Tech Support Forum - View Single Post

Vikesrock8411 · 11-06-2006, 07:27 PM

Before we get started I would like to check if a rootkit is present. If there is one present it will need to be taken care of first.

Download and Save Blacklight to your desktop:

Double-click blbeta.exe then accept the agreement, click > scan then > next

You'll see a list of all items found. There will also be a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers).

Copy and paste this log in your next reply. Don't choose the rename option yet! I want to see the log first, because legitimate items can also be present there, such as "wbemtest.exe"

Download GMER to your desktop.

Right Click the Zip and Select Extract All.
Open GMER and Click the Tab labeled RootKit.
Now Click Scan, it will take a while for the scan to complete.
Once done, Copy the results to Notepad and post them in the next reply.

11-06-2006, 07:27 PM	#2 (permalink)
Vikesrock8411 Analyst, Security Team Join Date: Jun 2005 Posts: 3,065 OS: Windows XP	Before we get started I would like to check if a rootkit is present. If there is one present it will need to be taken care of first. Download and Save Blacklight to your desktop: Double-click blbeta.exe then accept the agreement, click > scan then > next You'll see a list of all items found. There will also be a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers). Copy and paste this log in your next reply. Don't choose the rename option yet! I want to see the log first, because legitimate items can also be present there, such as "wbemtest.exe" Download GMER to your desktop. Right Click the Zip and Select Extract All. Open GMER and Click the Tab labeled RootKit. Now Click Scan, it will take a while for the scan to complete. Once done, Copy the results to Notepad and post them in the next reply. __________________