Danger, danger, Will Robinson !!!!!! Sality virus approaching.

Discussion in 'malware problems & news' started by AaLF, Dec 4, 2011.

Thread Status:
Not open for further replies.
  1. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Aaggghh. I'm stumped. I'm being overwhelmed by the sality virus. I feel like I'm getting covered in lice.

    My sis picked up a sality virus and its spreading like a bad cold. Her drives, flash drives now seen in my drives. The 'Panda' keeps shovelling but you get no where when its snowing.

    How do you get 'em out of the flash drives for a start? I reckons we should take 'em outside and hose all the HDDs. Rain kill the martians off in 'War of the Worlds' so it might work. If any AV expert has a better idea then PM me plz.
     
  2. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
  3. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    I's sign up at PCAV's user forum if you haven't already. Also you might try Hitman Pro, MBAM and Dr. Web Cure it. Or try the post above mine first.
     
  4. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    try dr.web cureit
    and Kaspersky Virus Removal Tool
     
  5. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    Best answer... +1
    I've used this tool to remove sality many times...:)
     
  6. chris1341

    chris1341 Guest

    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    An advert, if ever I've seen one, for a good back-up strategy. Restore and go.

    Quote from a Bleeping Computer thread I consulted trying to clean (albeit a couple of years ago now) 'Sality and other file infectors are not something a "specifc" tool or ANY tool can fix. It leads to a very unstable machine which ends up needed to be formatted and sometimes it can lead to problems that may allow you not to boot up any longer'. Their recommendation at that point - complete reformat and re-install of Windows

    Another thread that may help. http://www.bleepingcomputer.com/forums/topic307261.html

    Some form of rescue disc to get a hold of it without the OS in play might be the best bet but you should be aware this may result in system critical files being deleted/quarantined causing stability issues.

    Hope you find a way and things have moved since I tried to clean this little pest but experience from that time = save the data you can, reformat and re-install if no back-up available and if you really don't need them take a hammer to your flash-drives.

    Hope you find a better solution but...........
     
  7. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    Thanks guys. got Kaspersky's salitykiller tool is running now. AVG's tool didn't nudge 'em.
     
  8. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    Things change,infections that were once impossible to remove/fix or even detect do become so,remember how much trouble the 1st windows rootkits caused?
     
  9. chris1341

    chris1341 Guest

    Re: DANGER, DANGER, WILL ROBINSON !!!!!! SALITY VIRUS APPROACHING.

    Yeah, agreed. I genuinely hope that is the case.

    Most modern Malware has a purpose though - to steal data, use your machine as a bot or hold you to ransom etc. That specific purpose means many act like 'ordinary' programs therefore they put efforts into hiding themselves via rootkits etc rather than being built to spread through your OS in quite this way.

    While Sality no doubt helps set-up your machine for this type of activity it is more old school by spreading itself widely across the system by infecting targeted exe files it comes into contact with making it more difficult to track all the potentially infected files. It also means you might think you have got it all and it comes back as an infected file missed by the AV is accessed at some point in the future and the chase starts again. Despite claims to the contrary most AV's are better at detection than cleaning so the option is often to leave it or delete it. Deleting critical files is an issue obviously.

    I'm not trying to scaremonger. If tools are regularly defeating it now I'm delighted, just pointing out what the potential endgame might be depending on how far the blighter has burrowed in and an alternative to the effort put into cleaning when restore/re-install may get a similar result.

    Cheers
     
    Last edited by a moderator: Dec 4, 2011
  10. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    They're gone..... seems.

    I tried a couple of AVs (not named) and they said I had to find removal tools. Stupid tools too. Both failed to do the job. Then installed Pandacloud & he set about kung-fu'ing the sality fleas. :thumb:
     
Loading...
Thread Status:
Not open for further replies.