i have been hit by optix pro 1.2 (the name is based on the tds3 console) twice in the last couple of weeks. the first time it hit, i was not infected since my soft firewall (outpost free) warned me of an outgoing regsvr connection. so i was able to kill and delete the process with tds3. i scanned all hdd's and it came out clean. i was not so lucky the second time. i accidentally came about it when i did a regular scheduled complete scan of the hdd's. tds3 came out with this result (copied from scandump.txt): "Scan Control Dumped @ 12:35:20 08-02-03 Positive identification: RAT.Optix Pro 1.2 Launcher File: c:\windows\winampw.exe" I deleted it from the console, did a rescan, came out clean and restarted the pc (i usually do this after an at, av and reg scan). i went on to the net but i get an error "windows cannot find iexplore.exe" and all programs that i try to run. i cannot even open regedit nor cmd. tried to put in winxp cd but even my ntloader (system commander) warned me of a bootsector/mbr change so "scan from dos". used my other pc to access wilders forum and search thread on optix pro (by randy bell -thanks ) and cleaned it that way. anyway, my questions are: 1. how do i get infected with this rat? 2. how can i prevent getting infected short of not using my pc or using it half way? i use winxp pro on a lynksys router with tds3 on demand, nod32 on access, outpostfree on windows start up. msmsgs.exe and svchost.exe blocked by outpost. all ports are stealth as per grc.