Virus

How to remove “suspected of Virus.Win32.Sality.4”?

Malware Removal

The suspected of Virus.Win32.Sality.4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What suspected of Virus.Win32.Sality.4 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine suspected of Virus.Win32.Sality.4?



File Info:

name: 94080C4012921CA1A99F.mlw
path: /opt/CAPEv2/storage/binaries/30f44cc0edba08d1a833ae9d2c45e8b11d1d4f085069359f39d6a3957a05d593
crc32: 4A717545
md5: 94080c4012921ca1a99f563f2995e715
sha1: 0b76b6b16fcf5d03a229f68ed2fd7b7eef0ab221
sha256: 30f44cc0edba08d1a833ae9d2c45e8b11d1d4f085069359f39d6a3957a05d593
sha512: d2a3b28450072c8f87fcfee718dedd46afdc0835ef0d376936cf5e44cc159f3ee1a662b2c159851b072db4d4c338dd69799c2fa14dff943ae7370eff68e71ebb
ssdeep: 768:I3q3q0H36N7ubJlFNrPAnyekIv/Xf2cIJ:R3q0X6xubJlFNrPAnyekIv/XucIJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T187040A3A7949D0D5FF76057F8B66CDDA08C13D088984E8C7B1C97F5F1A33A1226A429E
sha3_384: 34aff214ec091dc6e94e7520091be76a36572f6add3dd7e283d315ce7bcd8cc9d597d754e499e1126adcfeb2b9878cc2
ep_bytes: 68b8864200e8eeffffff000000000000
timestamp: 2010-12-17 01:30:56


Version Info:

Translation: 0x0804 0x04b0
CompanyName: WY&DXG
ProductName: IZCT
FileVersion: 1.00
ProductVersion: 1.00
InternalName: IZCT
OriginalFilename: IZCT.exe

suspected of Virus.Win32.Sality.4 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
FireEyeGeneric.mg.94080c4012921ca1
McAfeeArtemis!94080C401292
MalwarebytesMalware.Heuristic.1001
Cybereasonmalicious.012921
BitDefenderThetaGen:NN.ZevbaF.34646.lq0@aSOfsQob
CyrenW32/Strictor.U.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:DangerousObject.Multi.Generic
NANO-AntivirusVirus.Win32.Sality.bgiylc
AvastFileRepMalware [Trj]
ComodoMalware@#38husol8sym7g
DrWebTrojan.Siggen5.59949
McAfee-GW-EditionBehavesLike.Win32.Virus.cz
Trapminemalicious.high.ml.score
AviraTR/Patched.Ren.Gen
Antiy-AVLTrojan/Generic.ASMalwS.330C
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
VBA32suspected of Virus.Win32.Sality.4
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.W32.Sality.K
AVGFileRepMalware [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove suspected of Virus.Win32.Sality.4?

suspected of Virus.Win32.Sality.4 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment