My sons PC got the TDL3 rootkit.

Discussion in 'malware problems & news' started by trjam, Feb 22, 2010.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    :) I am so proud of him. I actually got popped by this. F-Secure detected it in a scan which is what he was using. It said it deleted it but on reboot my IE8 would either not connect or was redirecting me. Thank goodness for FD-ISR as he will be going into ShadowDefender from here on out. Teenagers:thumbd:
     
  2. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Hey not all teenagers get PC's infected, I am a teenager and I keep my PC Malware Spotless :D
     
  3. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    You should have run hitman pro, they specialise in removal of this. :thumb:

    But if he knows how to use shadow defender, then you won't have to worry.
     
  4. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    he doesnt and it doesnt matter because he will always be shadowed. Dont want to know how he got it either. Thought about Hitman but it takes over a hour to create a new snapshot and I want to finish tonight.
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @trjam

    Congrats :D Just shows, it can and does happen to anyone sometimes. Fortunate you got a good plan.

    Was he in admin mode ?
     
  6. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Young dudes like admin mode, they install games and so on.
     
  7. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Did he have anything besides F-Secure ?
     
  8. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Assuming the rootkit was removed, the internet connection might have been restored easily: the rootkit might have made a simple change to the proxy settings - easy to correct.
     
  9. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Sounds like you got it sorted out. I've used SD and FS together without any problems in the past. You'll have to exclude all of his game directories to save game data.
     
  10. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
Loading...
Thread Status:
Not open for further replies.