Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


can't use my ANTI VIRUS and SAFE MODE

  • Please log in to reply
4 replies to this topic

#1 cyikez


  • Members
  • 18 posts
  • Local time:05:51 PM

Posted 21 November 2009 - 08:11 PM

guys help me please

Microsoft Windows XP
Version 2002
Service Pack 3

i dnt know any about computer
ok guys
last night my uncle reformat this PC then he insert his USB to install some programs but somethings happened
the USB had a VIRUS and he cant remove it because all ANTI VIRUS can't open even in the SAFE MODE
then i dnt understand what he's saying to me. he told me that he cant reformat again. he told me that i need to scan my hard disk in another computer ? when i trying to go in safe mode. it goes BLUE SCREEN and sumting said that chech the VIRUS etc... i look the other forum. they said that System Security 2009 watever. 41153049.exe .. i tried to search but while im in searching. its suddenly hang. i can open task manager CTRL+ALT+DLT but i cant found any of that. can't use ANTI VIRUS, SYSTEM RESTORE and SAFE MODE. i scan the SUPER Antispyware. but no detected. try to uninstall and install the Malwarebytes. help me please

BC AdBot (Login to Remove)


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator

  • Moderator
  • 37,012 posts
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:51 PM

Posted 21 November 2009 - 08:31 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 cyikez

  • Topic Starter

  • Members
  • 18 posts
  • Local time:05:51 PM

Posted 22 November 2009 - 05:34 AM

somebody help me pls
latest update
my uncle fix his own PC. he scan his hard disk in other computer so he can remove the virus and that virus is SALITY
then he told me that i can remove that SALITY while searching google. SALITY REMOVAL TOOL
i tried many times and i found some win32 sality then delete it now i can use SPYBOT and NOD
but some application cant use and NOD cant update and i found that when im trying to download any anti virus
always acces denied something like it is blocking me in the website. while the other site seems alright
like i cant download norman malware cleaner. i cant scan the NOD because its not updated then i try to uninstall and install other anti virus like AVAST but can't open it. i think some virus or malware not been remove.
i tried many times to scan SPYBOT and any SALITY removal tool but no detected. cant download any anti virus then update. please help me guys

#4 Elise


    Bleepin' Blonde

  • Malware Study Hall Admin
  • 61,318 posts
  • Gender:Female
  • Location:Romania
  • Local time:01:51 AM

Posted 23 November 2009 - 02:37 AM

Since you recently formatted, I really recommand you to reformat. You can try to repair all damage done by Sality, but it really doesnt't pay off. See below for more information. If you have any question, please let me know :thumbsup:

Please see ThreatExpert's awareness of Win32.Sality.

Sality Family is a family of a polymorphic file infectors which infects .exe, .scr files, downloads more malicious files to your computer, steals sensitive system information/passwords and sends it back to the attacker.

With this particular infection, the safest solution and only sure way to remove it effectively is to reformat and reinstall the OS.

As with many other malware, Sality disables antivirus software and prevents access to certain antivirus and security websites. Sality can also prevent booting into Safe Mode and may delete security-related files found on infected systems. To spread via the autorun component, Sality generally drops a .cmd, .pif, and .exe to the root of discoverable drives, along with an autorun.inf file which contains instructions to load the dropped file(s) when the drive is accessed.

About Sality Virus

If the computer was used for online banking, has credit card information or other sensitive data on it, you should disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. You should change each password using a clean computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connect again. Banking and credit card institutions should be notified of the possible security breach.

Sality/Win32.Sector is not effectively disinfectable. Your best option is to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to your system files that it cannot be completely cleaned or repaired. In many cases the infected files cannot be deleted and anti-malware scanners cannot disinfect them properly. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Please read:

regards, Elise

"Now faith is the substance of things hoped for, the evidence of things not seen."


Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome


Malware analyst @ Emsisoft

#5 cyikez

  • Topic Starter

  • Members
  • 18 posts
  • Local time:05:51 PM

Posted 24 November 2009 - 10:37 PM

my uncle told me the same as u said
thnx man. u help me alot

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users