Sality is a complex virus with keylogger and backdoor functionality. Once executed, the parasite installs itself to the system, checks the current time and runs a payload if hours are equal to minutes or if date is a predetermined one.
Sality infects local executable files, deletes files associated with installed security-related software including various antiviruses and firewalls. Then it runs a keylogging module, which collects system and network information, records user login names and passwords, steals sensitive information stored in specific files and finally sends all this data to a predefined e-mail address.
Sality can also open a back door providing the remote attacker with unauthorized access to the compromised computer. The intruder can control the system and steal other user sensitive information.
Related files: oledsp32.dll
• Allows remote user connection
• Sends out logs by FTP or email
• Logs keystrokes
• Hides from the user
• Stays resident in background
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
and Agreement of Use
Sality manual removal:
oledsp32.dll, sysdll.dll, syslib32.dll
Sality files can be found in one of the following folders C:\Windows\System, C:\Windows\System32, C:\Winnt\System32 or in one of these directories: C:\Windows\Temp, C:\Winnt\Temp.
Geolocation of Sality:
This map reveals the prevalence of Sality. Countries and regions that have been affected the most are: Indonesia, Philippines, Egypt, Thailand and Romania.
QR code for Sality removal instructions:
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.
The reason we add QR code to the website is that parasites like Sality are really hard to remove on infected computer.
you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Sality right in your pocket.
Simply use the QR scanner and read removal instructions from mobile device.