Encyclopedia entry
Updated:
Apr 17, 2011
| Published:
Jul 08, 2008
Aliases
Win32/Kashu.B
(AhnLab)
-
Win32.Sality.NX
(BitDefender)
-
Win32/Sality.W
(CA)
-
Win32.Sector.5
(Dr.Web)
-
Win32/Sality.NAO
(ESET)
-
W32/Sality.AJ
(Frisk (F-Prot))
-
Virus.Win32.Sality.y
(Kaspersky)
-
W32/Sality.AE
(McAfee)
-
W32/Sality.AO
(McAfee)
-
W32/Smalltroj.DXSV
(Norman)
-
W32/Sality-AM
(Sophos)
-
W32.Sality.AE
(Symantec)
-
Win32.Sality.AK
(VirusBuster)
Alert Level
(?)
Severe
Antimalware protection details
Microsoft recommends that you download the
latest definitions
to get protected.
Detection last updated:
Definition: 1.143.79.0
Released: Jan 16, 2013
|
|
Detection initially created:
Definition: 1.45.287.0
Released: Oct 07, 2008
|
Summary
Virus:Win32/Sality.AM is a variant of a family of polymorphic file infectors that target Windows executable files with extensions .SCR or .EXE. They may execute a damaging payload that deletes files with certain extensions and terminates security-related processes and services.
Symptoms
System Changes
The following system changes may indicate the presence of Virus:Win32/Sality.AM:
Technical Information (Analysis)
Virus:Win32/Sality.AM is a variant of a family of polymorphic file infectors that target Windows executable files with extensions .SCR or .EXE. They may execute a damaging payload that deletes files with certain extensions and terminates security-related processes and services.
Prevention
Recovery
To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
