Jump to content

How to remove Korplug.A trojan


Guest Altangerel
 Share

Recommended Posts

Guest Altangerel

We're using Nod 32 v 4.2.71.2. The AV detected some PCs has been affected by Korplug.A trojan, but it cannot remove it. Scan log always says "Unable to clean". We tried to remove remove the trojan manually by removing created files and directories. However, when the affected system restarted it will start again. 

Any of you guys encountered this issue and have solution on this?

Link to comment
Share on other sites

  • Administrators

Please post a complete record related to the detection from your threat log. The record should look like as follows:

18. 7. 2013 13:59:44    Real-time file system protection    file    D:\test\kogabontusiq.exe    a variant of Win32/Kryptik.BFXC trojan    cleaned by deleting - quarantined    domain\admin    Event occurred during an attempt to access the file by the application: 

Link to comment
Share on other sites

Hi Marcos,

 

Log entry is below:

 

Startup scanner    file    Operating memory » svchost.exe(1616)    a variant of Win32/Korplug.A trojan    unable to clean

Link to comment
Share on other sites

  • Administrators

8692We'll be adding detections for new Koreplug variants in update 8692. When available, update the signature database and run a full disk scan. Should it still be detected only in memory, I'll check your SysInspector log for suspicious files.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...