GudangAntiVirus.com

AVG provide you with a list of specialized utilities for virus removal. The utilities can be used to remove of some of the most common viruses. The list is updated on regular basis.
Win32/Sality

If the infected computer is connected to LAN, disconnect it and re-connect only after all other computers have been checked and cleaned.

* Download file rmslt.exe
* Then run the tool for removal of infected files. The tool will automatically scan all available discs and will try to heal the infected files. If an active virus is found in memory, the tool will ask the user to reboot the computer. Healing will be performed during operating system boot-up sequence, so any active virus cannot interfere with the healing process.
* Update your AVG after restart and run a complete test. Should any infected files be found, delete them or restore from backup.

w32sality-virus

In addition, Sality opens a backdoor that allows the remote attacker to get the full control over the infected computer and this places any financial or banking information stored on your computer in severe jeopardy and represents a serious security risk.

Also known as: W32/Sality (McAfee), Virus.Win32.Sality.aa (Kaspersky), W32.Sality.AE (Symantec), Virus:Win32/Sality.AM (MS OneCare), PE_SALITY.EM (Trend)

W32/Sality is a parasitic virus that infects Win32 PE executable files. It is a polymorphic virus that attempts to spread by file infection. It looks for Win32 PE executable files with .EXE or .SCR file extensions, and infects any such files found on the system by appending the virus body to the host file.

The virus also attempts to propagate by copying itself with a random filename to network drives, including all removable disk drives. Sality.AA also creates an “autorun.inf” file in these drives so that the virus executes when it is accessed.

Read the rest of this entry »