SWLABR

If your PC is back to a working state, copy 'My Documents' / 'Documents and Settings' to a USB drive (your IE favorites, pix, music, etc. are in there). Use your restore disks to give yourself a fresh OS and invest in Norton Internet Security 2010. It's the best against viruses, malware, spyware and pretty much any threat. It'll catch and quarantine viruses like you have/had before it takes over your machine. The 'free' antivirus and spyware protection out there - Spybot, AVG, etc. - are limited. Going forward, you'll have no issues if you run Norton IS 2010...

Hope this helps...

m1ashooter

This is why I quit using windows but unfortunately running it is sometimes a necessary evil. That being said anytime you're surfing the Internet and a window pops up similar to what 92 Toy posted above it's some kind of malwire, virus, etc. They pop up a window making you think you have every virus in existence and you naturally click on it cuz you don't want a virus. When you click "Remove" or whatever they say you actually "execute" the malware, virus, whatever. After that you're screwed. They are next to impossible to get rid of without drastic measures such as reinstalling, formatting, so forth.

A free open source virus scanner is http://www.clamwin.com.
In the past I always used and had success with AdAware. (http://www.lavasoft.com/products/ad_aware_free.php)
There was something else similar to Ad-Aware but I can't remember what it's called now. It's been a couple of years since I used windows at home. I would almost say it should be mandatory to download and only use Firefox (http://www.mozilla.com/en-US/) but now I'm showing my anti-microsoft bias.
Final thoughts: If you have McAfee, Norton, or ClamAV installed and anything else pops up saying you have a virus don't click on it.

m1ashooter

Spybot is the one I couldn't remember. I see SWLABR posted it while I was typing my two cents worth.

mt_goat

Yes that looks very much like one screen I was getting, except the name was "Internet security 2010".

This thing kept on countering every move to get rid of it, almost like it was learning from my efforts to stop it. At first I found the way around its task manager disable. By going to Hkey_current_user\software\microsoft\windows\curre ntversion\policies\system and looking for a file called "Disable Task Mgr" then right click> delete. That would (at first) give me back use of the Task manager. But after a reboot it would disable it again. Then after a few times of disabling it and it coming back it wouldn't let me do it.

All the pros are talking about how hard this (TDL3 rootkit) is to get rid of, one guy called it the "stealthiest rootkit in the wild".

92 TOY

Yeah, I had talked to an I.T. geek I know from some YOTATECH site and he said that was a bad one.

Basically my computer powers up and shuts off and just keeps doing that over and over.

Thank goodness we still have a laptop, but with everybody wnting to be on the computer at the same time and my dang YOTATECH addiction, it makes it interesting.

I'm hoping that the "geek" can take care of my mess because I am a complete idiot when it comes to this stuff...and getting the oil pan off my truck....I suck.

mt_goat

How can I tell which I need? Thanks very much.

mt_goat

Another interesting quote from this link: http://www.prevx.com/blog/139/Tdss-r...s-the-net.html

SWLABR

An IDE has two rows of pins and is about 2+ inches wide. A SATA is much smaller and looks somewhat like a USB type connector. It is one or the other. You'd have to pull the hard drive to find out, or reboot, hit F2 and go into the BIOS. That should tell you what type of drive you have...

mt_goat

Ok thanks, it looks like from this its SATA.

mick cassidy

get norton 360 best on the market

Lumpy

Yessirre that would be correct. I agree with the other folks here as well about Symantec (Norton) I use it we use it at work it just uses more resources than most.

But now that we know you have a SATA drive. Grab another one, open the case on yours swap drives, toss in the Windows CD and your off and a runnin.

After you get everything reinstalled and (this part is im-po-tint ) and have an Anti-virus installed you then can plug in the old drive via usb and copy all your documents over.

.

Lumpy

it's a bad but and a bear that's why I typically reload them when I get a client that has this. Less headache for me smaller bill for them.

mt_goat

Well another day goes by and no sign of trouble, dare I say this thing is gone? The PC is running great, as fast as ever! I really think that Hitman Pro worked (knock on wood).

Lumpy

Good to hear!!! I hope you keep on keeping on without issue.

.

Corey

iTrader: (1)

Glad it is fixed.
You may have read a thread here from me about the DOS attacks we have been having here.

It was narrowed down to infected computers that were instructed to specifically attack this site.
It brought the server to a stand still a month back.
Many do not even know their PCs have been turned into zombies to do the malware masters bidding.

Lumpy

These lil schmucks need to be drawn and quartered!!!

mt_goat

Yes, I remember that. Hope it wasn't my fault.

mt_goat

Another day goes by and all is good! Some things I'm doing different now:

I surf the web logged on as a user with limited use (no administrative privledge)

I keep all the security settings on high, yes there are some sacrafices in that, but I'm getting used to it. The worst thing is I have to manually put in [Quote]s and smilies and stuff and click to redirect back to pages.

I use passwords to log on or switch users.

I use spybot everyday and immunized everything.

Microsoft has released a new patch for IE (yesterday) and I got that installed.

I'm very careful about giving permissions for access to programs and what links I click on.

Making sure auto updates is running for McAfee, my subcription is paid for on this or I'd try Norton. Plus I'm not conviced Norton would have stopped this attact either. As of 1/20/10 it was not listed as one of the programs that could fix or even detect this TDL3 rootkit.

Lumpy

One other thing to consider...Start using FireFox, I don't use IE for anything. It may take a bit getting used to but I do like it.

mt_goat

I have used it some, the problem is I have a large catalog of saved favorites (from many hours of research) and when transfered to Firefox or Google Chrome the whole thing got reordered to alphabetical. Yes, I know it could all be reordered with "organize favorites" command but it would take a long long time. I do like Firefox though.