Download Our Windows 7 Tips!
I need help FAST with Win 32 Sality virus. This thing is messing my whole computer too fast.
Hello all
I have a nasty virus inside my PC, the Win32 Sality or Win32/Sality as recognized by AVG Free Edition which if you had a problelm with this fellow before reading this message you might know how hard is to get rid of it.
Here's how the virus acts if you hadn't encounter-it yet: The Sality threat spreads its code in most of the main installation Windows files,I think I got it even on my XP CD as it was in the drive when I runned an infected file whitout knowing that it was infected (hope this is just what I think) it also blocks Task Manager's Ctrl+Alt+Del combination and sends sensitive data to a certain mail adress.
I already tried some tools designed for it as it is a high risk threat and most antivirus software can't delete-it looks like it worked for a part of the files infected but it looks like its code still spreads. Tehnically most of my software is not working properly when I launch them instead of running normally they create a new copy of the virus.
Is there some way to remove-it manually? Or is there any software that will eventualy help me solve this situation? Many thanks to anyone who will answer this question.
I have a nasty virus inside my PC, the Win32 Sality or Win32/Sality as recognized by AVG Free Edition which if you had a problelm with this fellow before reading this message you might know how hard is to get rid of it.
Here's how the virus acts if you hadn't encounter-it yet: The Sality threat spreads its code in most of the main installation Windows files,I think I got it even on my XP CD as it was in the drive when I runned an infected file whitout knowing that it was infected (hope this is just what I think) it also blocks Task Manager's Ctrl+Alt+Del combination and sends sensitive data to a certain mail adress.
I already tried some tools designed for it as it is a high risk threat and most antivirus software can't delete-it looks like it worked for a part of the files infected but it looks like its code still spreads. Tehnically most of my software is not working properly when I launch them instead of running normally they create a new copy of the virus.
Is there some way to remove-it manually? Or is there any software that will eventualy help me solve this situation? Many thanks to anyone who will answer this question.
Tags: delete, remove, sality, virus, win32, win32.sality
Replies to This Discussion
-
Permalink Reply by Agent Popescu on -
ro:mersi sper sa mearga
en:thanks, hope this works
-
Permalink Reply by JT on -
I never heard of it but you should try to download and install SUPERAntiSpyware. There is a free version that does a very good job.
-
Permalink Reply by Agent Popescu on
-
Ok, I downloaded, installed and all that, but the virus keeps spreading as soon as I clean the old files.
-
Permalink Reply by Streetking on -
find out what file is corrupted, and restart in safe mode, then delete the infected files, but you may need to do a windows repair
Streetking
-
Permalink Reply by Agent Popescu on
-
i can't delete any files forgot to mention. there all regular exes of software i use, but with the additional virus code in them. hope i don't need any format and could be a way.
-
Permalink Reply by Streetking on
-
cant you reload the exes, what you describing to me sounds like you need to start over, im guessing it planted itself in the startup processes, have you restarted and looked at the processes to see if you see any strange ones running, that might help
-
Permalink Reply by Agent Popescu on
-
well if you mean before loading into windows, i really had some issues before dealing with some of its copies(copies of the virus i mean). the start up screen was just not responding, and the BIOS button hardly responded after I would have to press ESC on the keyboard and wait a long time(this could've been 'cause the virus entered into serious system files). Now it seems to get back at it's normal state at least for the moment.
-
Permalink Reply by JT on
-
I found this here: http://www.spywareremove.com/removeVirusSalityU.html
Virus.Sality.U Manual Removal Instructions
Below is a list of Virus.Sality.U manual removal instructions and Virus.Sality.U components listed to help you remove Virus.Sality.U from your PC. Backup Reminder: Always be sure to back up your PC before making any changes.
Note: This manual removal process may be difficult and you run the risk of destroying your computer. We recommend that you use SpyHunter's malware detection tool to check for Virus.Sality.U.
Step 1 : Use Windows File Search Tool to Find Virus.Sality.U Path
1. Go to Start > Search > All Files or Folders.
2. In the "All or part of the the file name" section, type in "Virus.Sality.U" file name(s).
3. To get better results, select "Look in: Local Hard Drives" or "Look in: My Computer" and then click "Search" button.
4. When Windows finishes your search, hover over the "In Folder" of "Virus.Sality.U", highlight the file and copy/paste the path into the address bar. Save the file's path on your clipboard because you'll need the file path to delete Virus.Sality.U in the following manual removal steps.
Step 2 : Use Windows Command Prompt to Unregister Virus.Sality.U DLL Files
1. To open the Windows Command Prompt, go to Start > Run > type cmd and then click the "OK" button.
2. Type "cd" in order to change the current directory, press the "space" button, enter the full path to where you believe the Virus.Sality.U DLL file is located and press the "Enter" button on your keyboard. If you don't know where Virus.Sality.U DLL file is located, use the "dir" command to display the directory's contents.
3. To unregister "Virus.Sality.U" DLL file, type in the exact directory path + "regsvr32 /u" + [DLL_NAME] (for example, :C\Spyware-folder\> regsvr32 /u Virus.Sality.U.dll) and press the "Enter" button. A message will pop up that says you successfully unregistered the file.
4. Search and unregister "Virus.Sality.U" DLL files:
5. vcmgcd32.dll
Read more about How to Remove Virus.Sality.U DLL Files
Step 3 : Detect and Delete Other Virus.Sality.U Files
1. To open the Windows Command Prompt, go to Start > Run > type cmd and then press the "OK" button.
2. Type in "dir /A name_of_the_folder" (for example, C:\Spyware-folder), which will display the folder's content even the hidden files.
3. To change directory, type in "cd name_of_the_folder".
4. Once you have the file you're looking for type in "del name_of_the_file".
5. To delete a file in folder, type in "del name_of_the_file".
6. To delete the entire folder, type in "rmdir /S name_of_the_folder".
7. Select the "Virus.Sality.U" process and click on the "End Process" button to kill it.
8. Remove the "Virus.Sality.U" processes files:
9. vcmgcd32.dll
Read more about How to Delete Harmful Files
Virus.Sality.U Recommendation
RECOMMENDED: To avoid the unnecessary risk of damaging your computer, we highly recommend you use a good malware remover to track Virus.Sality.U and automatically remove Virus.Sality.U as well as other spyware, adware, trojans, and virus threats in your PC.
-
Permalink Reply by Agent Popescu on
-
JT I will try that hope this works. Thanks for the info and the link.
-
Permalink Reply by Agent Popescu on
-
Good news everyone Task Manager is active again.
-
Permalink Reply by lyvidium andraseth on -
i had win32/virut and similar problems. i tried to clean it with avg tool that is made for it but no luck. also tryed Killbox, Panda, Webroot SpySweepervand many other solutions with no results.
best thing to do is to format the disc if you made backup or try booting OS from another comp and then try to clean the disc. hope it works
Sign in
Geek Out!
More Information
Pirillo's Posts
Lockergnome
© 2009 Created by Chris Pirillo
