I don't use it but from the pic on it's home page I'd say take a screenshot (or two if not enough room) and upload them here as attachments. It doesn't look like theres a way to hilite the entries and copy/paste them or create a log file otherwise I'd suggest that first.
easiest way to do the screenshot method is to just hit the print screen key and then edit>paste into an open window of MSpaint.
Hello Fink, Han, tried everything to upload, Paint, word, wordpad, even tried to change the format to Bitmap, to try to open it in MGI Photosuite, file is just over 2mb and cannot upload. Tried to open it to resize it, no luck, cutting it, copying it no joy.
Han, the other ones you have suggested, do they sort out the problem automatically?
Han, the other ones you have suggested, do they sort out the problem automatically?
Well, both programs are purpose created for screen captures. Both can save the captures as files (which is what you need here) and can also print those captures (which is something I often do for important things I need to keep permanent records of.)
I used to use MWSnap all the time but have moved to FastStone Capture because of it's better range of options. It adds scrolling website captures, freehand captures, the ability to add text to captures, a screen magnifier and more. Plus I feel it is easier to understand how to use it. But that all said, either one should make capturing photos of your desktop easier to do than what you have been trying...
Hello Fink, Han, have downloaded Faststone, took a screenshot, can you tell me what to do with the Entries, most of which seem to be Zonealarm or Symantec entries?
Sent two, as bottom 2 or three are missing from the first.
It has uploaded as a Jpeg.
Thanks for your help, Gep
Last edited by gep; September 27th, 2006 at 05:27 AM.
Reason: Extra Attachment
I have no idea what those entries are. I would say though, that I'd very strongly recommend doing nothing with them at all until someone who's either familiar with that program or an expert on rootkits can come along and look at it.
Rootkits, are still very rare types of infections so odds are those entries are all supposed to be there.
Personally I'd be more inclined to use one or two of the more popular rootkit analyzers like Blacklight or Sophos which operate more like a/v scanners than this program which seems to give no help and relies entirely on the users ability to decipher unexplained data... a very risky propopsition considering that removing any of those items could cripple your PC.
While I understand a few of the concepts of rootkits, the truth of it for me is that if I have questions about scan results, I would have to find an expert who can decipher all the cryptic information. And Gep, your results certainly fall in that category for me. Hopefully, someone here at VDr can offer some assistance. If not, you might try posting over at the Rootkit Forum over at CastleCops. http://www.castlecops.com/f233-Rootkit_Revelations.html There are some forum mods over there that are fairly experienced at reading results from the various rootkit scanners.
I agree with fink that you might try some other, more user friendly scanners. This might help you to understand your results better. (In case you are interested, here are one person's reviews for several rootkit scanners (Rootkit Hook Analyzer being one of them.) http://spyware-free.us/2006/07/on-to...t-testing.html )
I also agree with fink that whatever you do, be very cautious. Some scanners can show false positives which could cause some users to break their healthy PCs.
BTW, glad you got your screen captures going. Mess around with FastStone a bit. It's kind of amazing all the things it can do.
Reply With Quote
Re:Rootkit
