My sons PC got the TDL3 rootkit.

I am so proud of him. I actually got popped by this. F-Secure detected it in a scan which is what he was using. It said it deleted it but on reboot my IE8 would either not connect or was redirecting me. Thank goodness for FD-ISR as he will be going into ShadowDefender from here on out. Teenagers

 

Hey not all teenagers get PC's infected, I am a teenager and I keep my PC Malware Spotless

 

You should have run hitman pro, they specialise in removal of this.

But if he knows how to use shadow defender, then you won't have to worry.

 

he doesnt and it doesnt matter because he will always be shadowed. Dont want to know how he got it either. Thought about Hitman but it takes over a hour to create a new snapshot and I want to finish tonight.

 

@trjam

Congrats Just shows, it can and does happen to anyone sometimes. Fortunate you got a good plan.

Was he in admin mode ?

 

Young dudes like admin mode, they install games and so on.

 

Did he have anything besides F-Secure ?

 

Assuming the rootkit was removed, the internet connection might have been restored easily: the rootkit might have made a simple change to the proxy settings - easy to correct.

 

Sounds like you got it sorted out. I've used SD and FS together without any problems in the past. You'll have to exclude all of his game directories to save game data.

 

See these related threads, they may help:
https://www.wilderssecurity.com/showthread.php?t=265535
https://www.wilderssecurity.com/showthread.php?t=265784