W32/Sality.gen.z is a computer virus that seems to be a legitimate program, but, in fact, is a malicious threat. W32/Sality.gen.z may proliferate by infecting files on a network file system or a file system that is shared by another computer. W32/Sality.gen.z may be installed for malicious purposes by a hacker enabling to get remote access to the infected computer in order to steal passwords, Internet banking and personal information. W32/Sality.gen.z changes system security center, registry entries and disables anti-virus software and firewall. You need to remove W32/Sality.gen.z as soon as possible.
How Can You Detect W32/Sality.gen.z?
W32/Sality.gen.z Removal Details
W32/Sality.gen.z creates the following files in the system:
- C:\System\[RANDOM CHARACTERS]
- C:\Documents and Settings\[user name]\Application Data\[RANDOM CHARACTERS]
- C:\Program Files\[RANDOM CHARACTERS]
- C:\WINDOWS\system32\Drivers\[RANDOM CHARACTERS]
- C:\Documents and Settings\[user name]\Local Settings\Temp\[clear all]
- C:\[RANDOM CHARACTERS]
- C:\WINDOWS\system32\[RANDOM CHARACTERS]
- C:\Documents and Settings\[user name]\Local Settings\Temporary Internet Files\[clear all]
W32/Sality.gen.z creates the following registry entries:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM CHARACTERS].exe”