Not what you were looking for? Ask our experts!
Reply
Visitor
mohitspamz
Posts: 5
Registered: ‎04-30-2011

Sality Virus

Hey all,

I've purchased a 10 user pack of Norton Antivirus 2011 today and I installed it on 7 of my office computers. But disaster has struck and I'm facing all sorts of problems on all my computers since I got the antivirus installed and running. I'll try to summarize the problems each computerwise:

Computer 1.

This one is badly affected. I had run the scan on this and there were close to 200 errors. Virus was some variant of Sality. On checking fix it agains the errors it sort of hung for a while. And then the antivirus closed after a while. Now it wont start again. Also most of my existing programs have their exe files missing, including Internet explorer, google chrome and a whole bunch of other programs.

 

Computer 2

This one had an update running and since the update finished the desktop icons have all disappeared. But hte programs otherwise are runing.

 

Computer 3

The anti virus option in this computer is disabled and i cannot enable it. The anti virus says the computer is at risk and even after trying to fix it, i still get the errors that the anti virus feature and the Sonar feature could not be activated.

Computer 4

This computer is actually a license server for Tally in my workgroup. However, since the installation of the anti virus none of the computers have been able to connect to this server. I've tried unblocking the program from the network firewall configuration option in norton total security 2011, and on the program it says that the program is Allowed, but nothing happens. Also this computer was some how not majorly affected by Sality.

 

Computer 5,6

Havent had the heart to do anything on these computers and had them shut down after the anti virus installation. 

It now seems that Ive somehow done more harm than good by installing an Anti virus software. Please help.

 

Best regards,

Mohit

Regular Contributor
BanMidou
Posts: 721
Registered: ‎12-17-2010

Re: Sality Virus

Hi

 

 

Sorry  to hear

 

Sality infects all .exe in the system hnce the Problems!

 

You can try this tool by Kaspersky

 

http://support.kaspersky.com/viruses/solutions?qid=208279889

 

"OR"

 

 

 

move to a Malware Forum for Experts to Check out the PC 

 

Note : It will take some time for someoento help you

 

 

Here are the forum Which will help you get rid of the threats

 

 

www.bleepingcomputer.com

http://www.geekstogo.com/forum/

http://www.cybertechhelp.com/forums/

http://forums.whatthetech.com/

 

(Links provided by Delphinium)

 

 

 

Midou

delphinium
Posts: 9,862
Kudos: 2,965
Solutions: 293
Registered: ‎11-21-2008

Re: Sality Virus

Hi mohitspamz:

 

Was there any other security on the machines before you installed Norton?  If so, it would have hampered the installation of Norton.

 

Installing an antivirus into an already infected computer is often not successful, especially with malware that targets .exe files.

 

Norton consumer products are also not compatible with server applications.  For a commercial application, the corporate Symantec products are best.

 

You refer to a 10-pack of Norton Antivirus and later to Norton total security 2011, which is a search term for Norton Internet Security.  Norton Antivirus does not have a firewall, but Norton Internet Security does.  Please confirm which product you do have.

 

Considering the number of machines, the Sality infection, which is quite nasty, and the possibility of program conflicts, I would highly recommend seeking professional assistance to clean your office equipment.  This is not a quick fix.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain
Regular Contributor
BanMidou
Posts: 721
Registered: ‎12-17-2010

Re: Sality Virus

Hi

 

Just My 2 cents

 

try Sality Killer on each system It may even solve the issue

 

 

As for Prevention of Sality Goes

 

You can use tools like Panda USB vaccine to Prevent Sality Copy itself to pen drive!

 


http://www.pandasecurity.com/homeusers/downloads/usbvaccine/

 

Also Remove Lime Wire Pirate Edition If you have it installed on any PC

Midou

Visitor
mohitspamz
Posts: 5
Registered: ‎04-30-2011

Re: Sality Virus

Thank you for your replies.

 

I've got Norton Total Security 2011 with a firewall.

 

My office doesnt really have a server. There are 10 computers connected together in a workgroup using a networking ethernet/wifi switch.

 

It is just that one of the softwares is a licensed version which requires other client computers to look up to the server (can be any of the 10 computers) to verify if the lisence is appropriate to use the software.

 

There were no anti virus softwares installed earlier.

 

By the looks of what has been said uptill now I think it's just going to be a pain trying to reclaim all that is infected. The format way forward looks a better option. Tell me if I'm wrong.

 

I'm ready to delete all the .exe files of all the drives except C where my windows is installed and then format C drive after backing up my documents. Would that help?

 

Also i would have to reinstall a fresh copy of the anti virus if i take that route. How would i do that? Would the licence keys get renewed automatically or do i need to follow some procedure to first surrender the license of the already installed anti virus and then reinstall?

 

Regards

 

Mohit

delphinium
Posts: 9,862
Kudos: 2,965
Solutions: 293
Registered: ‎11-21-2008

Re: Sality Virus

Hi mohitspamz:

 

It is just that one of the softwares is a licensed version which requires other client computers to look up to the server (can be any of the 10 computers) to verify if the lisence is appropriate to use the software.

 

I can see some problems hooking up authentication in that manner as all of the commputers require constant access to the Symantec servers for pulse updates and automatic updates.  Each computer should be authenticated by Symantec during the update process.

 

Be careful what documents you save as Sality affects other file extensions besides just .exe.  and be careful where your important documents are stored because all of your machines are likely to be infected.  I am still recommending that you get some professional help with this process to protect your business data.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain