Virus In My Computer!

Hello:

I have a virus in my computer. I scanned it with Avast! antivirus and it removed the virus. However, when I retarted the computer the virus came back again. How to remove this virus permanently in my computer?

Thank you.

I suggest:

  1. Clean your temporary files.
  2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  5. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  6. Disable System Restore and then reenable it again.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

Can you say what is the infected file name, where was it found (C:\windows\system32\infected-file-name.xxx)?
What avast! version and virus database are you using? (see About dialog of avast!)

Thanks for the fast reply. How about reformatting my c: drive and reinstalling my operating system. Does that help or will the virus still remain in the computer?

Thank you.

Short answer NO,

That is an action of absolutely last resort an we haven’t even got to the first page yet.

I would however simplify it somewhat by gathering some information ?

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.

Don’t look at Tech’s instructions and think oh my god, taken a step at a time it isn’t a problem.

Take it a step at a time and report your findings on that, step 1&2 can be done and report if either found anything and what it/they found.

Then move to the next step.

Reformating is not the first option… is the last one…
You could learn choosing a non-radical way to get clean :wink:

The name and the directory of this virus is below:

Sign of “Win32:Bravix-B [Drp]” has been found in “c:\windows\system32\tdssadw.dll” file.
Sign of “Win32:Bravix-B [Drp]” has been found in “c:\windows\system32\tdssl.dll” file.

Thank you.

Did you try the steps of cleaning I’ve posted before? ???

First based on the file names and location this looks like a good detection. A google search for tdssadw.dll shows that this is also associated with a rootkit so that may be what is recovering/restoring the files. See http://www.prevx.com/filenames/X2098753119684134459-X1/TDSSADW.DLL.html and http://www.prevx.com/filenames/X553985199105814467-X1/TDSSL.DLL.html.

So you need to step through Tech’s instructions and possible jumping to step 4. the anti-rootkit scans and then proceed from the start.