TDSS.tld4 - Microsoft Support Issues

A client's computer was infected by this virus virus.
The symptoms were that visits to Microsoft and other security sites were blocked.
Many were re-directed to "get-search-results.com".


Microsoft offers free support for their systems when they are infected.
Just call: 1-866-727-2338


The issue appears to be a resurgence in the TDSS virus.
Windows update won't work, Windows Live OneCare won't work.
Microsoft Support won't work either, they simply ask you to run these tools that you can't get to because of the Virus. It's very much a chicken and egg issue, doctor heal thyself. If I cannot visit these sites how can I run these tools. I had to spend over 30 minutes on the phone with their "Technician" to explain that fact to them. What a waste of time.


Then, after re-trying all the obvious things that I already tried the "Technician" and wasting an additional 45 minutes. Says they don't know the answer (*shock!*) and will have to transfer me to an Internet Explorer specialist - then the call drops.


So I call back, get a new technician, waste more time getting this person up to speed. Then this tech transfers me to another "Technician" - that was more than 20 minutes on hold. This technician was supposed to help me get the IE fixed. This "Technican" then told me they could not help and send me back to the beginning of the line to PC Safety.


So back now to my fourth try with PC Safety support. By this time I'd already performed some clean up and got the system functioning much better. This guy says simply: Hey lets use Kaspersky tools. Shortly there-after we found the TDSS.tdl4 root-kit. Removed it, rebooted. Then use ComboFix, then reboot.
Should able to run Updates and other pieces successfully.


Ran into one more problem when the Updates failed, had to manually add some keys to the registry.
See our Windows Update notes for more info.


There was over an hour wasted with their "Support" factoring in support costs & the lost-productivity and this virus costs over $1000.


Keep your systems updated, get & use an Active Anti-Virus tool such as Kaspersky, use tools such as SpyBot and CCleaner to keep cruft from building up, where virii hide.