Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sality infected 10 computers


  • Please log in to reply
No replies to this topic

#1 Mohitspamz

Mohitspamz

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 01 May 2011 - 01:08 AM

Hey all,
I've recently purchased Norton Total Securty 2011 for all my office computers that are connected to each other in a workgroup using a networking ethernet/wifi switch. There is no server/client machine as such. The programs that we use on these machines are limited to Tally 7.2, Microsoft Office 2003/2007, Adobe Acrobat Reader, A custom made database software on VB whose database is on MS Access.

The installation of the antivirus was a breeze as there were no other anti virus products installed earlier in any of the machines. However, on running a full scan on a couple of computers revealed that they are infected with sality. I'm cross referencing the thread.

http://community.norton.com/t5/Norton-Internet-Security-Norton/Sality-Virus/m-p/444010#M156839

Heres a gist of symptoms for those who do not want to view the above link.

Computer 1.
This one is badly affected. I had run the scan on this and there were close to 200 errors. Virus was some variant of Sality. On checking fix it agains the errors it sort of hung for a while. And then the antivirus closed after a while. Now it wont start again. Also most of my existing programs have their exe files missing, including Internet explorer, google chrome and a whole bunch of other programs.

Computer 2
This one had an update running and since the update finished the desktop icons have all disappeared. But hte programs otherwise are running.

Computer 3
The anti virus option in this computer is disabled and i cannot enable it. The anti virus says the computer is at risk and even after trying to fix it, i still get the errors that the anti virus feature and the Sonar feature could not be activated.

Computer 4
This computer is actually a license server for Tally in my workgroup. However, since the installation of the anti virus none of the computers have been able to connect to this licence server. I've tried unblocking the program from the network firewall configuration option in norton total security 2011, and on the program it says that the program is Allowed, but nothing happens. Also this computer was some how not majorly affected by Sality.

Now, that i read a few threads on sality i've realised that its easier to format my system drive and delete all .exe and .scr files and then reinstall windows on all of my 10 computers. Is there an easier alternative to tackle this?

If not, then please guide me on what precautions do i need to take to ensure that I've a fresh, clean system at the end of reinstallation and what are the tools, practices etc that need to be followed right after i reinstall windows to prevent any future infections.

Regards

Mohit

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users