  14. francis511

    francis511

    Joined:
    Oct 16, 2006
    Messages:
    2,547 (0.85/day)
    Thanks Received:
    271
    Location:
    N.Ireland
    So you have tried googling it ?
     
  15. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    do you have a jump drive that you could install kaspery on and do the scan on your hardrive from that jumpdrive on your infected computer
     
    Kantastic says thanks.
  16. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    I've answered your question, and I don't plan on answering again. Reported for spamming x2.

    Do you mean a USB/flash drive? If so, yes I do but how exactly do I install Kaspersky on a flash drive?
     
  17. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    you just pick it as the drive you want to install it on when your installing it, its simple just when kaspery asks where you want to install it browse, pick the flash drive bam it installs it on there
     
    Kantastic says thanks.
  18. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    Okay, so let me get this straight.

    1. I download Kaspersky on a clean computer and install it onto my flash drive.
    2. Do I scan in normal mode or safe mode?
    3. How do I start a scan from the flash drive?

    If possible, could I use a CD instead? I was in the bios yesterday and saw that I could make the CD drive the first thing to boot up. Does that mean I can create a bootable CD with Kaspersky installed onto it? I didn't see the option of booting into the flash drive first, just hard drive and CD.
     
  19. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    once its on the flash drive you put it in the infected computer the computer says heres a flash drive you open the installed folder from the flash drive up pick the avg scanner, then itll say scan what...full scan will find the hardrives and then scan
     
    Kantastic says thanks.
  20. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    Are flash drives infectable? If they are would my flash drive be infected if things don't go as planned? (It's my sister's drive and she's home from college for about a week and I don't want to infect her drive.)
     
    Kantastic says thanks.
  21. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.99/day)
    Thanks Received:
    312
    unless your extremly words about a jump drive, then no its can be easily formatted easily fixed its a usb jumpdrive its alot simpler then swapping harddrive, and looks to be your only option at this point, im going to bed, goodluck
     
    Kantastic says thanks.
  22. francis511

    francis511

    Joined:
    Oct 16, 2006
    Messages:
    2,547 (0.85/day)
    Thanks Received:
    271
    Location:
    N.Ireland
    I take it googling didn`t help then m8 ?
     
  23. Yin

    Yin

    Joined:
    Feb 19, 2006
    Messages:
    542 (0.17/day)
    Thanks Received:
    32
    Why is this in the network section? maybe i am missing something?
    but sounds like you need process explorer.
     
    Kantastic says thanks.
  24. Wile E

    Wile E Power User

    Joined:
    Oct 1, 2006
    Messages:
    24,324 (8.11/day)
    Thanks Received:
    3,778
    The Flash drive won't work.

    First you should try booting to safe mode, and manual scan with Kaspersky. If Kaspersky can't get rid of it in safe mode, there are only a couple other options. You might be able to boot from a BartPE CD with Kaspersky loaded on it, or you can just put the Hard Drive in another computer, boot to the computers normal drive, and then scan the drive you added.

    It cannot infect the other computer because the virus won't start unless Windows tells it to. Since it's not your Windows that's loading, it won't be told to start.
     
    Kantastic says thanks.
  25. Bokteelo New Member

    Joined:
    Mar 5, 2009
    Messages:
    479 (0.23/day)
    Thanks Received:
    37
    I'd have to be able to install Kaspersky onto my computer before booting into safe mode and performing the manual scan, and that's a problem.

    What exactly is a PartPE CD?

    I've read about putting my drive onto someone else's computer, and thanks for letting me know that it's completely safe for the other system because I don't want to infect my sister's/friend's computer. Although I do have a question: Once I put my drive into someone else's computer, how will his/her computer know which hard drive to boot from? My cousin's computer is running Vista, if I installed Kaspersky onto his computer would Kaspersky scan my computer without problems? (Being that he's running Vista and I'm running XP.)

    I'm looking forward to fixing my computer ASAP, because I ordered some high end gaming peripherals and I want my computer to be completely clean before I install the drivers.
     
    Kantastic says thanks.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page