how to remove malware: Sality

Hello, I am sorry I haven't posted in a while, I was busy preparing for a choir trip, I had to focus on school, and I didn't know what to write. If you are new here, Hello, I am oliver, and I write about programming, malware, cybersecurity threats, and more! Today I am going to write about removing the malware, Sality. It is spyware for those who don't know.

Detection Names:

• Win32:Kukacka (Avast)

• Win32.sality.OG (Bitdefender)

• Win32/Sality.NAR (ESET)

• Virus.Win32.Sality.gen (Kaspersky)

• trojan.agent (Malwarebytes)

Here is where I got the detection names: https://www.virustotal.com/gui/file/eafb314898bf366994debabc7379af8d2bf2fa2e51f7aa4b88578983cc7a539d/detection

How you get infected with this malware:

• Removable Drives

• Infected modems and routers

• Pirated software

• Email attachments

How you remove it:

1. Download autoruns (you can get it from here: https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns )

2. enter safe mode

3. extract the downloaded autoruns archive and run the autoruns.exe file

4. in autoruns, click options, and uncheck hide empty locations and hide windows entries and then click the refresh icon

5. Check the list provided by autoruns and locate the malware file (in task manager it is called Internet Connection Wizard), right click once over it, and press 'delete'

6. after this, it has been removed, but if you want to, you can search for the malware file. Search for these (%SYSTEM%\wmdrtc32.dll , %SYSTEM%\wmdrtc32.dl_)