Sality is an computer virus which will infected any files with extension .exe .com and .scr , sality will using your default share folder to spreading in your network area beside that sality using old autorun.inf technique also to spreading.
Your application will become a little bigger in size around 60kb-80kb after sality infected it.
No need to hide this virus was created in China /Taiwan it have some website list to update himself with new varian some of them pedmeo222nb.info, pzrk.ru, technican.w.interia.pl, www.kjwre9fqwieluoi.info and many more.
Blocking this site list using hosts file might help you in short condition but after it updated you might in trouble again. like almost smart virus in the past sality have protection to keep him alive in their computer target. Sality will kill any application/website with some string list such as, avast! antivirus, F-Secure Gatekeeper Handler Starter, NOD32krn and many more.
Sality will blocking your firewall, security notification, and also your computer safe mode.
The easiest way to know if you’re infected by this virus is you can’t boot your computer in safe mode or some application will not run when you open it. When this happen follow this step…..
Remove W32/Sality.AE
1. Disconnected your computer from the network.
2. Turn off “System Restore” when in cleaning process.
4. Kill active process in your computer backround and checking your startup file you can use hijackthis.
5. Scan with Norman Malware Cleaner please note because this virus will infected files with extesion .exe com and .scr you have to rename Norman_Malware_Cleaner.exe with new extension example Norman_Malware_Cleaner.cmd
please make sure you downloaded fresh new cleaner from norman official website and don’t run it before you change the extension or this cleaner will got infected first before he can eliminate sality.
6. For repair your computer to booting in safe mode please download this file and merge only one that same with your windows version.
7. Repair your registry using this file right click on it then choose install.
8. Reboot your computer and scan again with norman malware cleaner, after that reboot again to make sure your system clean.
No comments:
Post a Comment