Показано с 1 по 2 из 2.

Sality, Malas Wrm Infection in one folder

  1. #1
    Junior Member Репутация
    Вес репутации

    Sality, Malas Wrm Infection in one folder

    OS: Windows Vista SP2

    My avast antivirus software keeps detecting recurring instances of a Win32: Sality virus, along with Malas.B [wrm]. I scanned the infected files with an online Kapersky tool, and it said they were infected with P2P-Worm.Win32.Malas.r.

    The virus manifests in the public folder. Scanning the infected files, Dr. Web CureIt found:

    SexScreenSaver.exe;C:\Users\Public;Win32.Sector.5; Cured.;
    SexScreenSaver.exe;C:\Users\Public;Win32.HLLW.Asal am;Deleted;
    SexScreenSaverlib.exe;C:\Users\Public;Win32.HLLW.A salam; Deleted;

    I've been getting these types of messages every other reboot for a month or two now. I've scheduled boot-time virus scans with avast, and used other anti-virus programs in safe mode (superantivirus, ad-aware, malwarebytes, kaspersky virus removal, dr.web cureit) without successfully detecting anything. Even stranger, most antivirus programs, upon scanning the infected files, do not detect anything.

    I tried to do a full system scan with Dr. Web CureIt, but during scan prep, my computer blue screens for half a second, and restarts. It did this three times already.

    Nothing else on my computer seems to be affected. I do not notice performance issues, and it only seems like the virus appears in one place, the public folder.

    I know the prevailing advice is to reformat and reinstall, but I want to try to avoid that. This virus hasn't damaged anything yet, I don't think.
    Вложения Вложения
    Последний раз редактировалось mchen37; 14.07.2009 в 18:57. Причина: Adding AVP system check file (manual cure)

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для drongo
    Вес репутации
    You should go to your friend that have uninfected computer, download from him and create an antivirus on CD, then boot your system from this cd ( For exp. http://www.freedrweb.com/livecd/ ) and make a full scan.In this case, i hope, you will not get a blue screen

    Something wrong with application data folder, perhaps just vista bug or some application did cause this mysterious thing.
    Please clean system with ccleaner ( http://www.ccleaner.com/download/bui...ading-portable ), make log with gmer(http://www.gmer.net/) , and download at my signature special avz, create log virusinfo_syscure.zip with it.
    Remember to disable your antivirus before lunching avz, lunch with right click-> Run as administrator.
    Последний раз редактировалось drongo; 14.07.2009 в 20:35.

Похожие темы

  1. Possible Sality infection?
    От Steve J в разделе Malware Removal Service
    Ответов: 2
    Последнее сообщение: 20.09.2010, 07:13
  2. Rename folder in folder dot exxe
    От mikihcp в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 02.08.2010, 09:15
  3. W32.Sality.Y & .aa infection
    От iantero в разделе Malware Removal Service
    Ответов: 3
    Последнее сообщение: 02.01.2010, 18:17
  4. Win32.Sality Infection
    От aodhowain в разделе Malware Removal Service
    Ответов: 5
    Последнее сообщение: 20.10.2009, 03:23
  5. manual cure - win32.sality infection
    От slasher_i в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 20.05.2009, 19:04

Метки для этой темы

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
Page generated in 0.01389 seconds with 17 queries