Jump to content


This topic is now archived and is closed to further replies.


infected by trojan.rootkit-TnCore/Installer

Recommended Posts

Hi everyone,

SAS found this rootkit (well done!), and removed build_dol.exe.

Kaspersky though keeps giving me pop-ups that my executables

keep trying to modify other processes.

I can't seem to remove this rootkit completely.

Any suggestions ?

Share this post

Link to post
Share on other sites

Hi Haico

I take it that Kaspersky is not detecting any malicious files but the suspicious(modifications) behaviour at this point as this would suggest newly emerging stuff.

Do either scans(Kasp+SAS) find items after full scan that they are not able clean ie reappear on the next full scan ?

I would suggest running full scans by both softwares from safemode to see if this uncovers anything new before using some more advanced tools/routines.

How to start from safemode>>>

http://uis.georgetown.edu/software/docu ... start.html

Report back any detections made.

Share this post

Link to post
Share on other sites

  • Create New...