You know that new pc I got..

[General BlackDragon]

AMD Athalon 64 2X Duel Core Processor 5200+ 2.71 Ghz, 2.00 gb RAM, NVIDIA GeForce 7600 GT, 300GB HD.

Something about that just makes me druel...

My old pc's specs are:

AMD Athalon XP 1.25 Ghz, 512mb RAM, Radeon 9200 Atlantis, 40gb HD.

Got hit with something bad, has a rootkit, need to reinstall windows on it

any advice?

[OvermindDL1]

How the heck did you manage that first of all?
Generated by OvermindDL1's Signature Auto-Add Script via GreaseMonkey

[Red Devil]

Take HD out and clean it with another computer.

[General BlackDragon]

i was dumb and clicked on a link in an Email that was supposed to be a ST Online video but wasnt...

[Red Devil]

Works every time.

[Nielk1]

Except on me. And OM.

Om doesn't bother and I check out the URL and if I don't recognize the location I look into it first.

EDIT: Question one, did the computer come with it's current OS already installed?

[GENERAL MANSON*]

Got hit with something bad, has a rootkit, need to reinstall windows on it

any advice?

Update exsisting av software restart into safe mode and run scans and try that way.

[Zero Angel]

Manson's advice is the most straightforward, and *might* work. That would be the first thing to try, since theres almost no risk of your saved things being lost. And if successful, then you can continue using Windows often without problems.

If not theres a few other methods you can employ:
1) Manual removal in Safe Mode, using hijackthis.
2) Repair install of Windows
3) Back up your files, then do a format/clean install of windows.

As to backing up files, there are a few methods you can employ.
1) Booting into safe mode and copying your files over to a thumb drive or portable hard drive -- or if you have a 2nd HDD installed, to that
2) Inserting your hard drive into another machine, and copying your files over that way
3) Back up all your data to a CD-R or DVD-R by using a Linux LiveCD

As to LiveCD's, you probably would need to use another computer to download/burn one. The following types of Linux LiveCD's are good for doing the task of burning your stuff to a CD/DVD:
1) Knoppix (ugly and plain, but it will get the job done)
2) Sabayon (high-end and shiny, but takes a long time to download and burn since its 3GB and needs to be burned to a DVD)

If you go the LiveCD -> burn CD method. Then I would highly recommend using the program "K3B" from within the liveCD -- it is truly an excellent CD burning program.

Manual Removal can be difficult if you've never done one before, but if successful, then you can fix your OS without losing any data -- it generally goes like this:

Find out what rootkit you got infected with, run a google search on "(name of rootkit or virus) removal". Do the F8 thing on boot up to Boot into safe mode with Networking (with networking is useful, because it will let you use the internet for help on beating the virus/rootkit), and follow the instructions. Most instructions will tell you what the infected files are. Download and run hijackthis while in safe mode, check the entries that are related to the virus/rootkit -- if some of the entries contain the text "Winlogon Notify", those are difficult to remove since you cant remove them without killing the windows logon process (which effectively restarts your machine). You can use a Linux LiveCD like Knoppix to access your windows hard drive and physically remove the files that the winlogon notifiers point to (like c:\windows\system32\blahblahblah.exe). Then run a virus scan to clean up the traces of the virus on your hard drive. You can also try to run a virus scan from a linux LiveCD, and there are instructions on how to do this, but its not always very effective since (from my experience with Knoppix) it doesnt always catch all of the viruses.

[Zero Angel]

And for future reference, use firefox as your default browser, you have a much less chance of catching a virus from clicking on a website link. To make it even better,  install the following extensions on it

- Adblock Plus
- Vista Aero (theme -- if you want it to look like IE)
- Download Statusbar
- Cutemenus: Crystal SVG (if you like eyecandy)
- Ctrl-Tab
- Foxytunes

And last but not least:
http://www.siteadvisor.com/

What do you use for antivirus?

[OvermindDL1]

Yea, do *NOT* ever touch IE.

As for questionable things, I will always launch those in a Win98 Virtual Computer.
But a movie, it must obviously not been a movie file if it infected you (or you use WMP to view it, which can also through, never touch it either).  For movies I always use VLC (including the browser plugin for Firefox).

Siteadviser is a bit of a joke, it has been too easy to get good sites listed as bad and bad sites listed as good, do not trust it either, just use intellegence.
Generated by OvermindDL1's Signature Auto-Add Script via GreaseMonkey

[General BlackDragon]

Okay, 1: Virus scanner + Microsoft Tech Support = useless.

Symtoms: Search Engines fail, sending me to random other search engine links instead of when i click on a link brought up by any search engine. Downloads fail. Some programs (i.e. 3ds max) fail. Some games wont connect online. Some websites dont even come up, most do, I can get on forums and stuff but it's laggy. Other sites come up as page cannot be displayed.

Display properties "desktop" and "Screensaver" tabs are missing.

Compfix.exe ran and said it detected the presence of a rootkit and must reboot, then fails to restart after i relogin.

My plan: Simple, whipe drive and reinstall from scratch, get a CD from the guy this time, so If i ever need to do it again I will have the CD. And get a small 40gig to install os on as well, and use that as primary boot drive while using the 200gig for storage/backup.

And I plan to use firefox on it.

Any oither suggestions about how to setup a more secure HD setup?

[GreenHeart]

I second that on not using IE considering some of the crap they put into IE. Last time i downloaded a standard chm from someone i know my pc went into lockdown mode & restricted everything. I had to use my backup to undo the damage.  I recommend using either firefox or opera.

[Red Devil]

Just remove the HD and scan it/clean it using it as a slave on another rig.

[VSMIT]

ComboFix.

Generally, if this doesn't do it, it's not going to be simple doing it.  Just be prepared to wait a while before using your computer.

VSMIT.

[GENERAL MANSON*]

Look up cwshredder/spybot Search and Destroy 1.6.0/Ad-Aware 2008 free/Spywareblaster 4.1 i think or 4.0/Spywareguard v 2.2. Install all and update and immunize if possible in normal or safe mode and run all. Depeniding on severity of infection well you may have to try LSPfix also.