How to remove Sality/ Win32 Virus

Description:

Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web.



Symptom:

As with many other malware, Sality disables antivirus software and prevents access to certain antivirus and security websites. Sality can also prevent booting into Safe Mode and may delete security-related files found on infected systems. To spread via the autorun component, Sality generally drops a .cmd, .pif, and .exe to the root of discoverable drives, along with an autorun.inf file which contains instructions to load the dropped file(s) when the drive is accessed. The Sality virus joins infected machines to its own P2P network. Updates to the malware are fed via decentralized lists of HTTP URLs.

Remediation:

Scan the system with up-to-date antivirus software. If a file is found to be infected with Sality, allow the antivirus software to clean the file. If other malware is found, allow the antivirus to delete or take the action recommended by the scanner.
 If the malware persists, download the avg sality virus remover tool from here.

To prevent re-infection via infected USB drives, disable autorun.
How to remove Sality/ Win32 Virus How to remove Sality/ Win32 Virus Reviewed by My Views on 17:00 Rating: 5

No comments:

Powered by Blogger.