Virus:Win32/Sality.AT
Virus:Win32/Sality.AT is a damaging computer virus that spreads via malicious files, installed programs or removable media. Virus:Win32/Sality.AT is replicated by infecting files, installed software or removable media. Virus:Win32/Sality.AT usually corrupts computer in the form of a program or programming code which involves a malicious payload. Virus:Win32/Sality.AT invades and installs the affected computer without awareness or authorization when you open unidentified email attachment, image, use instant messaging, etc. Virus:Win32/Sality.AT has to be removed once detected on a computer system to keep your computer clean and protected.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\cmd.exe 2 %System%\mmc.exe 3 %System%\taskmgr.exe 4 %Windir%\system.ini 5 c:\autorun.inf 6 c:\gmsv.pif
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\ApcrmkehHKEY_CURRENT_USER\Software\Apcrmkeh\-72398023HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\SvcHKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AMSINT32HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AMSINT32\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVERHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_IPFILTERDRIVER\0000\ControlHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amsint32HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amsint32\SecurityHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPFILTERDRIVERHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPFILTERDRIVER\0000HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_IPFILTERDRIVER\0000\Control
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.