Troj/TdlMbr-A (Trojan) need help removing!

November 19, 2010 at 20:36:28
Specs: Windows 7

Not sure how this virus breached my computer. I've done extensive research for over 3 days of ways to fixing the problem.
Info I've gathered is that:
- this is a boot sector virus.
- it infects writable CDs, and USB flash drives.

So far I've noticed on certain websites related to how to get rid of this it redirects me to another site. The redirecting has happened several times.

Other than that I've not experienced any slow downs.

Summary of over the past 3 days since first time virus was detected:

- I detected the virus with my webroot antivirus software after I did a full scan from encountering security tool virus. Getting rid of the Security tool virus was rather easy to do manually but after the removal i did this scan and found some traces and this virus Troj/TdlMbr-A.

- I downloaded Malwarebytes Anti-Malware (2 traces were detected and a rootkit).

- I downloaded the free version of Avast and a different type of virus was detected which was shortly removed.

- from my webroot antivirus software Troj/TdlMbr-A is detected again plus another Trojan that was something like Troj/Wen - . The trojan is safely removed...


- with no hope of finding any solutions I backed up my files to my online storage account. Did a whole system recovery to default factory settings. Starting with my computer fresh, I go to webroot website and download an even newer version than the one i had...
Troj/TdlMbr-A virus is detected again...
My arsenal really has ran out... I'm sure that by buying norton or mcafee it really wont make much of a difference. This virus is in the physical drive and somehow got sticked internally since after recovering the whole system the virus was still there.


This virus isnt causing any major damage at the moment but I'm afraid it might at any given time. It doesnt infect files, but rather the drive its saved in... Not to mention I'm afraid of accessing any of my bank accounts, major e-mails, social networks, etc... Due to this virus. This is my only computer, laptop, own personal laptop.... I really don't know what else to do. I'm hoping to find some answers...


See More: Troj/TdlMbr-A (Trojan) need help removing!

Report •


#1
November 19, 2010 at 22:20:05

Hi Steve,
try
1- trojan remover
http://www.simplysup.com/tremover/d...
2- hitman pro
http://www.surfright.nl/en/hitmanpro
and remove all they find
You may also want to try
tdss killer
http://support.kaspersky.com/viruse...

Is your system 32 or 64 bit?

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#2
November 20, 2010 at 08:48:06

XpUser4Real,

I can't thank you enough! Here is what happened.

I downloaded The Trojan Remover, that didn't really help. It wasn't able to detect anything. The one that really helped and did all the work was hitman Pro. I can't believe how amazing this piece of software is. It hit right at the source.

The following had not been detected by any of my softwares:
Possible Variant of the TDL3 (alias Alureon) rootkit detected
its referencing a hidden driver. it affects the detection of malicious files.

Master Boot Record(Sector 0)
Contains Bootkit,
Bootkit.TDSS


As suggested, I deleted all these files. Computer had to be restarted to finish removal.
I restart, as soon as desktop shows up. I do second scan with hitman pro. It finds a bunch of cookies that had not been detected before and removes them.
I do a full scan with Webroot Anti-virus, Malwarebytes Anti-Malware, Avast Anti-virus.
Nothing found besides just one cookie in Webroot Anti-virus.
Before on every scan Webroot would always detect Troj/TdlMbr-A. And now it seems all clean.
Thank you so much and I'm definitely buying Hitman Pro.

I just had one more question. Since Hitman Pro only fights threats in the computer but doesnt really prevent them because it doesnt have any shields.
Therefore I still need to have an Anti-virus software. I currently have Webroot Anti-Virus but the subscription ends in about 8 days. I was wondering if you had any recommendations on what would be the best Anti-Virus Software that I can purchase next to protect my computer. Or should I just renew Webroot?

Again, THANK YOU SO MUCH!


Report •

#3
November 20, 2010 at 15:15:55

Hey, thanks a million for posting back. I would suggest Avast Free, I've been using it for almost 10 years now and it has given me the best protection.
On my main PC I use
1- Win Patrol
2- Threatfire
3- Spyware Blaster
4- Avast Free
They all work great together, hope that helps....oh, and they are all FREE too!

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

Related Solutions

#4
November 22, 2010 at 17:46:12

Hey, SteveBb and XPUser4Real, thanks to both of you for your posts. I've run into the EXACT same problem with Troj/TdlMbr-A and am in the process working through the fixes you've described. Steve, just as you experienced, Hitman is finding all kinds of malware that my copy of Webroot had completely missed.

I admit that I find it really disappointing that I did all the steps we're supposed to do to protect ourselves and still got hit. I'll definitely be taking your suggestions and switching to a combination of Avast and Hitman instead.

Thanks again to both of you!

Joel


Report •

#5
November 22, 2010 at 19:57:04

Thanks for posting back & Glad it helped you!

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#6
November 25, 2010 at 19:49:48

SteveBb and XpUser4Real, thanks to both of you. This worked for me but now i can no longer open Webroot Anti-virus or Malwarebytes. I get a warning everytime I restart my computer that says my anti-virus software isn't turned on but then it doesn't let me activate it. Also none of my other programs that are supposed to boot on start-up do. I can still connect to the internet but I can't actually get on the web. When I click on Fire Fox it goes through the process of loading and then just doesn't do anything. Is there anything I can do about this? Thanks

Report •

#7
November 25, 2010 at 20:24:50

you may want to start a new thread,
thanks

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •


Ask Question