A malicious program that secretly integrates itself into program or data files. It spreads by integrating itself into more files each time the host program is run.
Disinfection & Removal
The detection name Virus:W32/Sality refers to a large family of viruses that infect executable files. Sality viruses are rather sophisticated in that they use an Entry Point Obscuration technique to hide their presence on the system.
Once installed on the computer system, Sality viruses usually also execute a malicious payload. The specific actions performed depend on the specific variant in question, but generally Sality viruses will attempt to terminate processes, particularly those related to security programs. The virus may also attempt to open connections to remote sites and steal data from the infected machine.
For representative examples of Sality viruses, see the following descriptions:
Description Created: 2010-05-04 08:33:51.0
Description Last Modified: 2010-08-16 08:11:38.0