Sality infects local executable files, deletes files associated with installed security-related software including various antiviruses and firewalls. Then it runs a keylogging module, which collects system and network information, records user login names and passwords, steals sensitive information stored in specific files and finally sends all this data to a predefined e-mail address.
Sality can also open a back door providing the remote attacker with unauthorized access to the compromised computer. The intruder can control the system and steal other user sensitive information. Related files: oledsp32.dll
• Allows remote user connection
• Sends out logs by FTP or email
• Logs keystrokes
• Hides from the user
• Stays resident in background
Sality manual removal
oledsp32.dll, sysdll.dll, syslib32.dll
Sality files can be found in one of the following folders C:\Windows\System, C:\Windows\System32, C:\Winnt\System32 or in one of these directories: C:\Windows\Temp, C:\Winnt\Temp.
Geolocation of Sality
Post a comment
Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.