[Inactive] Infected With TDSS Rootkit

[soupman]

I have Avast disabled... or do I?

[Hoov]

Nope, it is still running. That is why with the new antivirus scanners it is impossible to disable them fully without uninstalling them.

[soupman]

Ok, so if I understand correctly...Uninstall then follow your msconfig instuctions once again?

[Hoov]

Yes.

[soupman]

Hi Hoov,

Uninstalled Avast. Msconfig same result.

Questions;

1. Win Defender has has been turned off all along ...Same with Malwarebytes (uninstall?)... I have now uninstalled Trend Micro RUBotted. I believe that only leaves McAffee.

2. Would it help if I started uninstalling programs I either don't, or rarely use?

[Hoov]

No need to do that. Unless you got a program thru questionable means, anything like that I would uninstall.

Do you know how to edit the registry?

[soupman]

Hi Hoov,

No, have never been in the registry. Can you guide me?

[Hoov]

If we can find another way of fixing it, I would rather not. Do you have a windows install CD? Not a system restore CD but an install CD even an OEM install CD will work.

[soupman]

I have the Dell "Reinstallation CD- Windows XP Home Service pack 2" that came with the computer. Says "to reinstall the op system on a dell". "This CD is not for reinstallation of programs or drivers".

I also have a "Dell Resource CD".

[Hoov]

The first CD will do. But before we do that, I would like you to try something. I have been overlooking something, and I don't know why. First can you tell me what version of McAfee (the exact program name with the year or version number would be best) you have installed on your computer?

[soupman]

McAfee Security Center
Version 9.15
Build 9.15.179

Virus Scan
Version 13.15
Build 13.15.118

Personal Firewall
Version 10.15
Build 10.15.106

and more if you need it.

By the way, my McAfee is expiring in the next few days...is there a free suite that you would recomend or is it a better idea these days to piece together a suite from free components?

[Hoov]

I don't think there are any free suites available. But a self rolled suite works just as good, and many times better than a suite of tools. We have a list of http://spywarehammer.com/simplemachinesforum/index.php?board=108.0 . That is a good place to start. You need a Virus scanner, a Firewall and a malware scanner. The only tool I recommend hands down to everyone is Malwarebytes' Anti-Malware, and if you can afford to purchase it, I would encourage you to do so.

Are you willing to uninstall your McAfee suite to see if we can fix your boot problem, and then install another set of tools?

[soupman]

Yes I am.

When you say "You need a Virus scanner, a Firewall and a malware scanner"... I thought malware scanners covered all including virus, trojans, ect. What would be a virus scanner and a malware scanner you would recommend as seperates. 

[Hoov]

Any of the virus scanners in our list are good, but there is also AVG from Grisoft.com. As for malware scanner, my new favorite tool is Malwarebytes' Anti-Malware.

As for malware scanner covering virus scanners, there is some overlap but there is need for separate tools.

Once you are ready to remove your McAfee install, go ahead and uninstall it and then run the The McAfee Removal Tool, available here.

Then I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

See if your computer boots faster. Once you have decided that, run msconfig and select normal startup then click apply then OK and reboot the computer.

Let me know how it goes.

[soupman]

Ok, let's say I went with the free Avast antivirus, free Malwarebytes and a free firewall. Other than having to remember to manually run at least two scans a week are there any other downsides I'm not seeing? Email virus and malware scanning?

Would I download these before I uninstalled McAfee so they were ready to go?  Or... disconnect from the internet, uninstall McAfee, reconnect the internet, install the trifecta then run the McAfee Removal Tool?

Thanks for your help, Hoov.