Rootkits

Discussion in 'ESET Smart Security' started by davib, Sep 11, 2008.

Thread Status:
Not open for further replies.
  1. davib

    davib Registered Member

    Joined:
    Sep 11, 2008
    Posts:
    3
    Hi,

    Ive used Eset Security for some time now but in the last 5 days I ahve had to reformat my machine as I have had 2 rootkits installed on my machine.

    Now the first I can forgive but the second one was installed AFTER I scanned the file and Eset said there was no probs with it

    Shouldn't ESET have picked this up? Im wondering whether I should change products cos Im gonna go nuts reformatting..

    Until now I really trusted ESET

    Any advice appreciated


    gmer said it was srsosa but was unable to clear it....any ideas on the best product to get to protect my machine?
     
  2. nonoise

    nonoise Registered Member

    Joined:
    Jun 6, 2008
    Posts:
    322
    i had a computer infected with srosa few weeks ago (nod32 installed, updated and running), its a variant of beagle worm that you've got.

    heres what you do if you don't want to format:

    - boot from Windows XP cd, enter repair console

    browse, search and delete files:

    hldrrr.exe, srosa.sys, wintems.exe and folder c:\windows\system\drivers\down

    and

    C:\Documents and Settings\Admin\Application Data\m\flec006.exe

    good luck
     
  3. nonoise

    nonoise Registered Member

    Joined:
    Jun 6, 2008
    Posts:
    322
    sorry, i didn't read your post properly, i see you've already reinstall windows.
     
  4. davib

    davib Registered Member

    Joined:
    Sep 11, 2008
    Posts:
    3
    Hi,

    yeah Im using VISTA and was unable to delete these files, they just kept coming back.

    Very disappointed in NOD32 I have now installed PANDA in the hope that this product works better
     
  5. norky

    norky Registered Member

    Joined:
    May 1, 2004
    Posts:
    172
    Location:
    Lithia, FL
    Nothing wrong with some safe surfing as well as using an av.. perhaps you need to rethink where you're dling files from.
     
  6. davib

    davib Registered Member

    Joined:
    Sep 11, 2008
    Posts:
    3
    I agree that I also need to watchout.... however I have NEVER been hit before with any other product. Eset has been good for 8 months AND when I specifically scan a file prior to opening it and eset says its all good then I expect it to be all good..perhaps Im being unfair but....I no longer trust it

    FYI.. I kept the zip file that caused the problem and tested it with a couple of other products.... PANDA and even AVG free versions instantly recognised the file as being a problem ...not ESET!
     
  7. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    If you still have copies of the malicious files in question, please submit them to samples@eset.sk in a password-protected archive with a link to this message so that ESET's virus lab can examine them.

    Regards,

    Aryeh Goretsky
     
  8. demonio

    demonio Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    48
    Eset now updates bagle very quickly!
     
    Last edited: Sep 17, 2008
Thread Status:
Not open for further replies.