• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Win32/Sality

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
I've been infected with this for a while now, and can't get rid of it... I know of a method where I have to take my hard drive out, put it on a another system with Kaspersky, and rid myself of the virus; but is there an easier way?

Update: The symptoms of this virus are: Locked registry, task manager, and something else I forgot. I've used a tool to unlock my task manager for about 5 seconds allowing me access the task manager and leave it open. I've noticed that if left unchecked, my computer would have multiple .exe's running with the names "win[random letters here].exe" in them. The amount of .exe's reached over 260 at one point, causing me heavy computer lag.

I cannot visit certain websites, an example would be Kaspersky's website nor can I install antivirus software downloaded.
 
Last edited:
Joined
Oct 16, 2006
Messages
2,573 (0.40/day)
Location
N.Ireland
Processor Core I5 4440 / 4430
Motherboard Asus z87-k / Gigabyte ga h97- d3h
Cooling Arctic freezer / Generic
Memory 8 gb Mushkin / Various
Video Card(s) Radeon 7850 cf / Gtx 690
Storage Samsung 850 EVO 250 gb / 2x1 terabyte hdds Wd 256 gb nvme
Display(s) Technika 32" / Asus 24` ips
Case Corsair
Audio Device(s) X-fi Titanium
Power Supply Corsair 850 w
Software Windows 10
Have you tried googling it ?
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
Have you tried googling it ?

No sorry, I just decided to post here without looking up any background information and/or possible solutions in the 2 months that I've been infected so that people like you could get a free post count increase.

Viper, I've tried both methods, not only that but I've tried Combofix with custom written scripts by the wonderful volunteers of TechSupportForum as well. I have a recovery kit from HP, but I would like to see if there are any possible ways of cleaning my PC without turning my hard drive to 0's.

Edit: Updating post #1.
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
do you have another harddrive, if so make the other one your primary boot up into safe mode have the infected one as a slave, and remove it with kaspery
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
do you have another harddrive, if so make the other one your primary boot up into safe mode have the infected one as a slave, and remove it with kaspery

This is a similar method to what I mentioned in my first post, removing the virus with Kaspersky so long as I have another hard drive. It's a little bit too advanced for me, seeing as I've yet to even put together a computer.
 

sneekypeet

Retired Super Moderator
Joined
Apr 12, 2006
Messages
29,407 (4.48/day)
System Name EVA-01
Processor Intel i7 13700K
Motherboard Asus ROG Maximus Z690 HERO EVA Edition
Cooling ASUS ROG Ryujin III 360 with Noctua Industrial Fans
Memory PAtriot Viper Elite RGB 96GB @ 6000MHz.
Video Card(s) Asus ROG Strix GeForce RTX 3090 24GB OC EVA Edition
Storage Addlink S95 M.2 PCIe GEN 4x4 2TB
Display(s) Asus ROG SWIFT OLED PG42UQ
Case Thermaltake Core P3 TG
Audio Device(s) Realtek on board > Sony Receiver > Cerwin Vegas
Power Supply be quiet DARK POWER PRO 12 1500W
Mouse ROG STRIX Impact Electro Punk
Keyboard ROG STRIX Scope TKL Electro Punk
Software Windows 11
This is a similar method to what I mentioned in my first post, removing the virus with Kaspersky so long as I have another hard drive. It's a little bit too advanced for me, seeing as I've yet to even put together a computer.

Do you have a second PC to do this on? Does it have kaspersky on it already?
It really isnt that tough of an opperation to do. Im sure we could talk you through it.
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
oh, its not really complicated...well, i guess it could be, um....just reformatt, or boot up in safe mode, go into program files, kaspery folder, open up there scanner manually and run a scan and remove it in safe mode, make sure to unplug your ethernet cable, run it again, then again, reboot back into normal mode keep ethernet unplugged and then run scan again, plug in your cable run scan again, make sure to enable deep scan in kaspery in under settings in the full scan area
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
I have 4 working computers at home, 2 of which are laptops, 1 is my sister's very vintage desktop. Perhaps I could install Kaspersky on my sister's desktop, but taking apart both computers and installing my drive in her computer then going into the bios and turning my drive into a "slave" drive scares me a little. I have complete faith in TPU and know that if I'm willing to, someone would be willing to walk me through it no problem. I'm afraid I'll need to have live support through AIM/MSN/Yahoo Messenger or whatever during the entire process.
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
its dangeroud and i really dont recommend it at all, if its a virus that can jump networks, but hook on of your laptops to the same network that computer is on and scan its hardrives with the laptop!~ not reccomened if my last one wasnt good enough! THAT VIRUS CANT LOAD IN SAFE MODE! DO A MANUAL SCAN!
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
I'm not sure if it can jump networks as you say, but I've read on a blog that putting my drive into somebody else's computer does work, so long as I have Kaspersky to clean it up.

