Win32/Rootkit.Podnuha trojan (Threat ID 2681)

Discussion in 'ESET Endpoint Products' started by Reedmikel, May 24, 2013.

Thread Status:
Not open for further replies.
  1. Reedmikel

    Reedmikel Registered Member

    Joined:
    Dec 30, 2011
    Posts:
    185
    How do we remove this threat? I'm using NOD32 v4.2.71 Bus Ed. It detects it on every startup, then recommends a reboot. I reboot, but the next scan still finds it (in memory). The console details show Action: "cleaned by deleting (after the next restart) - quarantined".

    I looked on ESET's web site where they offer manual tools, but nothing listed for this threat.

    I also searched for "Podnuha" on this forum but no matches. I guess I am the first?

    OS of infected PC is Win XP Prof SP3.

    TIA,
    -Mike
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please create a SysInspector log and submit it to ESET for analysis as per the instructions here. Also enclose your Threat log with the infection logged.
     
Thread Status:
Not open for further replies.