Sality Removal Guide

Sality Description

Sality (also referred to as Virus.Win32.Sality.aa) is a virus that has backdoor capabilities and executes keylogger and may infect executable files by putting its code to host files. Once it is installed, Sality virus will infect local executable files and delete all files that are associated with anti-virus and anti-spyware applications, as well as firewalls. After this, Sality runs a keylogging module that gathers all system and network information, records passwords and login names, steals all sensitive information and sends all this collected data to a predefined email address. In addition, Sality opens a backdoor that allows the remote attacker to get the full control over the infected computer and this places any financial or banking information stored on your computer in severe jeopardy and represents a serious security risk.

Sality or Virus.Win32.Sality.aa Automatic Detection (Recommended)

Is your PC infected with Sality? To safely & quickly detect Sality, we highly recommend you…

Download SpyHunter's Malware Scanner Download SpyHunter’s* Malware Scanner.

Sality Manual Removal Instructions

Backup Reminder: Always be sure to back up your PC before making any changes.

Step 1 : Use Windows Task Manager to Remove Sality Processes

Remove the “Sality” processes files:

Read more on How to kill Sality Processes

Step 2 : Use Windows Command Prompt to Unregister Sality DLL Files

Search and unregister “Sality” DLL files:

Read more on How to Remove Sality DLL Files

Step 3 : Detect and Delete Other Sality Files

Remove the “Sality” processes files:

Read more on How to Delete Harmful Files

Step 4 : View the Sality Components with its MD5s

Remove the “Sality” components:

File Name File Size MD5
bd3q0qix.exe 185856 b503241f1dcc27fe6fb0998d2b05fdb4
load[1].exe 81408 426444c904c4d960118913467204ed0d
TckBX673.exe 147456 046f1a09caa11f2e69162af783d7e89c
qp673812.dll 81920 72410784cc6a484cc839f254d68e0eea
bnmio.exe 245248 0d387355f021bc846217c08bc55a57b2
winafoe.exe 17920 334215be25fe0b1d4ce4286318fd0472
7g7G8B2C.exe 73728 f339095d454772ad8cb9c340f13e1678
sa-643166.exe 195072 e3bec9eb5e9375f37d681dd17bbbdd4e
iii[1].exe 100864 5fc359ad746100efc0d82d6e1c29f77d
winkfmc.exe 8704 f718b5d0f994207183694e207046ac69
Msmsgs.exe 407968 9e35482e8ef527840071f91218658932
bd3q0qix.exe,vamsoft.exe 181760 e7b53d00459864b22552f7119179fd29
ParisHilton[1].exe 7820736 4358fc8cb0254b909eab71431332918c
winjmxy.exe 19968 c24411d4e373e19404eb3154f3233ad0



Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:


You are commenting using your account. Logout /  Ubah )

Foto Google+

You are commenting using your Google+ account. Logout /  Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout /  Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout /  Ubah )


Connecting to %s

%d blogger menyukai ini: