Sality is a complex virus with keylogger and backdoor functionality. Once executed, the parasite installs itself to the system, checks the current time and runs a payload if hours are equal to minutes or if date is a predetermined one.
Sality infects local executable files, deletes files associated with installed security-related software including various antiviruses and firewalls. Then it runs a keylogging module, which collects system and network information, records user login names and passwords, steals sensitive information stored in specific files and finally sends all this data to a predefined e-mail address.
Sality can also open a back door providing the remote attacker with unauthorized access to the compromised computer. The intruder can control the system and steal other user sensitive information.
Related files: oledsp32.dll
• Allows remote user connection
• Sends out logs by FTP or email
• Logs keystrokes
• Hides from the user
• Stays resident in background
Automatic Sality removal:
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in
our Agreement of Use.
We are testing STOPzilla's efficiency at removing Sality
We are testing SpyHunter's efficiency at removing Sality
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency at removing Sality
We are testing XoftSpySE Anti Spyware's efficiency at removing Sality
Virus Removal Phone Support
Sality manual removal
oledsp32.dll, sysdll.dll, syslib32.dll
Sality files can be found in one of the following folders C:\Windows\System, C:\Windows\System32, C:\Winnt\System32 or in one of these directories: C:\Windows\Temp, C:\Winnt\Temp.
Geolocation of Sality
This map reveals the prevalence
of Sality. Countries and regions that have been affected the most
are: Indonesia, Philippines, Egypt, Thailand and Romania.
QR code for Sality removal instructions
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than
standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the
website is that parasites like Sality are really hard to remove on infected computer.
you can quicly scan the QR code with your mobile device and have manual removal instructions to
uninstall Sality right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.
Information added: 2006-01-18 04:03
Information updated: 2012-01-14 18:51
Attention: If you know know a reputable website reated to security threats, please add a link here: add url