When you say "same network" do you mean internet connection? I'm not really sure, and I'm completely lost when you say scan my hard drives with the laptop.

Edit: I've tried booting into the safe mode by tapping F8 during bootup and selecting safe mode, but my computer simply won't allow it. It will reboot and give me the message saying hard drive did not boot up correctly and give me the menu to select which mode to boot up again, and I'll have to select normal.
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
bok, when your computer starts hit keep hitting f8 now dont be alarmed a black screen some come up with options now go up to the one that says safe mode, hit enter on it, now all kinds of prompts will scroll dont worry thats support to happen windows will boot up, this way itll only boot up the windows core processors nothing else it might take a minute, now go my computer your c drive then program files, then the folder that says kaspery lab open that, open the folder inside that one then go to the avp that looks like the icon of K double click on that, it should bring up your scanner and do a full system deep scan at this point. this is all the guidance i can give you at this time
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
When you say "your" computer, you mean the clean computer that I will be putting my infected hard drive in right? Because my computer cannot boot into safe mode, I tried yesterday using your method, and I cannot install Kaspersky or BitDefender due to the virus.
 
Joined
Oct 16, 2006
Messages
2,573 (0.40/day)
Location
N.Ireland
Processor Core I5 4440 / 4430
Motherboard Asus z87-k / Gigabyte ga h97- d3h
Cooling Arctic freezer / Generic
Memory 8 gb Mushkin / Various
Video Card(s) Radeon 7850 cf / Gtx 690
Storage Samsung 850 EVO 250 gb / 2x1 terabyte hdds Wd 256 gb nvme
Display(s) Technika 32" / Asus 24` ips
Case Corsair
Audio Device(s) X-fi Titanium
Power Supply Corsair 850 w
Software Windows 10
So you have tried googling it ?
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
do you have a jump drive that you could install kaspery on and do the scan on your hardrive from that jumpdrive on your infected computer
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
So you have tried googling it ?
I've answered your question, and I don't plan on answering again. Reported for spamming x2.

do you have a jump drive that you could install kaspery on and do the scan of your hardrive of your jump drive? its only 34mbs

Do you mean a USB/flash drive? If so, yes I do but how exactly do I install Kaspersky on a flash drive?
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
you just pick it as the drive you want to install it on when your installing it, its simple just when kaspery asks where you want to install it browse, pick the flash drive bam it installs it on there
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
Okay, so let me get this straight.

1. I download Kaspersky on a clean computer and install it onto my flash drive.
2. Do I scan in normal mode or safe mode?
3. How do I start a scan from the flash drive?

If possible, could I use a CD instead? I was in the bios yesterday and saw that I could make the CD drive the first thing to boot up. Does that mean I can create a bootable CD with Kaspersky installed onto it? I didn't see the option of booting into the flash drive first, just hard drive and CD.
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
once its on the flash drive you put it in the infected computer the computer says heres a flash drive you open the installed folder from the flash drive up pick the avg scanner, then itll say scan what...full scan will find the hardrives and then scan
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
Are flash drives infectable? If they are would my flash drive be infected if things don't go as planned? (It's my sister's drive and she's home from college for about a week and I don't want to infect her drive.)
 
