Removing Win32:Sality Virus

View previous topic View next topic Go down

Removing Win32:Sality Virus

Post by Admin on Fri Mar 13, 2009 3:36 pm

Crying or Very sad Malas talaga ang araw na ito. sa lahat ng Friday the 13th na nadaanan ko ito ang talagang masasabi kong malas! Crying or Very sad

Kagabi ko pa napansin na may virus na umaaligid sa shop. Nakita ko kase yung isang autorun.inf na present sa File Server namin and to make it more evident I found it inside the Shared Folder kung saan lahat ng files from the workstations are converging. mabuti na lang at doon napunta.

Sinubukan ko ng tanggalin yung mga malicious files by deleting them the usualy way (select and then presses the "del" key on the keyboard). But to my dismay, bumabalik lang yung file. Whoa! Kailangan ko yata i-unplug yung NAS server para magawa ko ito nag plug it to my PCs usb port.

I made a little experiment and just accessed one of the workstations and tried deleting it from there. Well it worked right.

Pagkagising ko kaninang morning to get ready for today's work dun ko lang nakita na kumalat na pala yung virus. I saw it when I opened all the workstations and my antivirus started popping-out different warning messages. WARNING! blah blah is infected with Win32:Sality Virus... I tried removing it pero no effect.

Ahah! Let's install a stronger anti-virus. I downloaded avast and installed it on the PC. WHAT! Biglang nag-restart yung PC at dun na nagsimula ang problem ko. Everytime I started using the PC numerous WARNING messages na ang nagpa-popout. Avast is not working either. Running siya sa background pero may red slash siya meaning hindi active yung real-time scanning niya. This is way to sensitive.

I thought of a workaround to remove the virus and restoer my PC to its original condition.

I decided to remove the hard drive and have it scanned on another PC. I used the boot-scan mode of avast then and there I saw how deep the virus has infected my computer. It even has target most of my .exe files which is needed to run most of the games and applications. I tried fixing it pero delete na ang natitira kong option.

I finally decided to delete the infected files. I tried to copy a non-infected one from other workstations. I also re-installed the Avast antivirus to make it my AV and removed the old one.

I will need to check the rest of the computers baka pati yung iba meron an din. Puyatan na naman!
avatar
Admin
Admin
Admin

Male Number of posts : 31
Age : 39
Karma : 0
Registration date : 2009-03-11

View user profile http://pccosvc.forumotion.com

Back to top Go down

Re: Removing Win32:Sality Virus

Post by Admin on Fri Mar 13, 2009 6:31 pm

No luck on fixing the other computer. Daan ko na lang sa hard drive clone. Hahanap muna ako ng pinakamalinis na pwedeng i-clone.
avatar
Admin
Admin
Admin

Male Number of posts : 31
Age : 39
Karma : 0
Registration date : 2009-03-11

View user profile http://pccosvc.forumotion.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum