Guide for fully disinfecting Vetor and Sality
07:14:00 | 11-11-2011

Vetor and Sality are two typical metamorphic virus families. Metamorphic viruses can bypass almost all antivirus programs lacking deep scan option. An antivirus program, if using fixed virus signature sets to scan for virus, will not be able to detect all the "morphs" of polymorphic and metamorphic viruses, causing incomplete removal.

Vetor originates in Germany and has been raging on the Internet for nearly 3 years. It is currently generating new and more complex variants. Sality, which was originally a file infector, appeared a few years ago. During the past 2 years, Sality has been continually producing new variants and evolving to metamorphic virus.

New variants of Vetor and Sality have become a challenge to not only users but by antivirus vendors as well. Some softwares cannot detect and disinfect completely the forms of these 2 metamorphic virus families. In many cases, instead of being recovered, infected files are deleted or isolated, resulting in the loss of program files or even Windows' breakdown due to the deletion of Windows' system files.

Recently, W32.Vetor.PE and W32.Sality.PE have been continually "ruling" the statistics of most infectious viruses.

Like other polymorphic or metamorphic virus families, all variants of Vetor and Sality are updated in Bkav's signature database. The software will detect and disinfect the virus completely and restore the affected files to their original state instead of removing them.

You can find out information about polymorphic and metamorphic viruses as well as instructions for completely removing metamorphic viruses with Bkav IS here

If there are any virus related problems or any unusual incidents on your computer, please contact please contact Bkav by following the guide here.