Jump to content
Haico

infected by trojan.rootkit-TnCore/Installer

Recommended Posts

Hi everyone,

SAS found this rootkit (well done!), and removed build_dol.exe.

Kaspersky though keeps giving me pop-ups that my executables

keep trying to modify other processes.

I can't seem to remove this rootkit completely.

Any suggestions ?

Share this post


Link to post
Share on other sites

Hi Haico

I take it that Kaspersky is not detecting any malicious files but the suspicious(modifications) behaviour at this point as this would suggest newly emerging stuff.

Do either scans(Kasp+SAS) find items after full scan that they are not able clean ie reappear on the next full scan ?

I would suggest running full scans by both softwares from safemode to see if this uncovers anything new before using some more advanced tools/routines.

How to start from safemode>>>

http://uis.georgetown.edu/software/docu ... start.html

Report back any detections made.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×