Win32.Sality.NBA is one of the Windows illegal malicious programs which may occupy system resources and slow down computers. Some of such malicious programs may frequently pop up advertising messages to interrupt computer users, while more severely they may destroy the data in computers. The followings are instructions on how to manually remove malicious spyware programs.
1. Boot your computer into safe mode to close all running processes.
2. Remember to back up your system before making any changes for future restore job when necessary.
3. Remove these Win32.Sality.NBA files:
%Temp%otjesjty.mof
%Documents and Settings%\[UserName]\Start Menu\ Activate.lnk
4. Open Registry Editor to delete the following registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce 'SelfdelNT'
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon 'Shell' = '%UserProfile%\Application Data\antispy.exe'
HKEY_LOCAL_MACHINE \Software \Microsoft \Windows \CurrentVersion \RunServicesOnce
HKEY_CURRENT_USER/Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Malware Defense
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments 'SaveZoneInformation' = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download 'RunInvalidSignatures' ='1'
5. It is possibly for Win32.Sality.NBA to load by hiding within the system WIN.INI file and the strings "run=" and "load=". So you must check carefully in order to thoroughly remove it from your computer.
6 It is necessary for you t clean the IE temporary files where the original carrier may store.
Your One Stop guide to be an I.T professional..
Sunday, September 4, 2011
How to Remove the Win32/Alman.NAB Virus
The Win32/Alman.NAB virus infects executable files on Windows operating systems. It creates a backdoor to to allow remote access to infected computers. The virus is able to spread to other computers on the same network. Win32/Alman.NAB attempts to disable all antivirus and security software. Manual removal is the most effective method of eliminating this virus.
Instructions..
1.Launch the task manager by pressing CTRL+ALT+DEL concurrently. End "Logger Converter.exe" and "server-Bifrost.exe."
2.Select the "Run" feature from the start menu. Insert "regedit" and select "OK." Open "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]" and delete the "Win32.Alman.B" regristry value.
3.Open Window's search feature and locate and delete all instances of "Logger Converter.exe", "server-Bifrost.exe", and "linkinfo.dll."
4.Update your antivirus definitions and run a full system scan. Delete all remnants of the infection.
Instructions..
1.Launch the task manager by pressing CTRL+ALT+DEL concurrently. End "Logger Converter.exe" and "server-Bifrost.exe."
2.Select the "Run" feature from the start menu. Insert "regedit" and select "OK." Open "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]" and delete the "Win32.Alman.B" regristry value.
3.Open Window's search feature and locate and delete all instances of "Logger Converter.exe", "server-Bifrost.exe", and "linkinfo.dll."
4.Update your antivirus definitions and run a full system scan. Delete all remnants of the infection.
Subscribe to:
Posts (Atom)