Haico Posted September 23, 2007 Hi everyone, SAS found this rootkit (well done!), and removed build_dol.exe. Kaspersky though keeps giving me pop-ups that my executables keep trying to modify other processes. I can't seem to remove this rootkit completely. Any suggestions ? Share this post Link to post Share on other sites
fatdcuk Posted September 23, 2007 Hi Haico I take it that Kaspersky is not detecting any malicious files but the suspicious(modifications) behaviour at this point as this would suggest newly emerging stuff. Do either scans(Kasp+SAS) find items after full scan that they are not able clean ie reappear on the next full scan ? I would suggest running full scans by both softwares from safemode to see if this uncovers anything new before using some more advanced tools/routines. How to start from safemode>>> http://uis.georgetown.edu/software/docu ... start.html Report back any detections made. Share this post Link to post Share on other sites
