HOW TO REMOVE VIRUS SALITY

For the last few days my computer was infected by a virus named Sality.  The signs that my computer was infected by this virus are:
  • My computer slows down.
  • Some programs do not work well, some can not even use.
  • Task Manager doesn't work
  • Antivirus is not working
  • Last... and the worse... i can not go to Windows.
So ... this Sality virus (which attacked my computer was P variant) is attacking the Program files (with exe type). And because it's attacking the exe file.. the program will not running, including antivirus... because the antivirus has the exe type. When i reformating the harddrive ... the virus is keep coming back again.

Before that i did not think that my computer got a sality virus... because the antivirus was not working.  My first thought is that i have to reinstall the antivirus.  But after i reinstall the antivirus still does not solve the problem.  And then i tried several antivirus:
  • AVG ... can not be install
  • PCMAV (Indonesian antivirus) the latest version... didn't work
  • Avira... the installer didn't work.
And then i tried some other antivirus, from this antiviruses i knew that a virus which attacked my computer is Sality/P.variant, although these antiviruses can detected the virus but it can not clean the virus.  Some of the antivirus that i used are:
  • Smadav 2010 (Indonesian Antivirus) can only detect the virus.
  • PCMAV Ekspress for Sality (Indonesia Antivirus) can only detect the virus.
  • Avast... can delete the virus... but because i fear will destroy my programs so... i didn't use it.
And then i found this site http://myks.wordpress.com.  So... i tried to use the advice... and the result is... it's working... I can cleaned the virus without reformating my harddrive and most of the important files can be fixed.

So... these are what i have done to clean my computer:

First... you need to download the tools, we need 3 tools:
  1. Norman Malware Cleaner... you can download it from http://download.norman.no/public/Norman_Malware_Cleaner.exe or from http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
  2. Symantec win.32.Sality AE.Removal Tool, you can download it from http://www.ziddu.com/download/3653712/FxSltyAE.rar.html
  3. The last is Registry File to fix the safe mode... you can download it from http://www.eset.hk/support/tools/repairboot.zip or from http://support.kaspersky.com/downloads/utils/sality_regkeys.zip
 After you download the tools, turn off System Restore.


And then run Norman Malware Cleaner.

If Norman Malware Cleaner doesn't work because it's blocked by the virus... you can run Symantec win.32.Sality AE.Removal Tool.

After that, try to use Norman Malware Cleaner again.

I repeated these steps a few times untill i'm sure that the virus has gone, and the result is... yes ... my computer is clean.
Out of curiosity i tried to run Smadav 2010, PCMAV Ekspress for Sality and Avast.  The result is the virus is not detected.

Last thing, ekstract  Registry File to repair registry so we can use safe mode again.  Just choose one which match with your OS, XP or Vista.

So for you who already has sality virus in your computer... do not reformating your harddrive because it wont solve the problem.  And reformating your entire harddrive is the last option.  My computer is clean without reformating my harddrive.
So... thanks for the owner of  http://myks.wordpress.com for sharing your experience.


Eh... udah punya waralaba pribadi? Kalau belum ikutan deh disini... 

Like this article?  Please vote by clicking these icons...

 

1 comment:

Ooh...come on...give me your comment...

Related Posts Plugin for WordPress, Blogger...