TDSS rootkit

Discussion in 'ESET NOD32 Antivirus' started by enduser999, May 29, 2011.

Thread Status:
Not open for further replies.
  1. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    Just a FYI. I was working on a client's computer that had a password protected NOD32 ver 3 on it. I originally was working on it and noticed the search results were being redirected. Scanning in normal mode with NOD32 found nothing. Neither TDSSKiller nor Combofix would run in safe mode with networking and would crash in normal mode. Created a Kaspersky rescue disc and scanned it with that and it found and killed it. I backed up the critical data and formatted it and reinstalled Windows XP from scratch.

    Will NOD32 not protect the end user from TDSS and must one create a NOD32 rescue disc for each particular computer rather than being able to download a generic one such as the one I used from Kaspersky?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    What about installing the latest v. 4.2.71? Didn't it discover either? At any rate, I assume that the stand-alone ESET Olmarik cleaner should clean it fine.
     
  3. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    Problem is that until I used Kaspersky I did not know for sure if there was a rootkit on the machine and what Variant it was.
     
Thread Status:
Not open for further replies.