How To Avoid Getting Infected By A TDSS Rootkit

Run as a limited user! Run as a limited user! Run as a limited user!

 

The infection comes from the usual dropper spread by peer to peer networks or by crack and keygen websites, and it needs administrator privileges to run its payload. If UAC is disabled or the user voluntarily gives admin permissions, this infection can run even on Windows Vista and Windows 7. This is likely to be the usual scenario, where a user looks for specific cracks and don't mind if UAC warnings him, he gives admin privileges to the wanted crack.

 

This is the entire article courtesy of Prevx and an interesting read for the layperson: http://www.prevx.com/blog/139/Tdss-rootkit-silently-owns-the-net.html