pls i have d virus in my system volume folder…avast only detects it but can do nothing else…I NEED HELP!!!

pls i need help on how to remove d virus from my system information volume without formatting the hard disk…n/b its an external LG hard disk.

hey i would recomend you try dr web cure it. they usally is good to solve those kind of heavy infection.

http://www.freedrweb.com/livecd/

good luck and let us know how it goes.

Shoot it up
http://support.kaspersky.com/viruses/solutions?qid=208279889

I had to clean two computers with Sality some days ago.
ESET Online did not detect all samples of it.
Kaspersky and Avira rescue CDs did not finished the job.
avast running at boot time clean some samples more.
In one of them, I gave up…

I suggest (maybe you can anticipate the step 7):

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, it is better and safer to send the infected file(s) to quarantine (Chest), rather than simply deleting them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Clean your Hosts file (replacing it) with HostsMan tool.
7. Disable System Restore and then reenable it again.
8. Immunize your system with SpywareBlaster.
9. Check if you have insecure applications with Secunia Software Inspector.

I suggest you use Sality Killer. If Sality Killer fails, there is no other option except format and reinstall.

How to disinfect my computer from Virus.Win32.Sality?

Good luck.

Kaspersky failed in my tests…

It worked for me 3 times,however this tool is very helpful too http://free.avg.com/us-en/win32-sality

The AVG one failed as well… Sality is a pain…

Depends on version and time(if it is more than 1 month,there is no turning back).I’ve removed it 3 times and failed 5

here try gdata boot cd https://www.gdatasoftware.co.uk/support/main-subjects/upgrade-service/download.html than download the boot cd

do you remember what is the name of executable that infect your computer? if you see it, then
go to your firewall settings > exemption. if you seen those executable name removed it in firewall settings then
Run avast boot time scan.

Regards!!!

Since it is in Restore (system volume folder), Tech’s step #7 should be all that is needed.
Turn off System Restore > restart your computer > Turn on System Restore again.