I’m looking for some support on a very large infection with Win32/Sality and Win32/Tanatos across our entire network of about 160 pcs.
I’ve used the following removal tools which have all failed.
http://www.avg.com/us-en/virus-removal.ndi-67769
http://www.avg.com/us-en/virus-removal.ndi-90825
For those not familiar with sality it’s good to know that it kills a lot of common anti-virus processes.
I’ve been unsuccessful with installing avast or even getting a console only version to run. Ideally I’d like to get avast installed on all 160 machines and have it run on next launch before windows loads.
I have been able to get clamwin installed and have ran that with the following paramaters. ‘clamscan1.exe --database=“C:\Program Files\ClamWin\bin” --recursive Z:\ -k -u -i --move=“C:\virus” --memory’
I have found around 200-400 infected files on some computers. Again no matter what I run it will still not fully remove the infected files and still exists on the next restart.
If anyone has any suggestions or has a company/consultant that I could talk to in regards to this large problem that would be fantastic.
Thanks,
Kyle