Threat:Probably a variant of Win32/Rootkit.Pdnuha.IR trojan

Discussion in 'ESET NOD32 Antivirus' started by cellanjie, Feb 7, 2009.

Thread Status:
Not open for further replies.
  1. cellanjie

    cellanjie Registered Member

    Joined:
    Feb 7, 2009
    Posts:
    3
    After my computer boots and everything loads, 2 NOD32 message windows pop up with

    File:
    ~ link to possible malware removed ~

    Threat:
    probably a variant of Win32/Rootkit.Podnuha.IR trojan

    Upon clicking both quarantine and terminate, the window pops right back up again, ad infinitum.

    I've gone through my hijackthis log and can't find anything amiss.

    Any help would be much appreciated.

    Thanks!
     
    Last edited by a moderator: Feb 8, 2009
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    Try doing a full scan in safe mode. If that fails, download ESET SysInspector, create a log, and send it to samples("at")eset[dot]com with this threads URL in the subject and as much info as possible in the text.
     
  3. cellanjie

    cellanjie Registered Member

    Joined:
    Feb 7, 2009
    Posts:
    3
    Thanks so much, will do.
     
  4. cellanjie

    cellanjie Registered Member

    Joined:
    Feb 7, 2009
    Posts:
    3
    NOD32 didn't find anything. I decided to do a system restore and be done with it. The nag disappeared.

    Thanks.
     
Thread Status:
Not open for further replies.