A spyware manufacturer released a version of their trojan that they market as "Hidden from by F-Secure BlackLight Rootkit Elimination Technology!". They use a known trick that may fool programs that scan for rootkits. This trick depends on identifying BlackLight process and not hiding from it at all.

But the good news is that there is an easy workaround. Just rename the fsbl.exe file to something that doesn�t contain fsbl on its path. This is as a matter of fact a good thing to do with any rootkit scanner. So we suggest those who try out F-Secure BlackLight beta to rename the binary into something random before running it.




Above: BlackLight beta (renamed to zsbl.exe) detecting the trojan in question