Expert: Keith Davis - 12/19/2009

Question
I have a very persistent virus on my computer that I just can't seem to remove. I have run full scans using Avira Antivir, Windows Defender, Spybot Search and Destroy, and Malware Bytes Anti-Malware - all of which are updated very regularly - but still no luck. I've tried quarantine, file removal, and denying access, but these are all temporary fixes - it always comes back after a few hours.

The virus name, according to Avira, is "TR/Crypt.ZPACK.Gen [trojan]". The actual file name is "tdlcmd.dll", which appears in my Windows/System32 folder. There may also be other viruses on my system, I'm not sure.

I haven't lost any major computer functions that I know of, so I'm not really sure what the virus is doing. But it has been on my system for over a month now, and I've nearly given up.

Please help me remove this virus.

Answer
This is a really bad one. Before we go any farther in trying to remove it, read this thread. It has a fix. I'm just not sure if it applies to your system. I think it is using a HijachThis log. HJT is a program that scans everything that is running on your computer and you submit a copy of the log on a message board such as the one in the link. Then they tell you exactly what to remove with HJT. Let me know what you think after reading the link and we will go from there. http://forums.majorgeeks.com/showthread.php?t=187883

Keith