Salus
Posted: August 14, 2014
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 9,638 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 61,553 |
| First Seen: | August 14, 2014 |
|---|---|
| Last Seen: | October 9, 2023 |
| OS(es) Affected: | Windows |
Salus or ads by Salus is an adware application that could be loaded on your system without your knowledge all due to installing a freeware program or bundled software obtained from the internet. When Salus is running on your computer you are apt to noticing several pop-up ads appearing where they may attempt to offer various means of watching movies on the internet or other services. The use of the Salus ads may also redirect your web browser to other questionable sites. Additionally, Salus could reduce the performance of your web browser making it hard to view certain pages at optimal speed. Eliminating of the Salus adware could take finding all related components or plugins and removing each of them.
Aliases
Adware/Alnaddy [Fortinet]Trojan/Win32.TSGeneric [Antiy-AVL]Generic.A07 [AVG]Alnaddy [Sophos]Adware.Siggen.31159 [DrWeb]Riskware ( 0040f0f51 ) [K7AntiVirus]Artemis!09F59DB84947 [McAfee]WS.Reputation.1 [Symantec]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%PROGRAMFILES(x86)%\0ca45c95134d\cf3e08d747e4.exe
File name: cf3e08d747e4.exeSize: 646.14 KB (646144 bytes)
MD5: fca358d4190e66a11eb784784324420d
Detection count: 9,947
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\0ca45c95134d
Group: Malware file
Last Updated: September 3, 2020
c:\program files\salus\crashmon.exe
File name: crashmon.exeSize: 404.99 KB (404992 bytes)
MD5: 60158655b4268ae96e4133050b761de6
Detection count: 8,385
File type: Executable File
Mime Type: unknown/exe
Path: c:\program files\salus\crashmon.exe
Group: Malware file
Last Updated: September 20, 2023
C:\Program Files\SU1MzZWFiY2RjNA\b786bdb3c67d.exe
File name: b786bdb3c67d.exeSize: 2.38 MB (2385920 bytes)
MD5: 0621600df5521d74934f50def2b45d14
Detection count: 6,839
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files\SU1MzZWFiY2RjNA\b786bdb3c67d.exe
Group: Malware file
Last Updated: April 3, 2022
%PROGRAMFILES(x86)%\Isis\CrashMon.exe
File name: CrashMon.exeSize: 398.84 KB (398848 bytes)
MD5: 47cac297cdae9e9bddf2a9ef2d5d2f05
Detection count: 3,546
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Isis
Group: Malware file
Last Updated: March 15, 2020
%PROGRAMFILES%\Isis\CrashMon.exe
File name: CrashMon.exeSize: 398.84 KB (398848 bytes)
MD5: e29dcdf9e38dbec29c2b0b79c454391a
Detection count: 1,515
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Isis
Group: Malware file
Last Updated: June 2, 2019
C:\Backup old pc\Windows\System32\drivers\b786bdb3c67d.sys
File name: b786bdb3c67d.sysSize: 47.48 KB (47488 bytes)
MD5: c90a30ebff47cf4fcb5e5dbeee2e345e
Detection count: 885
File type: System file
Mime Type: unknown/sys
Path: C:\Backup old pc\Windows\System32\drivers\b786bdb3c67d.sys
Group: Malware file
Last Updated: May 21, 2021
%WINDIR%\System32\drivers\isis.sys
File name: isis.sysSize: 37.37 KB (37376 bytes)
MD5: 065cafadc592b0708f72ee6ace60c2c7
Detection count: 518
File type: System file
Mime Type: unknown/sys
Path: %WINDIR%\System32\drivers
Group: Malware file
Last Updated: December 2, 2019
%PROGRAMFILES(x86)%\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe
File name: mwiynzm4ndy1yjz.exeSize: 2.39 MB (2390016 bytes)
MD5: df77c2a4445496a04ba0b1d1673bf63e
Detection count: 295
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Smwyyntm1ndi1zdz
Group: Malware file
Last Updated: March 10, 2015
%PROGRAMFILES(x86)%\Universal Updater\UpdaterService.exe
File name: UpdaterService.exeSize: 623.06 KB (623064 bytes)
MD5: 92cf16e0be041125c2dc62ee324e4338
Detection count: 244
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Universal Updater
Group: Malware file
Last Updated: July 23, 2016
%PROGRAMFILES%\Uzdaxy2rhmzrlnwz\zgmxzmqzm2vlmgy.exe
File name: zgmxzmqzm2vlmgy.exeSize: 702.97 KB (702976 bytes)
MD5: 562aa480853c8d533d5ac981e5d13090
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Uzdaxy2rhmzrlnwz
Group: Malware file
Last Updated: January 7, 2017
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%WINDIR%\System32\drivers\b786bdb3c67d.sysHKEY..\..\..\..{RegistryKeys}SOFTWARE\SalusSOFTWARE\Wow6432Node\SalusSYSTEM\ControlSet001\Enum\Root\LEGACY_MWIYNZM4NDY1YJZSYSTEM\ControlSet001\services\mwiynzm4ndy1yjzSYSTEM\ControlSet002\Enum\Root\LEGACY_MWIYNZM4NDY1YJZSYSTEM\ControlSet002\services\mwiynzm4ndy1yjzSYSTEM\CurrentControlSet\Enum\Root\LEGACY_MWIYNZM4NDY1YJZSYSTEM\CurrentControlSet\services\mwiynzm4ndy1yjzHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Salus
Regexp file mask%WINDIR%\System32\drivers\b786bdb3c67d.sysHKEY..\..\..\..{RegistryKeys}SOFTWARE\SalusSOFTWARE\Wow6432Node\SalusSYSTEM\ControlSet001\Enum\Root\LEGACY_MWIYNZM4NDY1YJZSYSTEM\ControlSet001\services\mwiynzm4ndy1yjzSYSTEM\ControlSet002\Enum\Root\LEGACY_MWIYNZM4NDY1YJZSYSTEM\ControlSet002\services\mwiynzm4ndy1yjzSYSTEM\CurrentControlSet\Enum\Root\LEGACY_MWIYNZM4NDY1YJZSYSTEM\CurrentControlSet\services\mwiynzm4ndy1yjzHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Salus
Additional Information
The following directories were created:
%PROGRAMFILES%\0ca45c95134d%PROGRAMFILES%\Salus%PROGRAMFILES%\Smwyyntm1ndi1zdz%PROGRAMFILES%\Umtayyznhndq1ntz%PROGRAMFILES%\f552dd4c52e3%PROGRAMFILES(x86)%\0ca45c95134d%PROGRAMFILES(x86)%\Salus%PROGRAMFILES(x86)%\Smwyyntm1ndi1zdz%PROGRAMFILES(x86)%\Umtayyznhndq1ntz%PROGRAMFILES(x86)%\f552dd4c52e3
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.