Matt
2009-02-05, 21:14
Hallo,
Die Datei KGyGaAvL.sys ist, zumindest was ich darüber rausgefunden habe, "sicher". Aber wie sieht es mit ZLT05120.TMP und EC23ACB85A.sys aus?
ich hoffe, dass du mir helfen kannst, Patrick. ;)
Was sagt dein geschultes Auge zu folgendem Log von RootAlyzer:
// info: Rootkit removal help file
// copyright: (c) 2008 Safer Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"No admin in ACL","C:\WINDOWS\Temp\ZLT05120.TMP"
File:"No admin in ACL","C:\WINDOWS\system32\EC23ACB85A.sys"
File:"No admin in ACL","C:\WINDOWS\system32\KGyGaAvL.sys"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\fwdbglog.txt"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\fwpktlog.txt"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\IAMDB(2).RDB"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\IAMDB.RDB"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\installer_121808191928.log"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\MATT.ldb"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\tvDebug.log"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\tvDebug.Zip"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog.txt"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.02.02.txt"
File:"No admin in ACL","C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS\Adobe_Downloads\nos5.dat"
Directory:"No admin in ACL","C:\WINDOWS\Internet Logs"
Directory:"No admin in ACL","C:\Programme\NOS"
Directory:"No admin in ACL","C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS"
Directory:"No admin in ACL","C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS\Adobe_Downloads"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\","NOS"
Vielen Dank. :bigthumb:
Gruß,
-Matt-
Die Datei KGyGaAvL.sys ist, zumindest was ich darüber rausgefunden habe, "sicher". Aber wie sieht es mit ZLT05120.TMP und EC23ACB85A.sys aus?
ich hoffe, dass du mir helfen kannst, Patrick. ;)
Was sagt dein geschultes Auge zu folgendem Log von RootAlyzer:
// info: Rootkit removal help file
// copyright: (c) 2008 Safer Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"No admin in ACL","C:\WINDOWS\Temp\ZLT05120.TMP"
File:"No admin in ACL","C:\WINDOWS\system32\EC23ACB85A.sys"
File:"No admin in ACL","C:\WINDOWS\system32\KGyGaAvL.sys"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\fwdbglog.txt"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\fwpktlog.txt"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\IAMDB(2).RDB"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\IAMDB.RDB"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\installer_121808191928.log"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\MATT.ldb"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\tvDebug.log"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\tvDebug.Zip"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog.txt"
File:"No admin in ACL","C:\WINDOWS\Internet Logs\ZALog2009.02.02.txt"
File:"No admin in ACL","C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS\Adobe_Downloads\nos5.dat"
Directory:"No admin in ACL","C:\WINDOWS\Internet Logs"
Directory:"No admin in ACL","C:\Programme\NOS"
Directory:"No admin in ACL","C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS"
Directory:"No admin in ACL","C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS\Adobe_Downloads"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\","NOS"
Vielen Dank. :bigthumb:
Gruß,
-Matt-