(Canned Speech) Virut/Sality Reformat Speech - Printable Version +- Support Forums (https://www.supportforums.net) +-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87) +--- Forum: Virus Protection, Removals, and HJT Team (https://www.supportforums.net/forumdisplay.php?fid=56) +---- Forum: HJT Squad Forum (https://www.supportforums.net/forumdisplay.php?fid=57) +---- Thread: (Canned Speech) Virut/Sality Reformat Speech (/showthread.php?tid=12902) |
(Canned Speech) Virut/Sality Reformat Speech - AsSaSs@iN - 10-17-2010 I have unpleasant news for you. In addition to some malwares in the system, one of the infections is identified as Sality or so-called Virut virus. It's a file infector, and as such our efforts in cleaning will be futile. You'll be better off to perform a reformat and reinstall (clean install). Win32/Virut.BM is a polymorphic file infector that targets .EXE and .SCR files. This virus also opens a backdoor by connecting to an IRC server, allowing a remote attacker to download and execute arbitrary files on the infected computer. you may refer to the following thread. http://www.f-secure.com/v-descs/sality_q.shtml http://www.sophos.com/security/analyses/w32salityaa.html Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable. If you need assistance in performing a clean install, here are a couple of good guides to walk you through the process: http://www.google.com.au/url?sa=t&source=web&cd=1&ved=0CCAQFjAA&url=http%3A%2F%2Fgrownupgeek.com%2Freformat&rct=j&q=reformat%20windows%20XP&ei=AbG6TNSzFI-uvgPMwcTxDQ&usg=AFQjCNG7vBAUfm4_q4Xkh7sME-UgrGES_w&cad=rja <<--- XP http://www.windowsreinstall.com/ <-- All OS's Good luck. Code: I have unpleasant news for you. :( In addition to some malwares in the system, one of the infections is identified as [b]Sality [/b]or so-called [b]Virut [/b]virus. It's a file infector, and as such our efforts in cleaning will be futile. You'll be better off to perform a reformat and reinstall (clean install). |