Sality/Virut Infection [Canned Speech]

Griffin

Member
Reputation
0
I have unpleasant news for you. :( In addition to some malwares in the system, one of the infections is identified as Sality or so-called Virut virus. It's a file infector, and as such our efforts in cleaning will be futile. You'll be better off to perform a reformat and reinstall (clean install).

Win32/Virut.BM is a polymorphic file infector that targets .EXE and .SCR files. This virus also opens a backdoor by connecting to an IRC server, allowing a remote attacker to download and execute arbitrary files on the infected computer. you may refer to the following thread.

http://www.f-secure.com/v-descs/sality_q.shtml
http://www.sophos.com/security/analyses/w32salityaa.html

Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.

If you need assistance in performing a clean install, here are a couple of good guides to walk you through the process:

http://www.google.com.au/url?sa=t&s...sg=AFQjCNG7vBAUfm4_q4Xkh7sME-UgrGES_w&cad=rja <<--- XP
/winxppro/i...stallguides.htm <-- Windows XP
http://www.windowsreinstall.com/ <-- All OS's

Good luck.

Code:
I have unpleasant news for you. :( In addition to some malwares in the system, one of the infections is identified as [b]Sality [/b]or so-called [b]Virut [/b]virus. It's a file infector, and as such our efforts in cleaning will be futile. You'll be better off to perform a reformat and reinstall (clean install).

Win32/Virut.BM is a polymorphic file infector that targets .EXE and .SCR files. This virus also opens a backdoor by connecting to an IRC server, allowing a remote attacker to download and execute arbitrary files on the infected computer. you may refer to the following thread.

http://www.f-secure.com/v-descs/sality_q.shtml
http://www.sophos.com/security/analyses/w32salityaa.html

Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.

If you need assistance in performing a clean install, here are a couple of good guides to walk you through the process:

http://www.google.com.au/url?sa=t&source=web&cd=1&ved=0CCAQFjAA&url=http%3A%2F%2Fgrownupgeek.com%2Freformat&rct=j&q=reformat%20windows%20XP&ei=AbG6TNSzFI-uvgPMwcTxDQ&usg=AFQjCNG7vBAUfm4_q4Xkh7sME-UgrGES_w&cad=rja <<--- XP
/winxppro/i...stallguides.htm <-- Windows XP
http://www.windowsreinstall.com/ <-- All OS's

Good luck.
 
Top