PE_SALITY.AC is a virus that spreads to executable (AKA .exe) files on your computer and is classified as a high-level threat due to installing backdoor Trojan components that also include keylogging functions. Recent PE_SALITY.AC attacks have been found embedded in yet another backdoor Trojan, BKDR_RILER.SV, which is distributed in e-mail spam campaigns targeted at pro-Tibet activists.
How PE_SALITY.AC Contaminates the Rest of Your Computer – and to What End
PE_SALITY.AC, like all viruses, infects other files instead of existing as a separate file on your hard drive. Although PE_SALITY.AC is limited to spreading to .exe file types, there aren’t many other restrictions on PE_SALITY.AC’s ability to proliferate, and PE_SALITY.AC may even infect basic system components, network-shared files or files on external devices. Also identified by aliases like Virus.Win32.Sality.k, W32/Sality.J, W32.HLLP.Sality!inf and W32/Sality.m, PE_SALITY.AC specializes in installing a second Sality-based PC threat, BKDR_SALITY.A, which attempts to compromise your computer’s security and launch attacks according to instructions that it requires from a Command & Control server. SpywareRemove.com malware experts particularly warn against BKDR_SALITY.A’s potential for recording keyboard input to steal passwords, credit card numbers and other types of sensitive data.
While PE_SALITY.AC can propagate through various methods, as noted above, the most recent incidents of PE_SALITY.AC attacks have ridden on the crest of a wave of spam e-mail messages. These e-mail scams attempt to offer fake instructions on how to use Apple-brand products for pro-Tibetan activists, but this offer is just an attempt to install PE_SALITY.AC and BKDR_RILER.SV. This is achieved through an exploit that’s specific to some versions of Microsoft Office and Open XML File Format Converter, and SpywareRemove.com malware researchers strongly encourage you to keep these products updated to their latest versions to close all vulnerabilities that could be used to infect your PC with PE_SALITY.AC.
Shutting Down PE_SALITY.AC’s Gravity Train and Saving Your Executable Files
Because the latest PE_SALITY.AC attacks are especially noted to use multiple types of PC threats and because even PE_SALITY.AC, by itself, is capable of using advanced methods to infect other files and conceal its attacks, SpywareRemove.com malware analysts discourage any attempt to delete PE_SALITY.AC without some help from either anti-malware software or a PC security expert. If you’ve had any significant contact with file attachments that resemble the descriptions noted earlier, you should take appropriate measures and scan your PC, particularly since prolonged exposure to PE_SALITY.AC’s attacks can leave your computer in a high state of vulnerability.
Default behavior for PE_SALITY.AC and related PC threats includes piggyback-riding on other system processes to enable their attacks, and you shouldn’t expect to be able to detect PE_SALITY.AC or related Trojans as separate files. However, you may be able to notice discrepancies in RAM usage and other system resource expenditures as a telltale sign of infection by PE_SALITY.AC or similar PC threats that launch themselves automatically and conduct backdoor-related attacks.
PE_SALITY.AC Automatic Detection Tool (Recommended)
Is your PC infected with PE_SALITY.AC? To safely & quickly detect PE_SALITY.AC, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect PE_SALITY.AC What happens if PE_SALITY.AC does not let you open SpyHunter or blocks the Internet?
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
Posted: May 15, 2012 | By SpywareRemove
Threat Level: 9/10
Rate this article:
Detection Count: 26