ZarkoZarce Posted November 23, 2012 Share Posted November 23, 2012 Here's a confirmation from the developers: I like your banana,but i ask myself, are you some SecurityXploded malware promoter or just victim Link to comment Share on other sites More sharing options...
Lucent Posted November 23, 2012 Share Posted November 23, 2012 ComboFix is unable to cure Sality and other file infectors such as Virut, Parite, Jeefo, Ramnit. There were the cases when ComboFix was able to clean this infection, but Sality was present without restarting the computer, so it was unable to spread. I haven't heard that any tool inside Windows can cure this infection, and beleive me, I am doing this job for couple of years. AV's are helpless. Maybe to try with Dr. Web inside Safe Mode, but there are no guarentee that this will work. Infection can surely be removed by some Live CD, I removed it couple of times with Kaspersky Rescue CD. Avast Boot Scan could remove it in some cases, but in my case, avast failed. Oh, I see. It seems that this nasty piece of code can inject itself on any executable, thus rendering all the solutions over online/working installs useless. Link to comment Share on other sites More sharing options...
Knightmare Posted November 23, 2012 Author Share Posted November 23, 2012 Is it possible for a virus to run from a rar file by itself? It's not possible How u solved the problem?I just used ESET to solve my issue. It removed the virus from the system. But Kaspersky and AVG have sality removal tools that can be used. Here's a confirmation from the developers: I like your banana,but i ask myself, are you some SecurityXploded malware promoter or just victimI'm not trying to promote anything. I'm angry that I got a virus from these people. Nope, just a victim. Link to comment Share on other sites More sharing options...
MAXS Posted November 23, 2012 Share Posted November 23, 2012 ComboFix is unable to cure Sality and other file infectors such as Virut, Parite, Jeefo, Ramnit. There were the cases when ComboFix was able to clean this infection, but Sality was present without restarting the computer, so it was unable to spread. I haven't heard that any tool inside Windows can cure this infection, and beleive me, I am doing this job for couple of years. AV's are helpless. Maybe to try with Dr. Web inside Safe Mode, but there are no guarentee that this will work. Infection can surely be removed by some Live CD, I removed it couple of times with Kaspersky Rescue CD. Avast Boot Scan could remove it in some cases, but in my case, avast failed. Oh, I see. It seems that this nasty piece of code can inject itself on any executable, thus rendering all the solutions over online/working installs useless. Correct, it injects it's own piece of code into every file that has .exe or .scr extension. @Knightmare Can you access Task Manager? Link to comment Share on other sites More sharing options...
dcs18 Posted November 23, 2012 Share Posted November 23, 2012 How u solved the problem? Can you access Task Manager?I hope you're not facing the same problem. :) Link to comment Share on other sites More sharing options...
Knightmare Posted November 23, 2012 Author Share Posted November 23, 2012 @Knightmare Can you access Task Manager?I didn't get a chance to try it. I installed the program, then immediately uninstalled it to remove an error in version 2.0. As soon as I uninstalled it, I didn't get a chance to do anything before ESET started fixing the virus. So I have no idea if you can use the task manager. I would love to test the virus in a VM though. Link to comment Share on other sites More sharing options...
mara- Posted November 23, 2012 Share Posted November 23, 2012 Somebody seems hell-bent on breaking sanjoa's track record. :naughty:What are you talkin about? You don't know what he's talking about? :o :lol: Cheers ;) Link to comment Share on other sites More sharing options...
MAXS Posted November 23, 2012 Share Posted November 23, 2012 @KnightmareCan you now access TM?P.S. I PM-ed you virus.win32.sality.bh :D Link to comment Share on other sites More sharing options...
Knightmare Posted November 23, 2012 Author Share Posted November 23, 2012 @Knightmare Can you now access TM? P.S. I PM-ed you virus.win32.sality.bh :DI'll test it once I get a VM created. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted November 23, 2012 Administrator Share Posted November 23, 2012 I just used ESET to solve my issue. It removed the virus from the system. And this is why, my friends, you need a AV, or more importantly, a layered security. One downloads from a trusted website, but still get infection. Sure enough, this might have got though ESET, but some other day, some other AV, this virus would have had been blocked immediately. Again, brain matters a lot, but in this case, AV is more important. Cause malware can come from anywhere. Link to comment Share on other sites More sharing options...
avmad Posted November 24, 2012 Share Posted November 24, 2012 This is why you use your brain! Or Sandboxie. Or Shadow Defender.... :P Link to comment Share on other sites More sharing options...
MAXS Posted November 24, 2012 Share Posted November 24, 2012 Or MCShield... :P Sality is still wide spread, and it's constancy is consequence that it is really easy to spread via removable drives. Link to comment Share on other sites More sharing options...
dcs18 Posted November 24, 2012 Share Posted November 24, 2012 It's no longer fashionable to be afflicted with a petty infection like El Sality - generation next prefers AIDS. :P Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted November 24, 2012 Administrator Share Posted November 24, 2012 This is why you use your brain! Or Sandboxie. Or Shadow Defender.... :P I don't think one can make proper use of software like Virus Total Scanner by running it in Sandboxie. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.