Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Don't have a system32 foldeR?


  • Please log in to reply

#16
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
i'm not that old...JEEZZZZ
  • 0

Advertisements


#17
Kat

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Ok Frantt. I'm going to take over here. I'm not going to move this to the malware forum quite yet. It's quite possible a rootkit is at work here, so I want you to run two rootkit scans for me, please. It is VERY important that you do not run any other program (no internet windows, no programs..nothing) while these two scans run. Please do this right away for me, and post the results of both in this thread. I will keep a close eye out for your replies.

_____________________________________________________

Download and Save Blacklight to your desktop:

Double-click blbeta.exe then accept the agreement, leave [X]scan through Windows Explorer checked, click > scan then > next

You'll see a list of all items found. There will also be a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers).

Copy and paste this log in your next reply. Don't choose the rename option yet! I want to see the log first, because legitimate items can also be present there, such as "wbemtest.exe"

__________________________________________________________

Please download Rootkit Revealer (link is at the very bottom of the page)
  • Unzip it to your desktop.
  • Open the rootkitrevealer folder and double-click rootkitrevealer.exe
  • Click the Scan button (bottom right)
  • It may take a while to scan (don't do anything while it's running)
  • When it's done, go up to File > Save. Choose to save it to your desktop.
  • Open rootkitrevealer.txt on your desktop and copy the entire contents and paste them here
____________________________________________

post the two logs here in separate replies, plesase. :) Don't panic on me yet...this is a precautionary measure. However, I would definitely get this checked out right away. It's NOT normal that your system32 folder was hiding...and now is not. :tazz: :)
  • 0

#18
Frantt

Frantt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Ok Frantt. I'm going to take over here. I'm not going to move this to the malware forum quite yet. It's quite possible a rootkit is at work here, so I want you to run two rootkit scans for me, please. It is VERY important that you do not run any other program (no internet windows, no programs..nothing) while these two scans run. Please do this right away for me, and post the results of both in this thread. I will keep a close eye out for your replies.

_____________________________________________________

Download and Save Blacklight to your desktop:

Double-click blbeta.exe then accept the agreement, leave [X]scan through Windows Explorer checked, click > scan then > next

You'll see a list of all items found. There will also be a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers).

Copy and paste this log in your next reply. Don't choose the rename option yet! I want to see the log first, because legitimate items can also be present there, such as "wbemtest.exe"

__________________________________________________________

Please download Rootkit Revealer (link is at the very bottom of the page)

  • Unzip it to your desktop.
  • Open the rootkitrevealer folder and double-click rootkitrevealer.exe
  • Click the Scan button (bottom right)
  • It may take a while to scan (don't do anything while it's running)
  • When it's done, go up to File > Save. Choose to save it to your desktop.
  • Open rootkitrevealer.txt on your desktop and copy the entire contents and paste them here
____________________________________________

post the two logs here in separate replies, plesase. :) Don't panic on me yet...this is a precautionary measure. However, I would definitely get this checked out right away. It's NOT normal that your system32 folder was hiding...and now is not. :tazz: :)



didnt u see ifound it it just like popped Up XD
  • 0

#19
Kat

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Yes, I saw that it was found. However..it is very possible that a rootkit is installed on your computer by a remote person, who was hiding your system32 folder. it should NOT have been hidden at all.

I highly recommend you follow my instructions and run those two scans for me. IF someone has remote control of that computer, then your security has been seriously compromised.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP