x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Sality.S

Threat LevelHigh threatDamageSevereDistributionNot widespread
Common name:Sality.S
Technical name:W32/Sality.S
Threat level:Medium
Type:Virus
Effects:  

It infects PE (Portable Executable) files, ends processes belonging to several security tools and obtains information from the computer. It reaches computers when these infected files are distributed.

Affected platforms:

Windows XP/2000/NT/ME/98/95

First detected on:May 19, 2006
Detection updated on:June 5, 2006
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 

    

Sality.S is a virus that infects PE files (Portable Executable). It also ends processes belonging to several security tools and obtains information from the computer, such as shared resources passwords, IP address and computer name, among others.

Then, it sends the gathered data via email, using its own SMTP engine.

It reaches computers when these infected files are distributed, which can enter computers through any of the typical means of tranmission, which include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

Visible Symptoms 

    

Sality.S is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.