Joined
Jan 17, 2009
Messages
2,143 (0.39/day)
System Name THE MAD BEAST!!!
Processor Tinfoil rapper with some coathangers
Motherboard Graham cracker with with frosting
Cooling A shovel full of snow
Memory Grey matter out of a corpse
Video Card(s) Cat eyes
Storage A whales brain
Display(s) Cyclops eyeball
Case Inside a yetis hollowed out corpse
Audio Device(s) howling banchee
Power Supply 32 hamster on a massive wheel
Software WHo needs software when you have a box of kittens
Benchmark Scores IS gatrillions a number?
unless your extremly words about a jump drive, then no its can be easily formatted easily fixed its a usb jumpdrive its alot simpler then swapping harddrive, and looks to be your only option at this point, im going to bed, goodluck
 
Joined
Oct 16, 2006
Messages
2,573 (0.40/day)
Location
N.Ireland
Processor Core I5 4440 / 4430
Motherboard Asus z87-k / Gigabyte ga h97- d3h
Cooling Arctic freezer / Generic
Memory 8 gb Mushkin / Various
Video Card(s) Radeon 7850 cf / Gtx 690
Storage Samsung 850 EVO 250 gb / 2x1 terabyte hdds Wd 256 gb nvme
Display(s) Technika 32" / Asus 24` ips
Case Corsair
Audio Device(s) X-fi Titanium
Power Supply Corsair 850 w
Software Windows 10
I take it googling didn`t help then m8 ?
 

Yin

Joined
Feb 19, 2006
Messages
540 (0.08/day)
Processor Intel i7 920
Motherboard ASUS RAMPAGE II Extreme
Cooling CM v10
Memory Corsair 3 x 2GB TR3X6G1866C9DF
Video Card(s) Nvidia XFX 8800GT Stock
Storage Seagate ST3500320AS, 2 x Samsung HD103UJ
Display(s) 2408WFP
Case Corsair 800D
Power Supply Corsair HX750W
Why is this in the network section? maybe i am missing something?
but sounds like you need process explorer.
 

Wile E

Power User
Joined
Oct 1, 2006
Messages
24,318 (3.81/day)
System Name The ClusterF**k
Processor 980X @ 4Ghz
Motherboard Gigabyte GA-EX58-UD5 BIOS F12
Cooling MCR-320, DDC-1 pump w/Bitspower res top (1/2" fittings), Koolance CPU-360
Memory 3x2GB Mushkin Redlines 1600Mhz 6-8-6-24 1T
Video Card(s) Evga GTX 580
Storage Corsair Neutron GTX 240GB, 2xSeagate 320GB RAID0; 2xSeagate 3TB; 2xSamsung 2TB; Samsung 1.5TB
Display(s) HP LP2475w 24" 1920x1200 IPS
Case Technofront Bench Station
Audio Device(s) Auzentech X-Fi Forte into Onkyo SR606 and Polk TSi200's + RM6750
Power Supply ENERMAX Galaxy EVO EGX1250EWT 1250W
Software Win7 Ultimate N x64, OSX 10.8.4
The Flash drive won't work.

First you should try booting to safe mode, and manual scan with Kaspersky. If Kaspersky can't get rid of it in safe mode, there are only a couple other options. You might be able to boot from a BartPE CD with Kaspersky loaded on it, or you can just put the Hard Drive in another computer, boot to the computers normal drive, and then scan the drive you added.

It cannot infect the other computer because the virus won't start unless Windows tells it to. Since it's not your Windows that's loading, it won't be told to start.
 

Bokteelo

New Member
Joined
Mar 5, 2009
Messages
479 (0.09/day)
The Flash drive won't work.

First you should try booting to safe mode, and manual scan with Kaspersky. If Kaspersky can't get rid of it in safe mode, there are only a couple other options. You might be able to boot from a BartPE CD with Kaspersky loaded on it, or you can just put the Hard Drive in another computer, boot to the computers normal drive, and then scan the drive you added.

It cannot infect the other computer because the virus won't start unless Windows tells it to. Since it's not your Windows that's loading, it won't be told to start.

I'd have to be able to install Kaspersky onto my computer before booting into safe mode and performing the manual scan, and that's a problem.

What exactly is a PartPE CD?

I've read about putting my drive onto someone else's computer, and thanks for letting me know that it's completely safe for the other system because I don't want to infect my sister's/friend's computer. Although I do have a question: Once I put my drive into someone else's computer, how will his/her computer know which hard drive to boot from? My cousin's computer is running Vista, if I installed Kaspersky onto his computer would Kaspersky scan my computer without problems? (Being that he's running Vista and I'm running XP.)

I'm looking forward to fixing my computer ASAP, because I ordered some high end gaming peripherals and I want my computer to be completely clean before I install the drivers.
 
Top