Results 1 to 4 of 4

Thread: Help me analyse log-file results please

  1. #1
    Junior Member
    Join Date
    Oct 2008
    Posts
    7

    Default Help me analyse log-file results please

    // info: Rootkit removal help file
    // copyright: (c) 2008 Safer Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Users\All Users\TEMP:5C321E34:$DATA"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\global.js"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\HpuFunction.dll"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\HPWUCli.exe"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\hpwuSchd2.exe"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\main.hta"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\SelfUpdate.exe"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\SoftwareUpdate.dll"
    File:"No admin in ACL","C:\Program Files\HP\HP Software Update\unicows.dll"
    Directory:"No admin in ACL","C:\Program Files\HP\HP Software Update"

  2. #2
    Senior Member Matt's Avatar
    Join Date
    Aug 2006
    Location
    Bavaria
    Posts
    1,169

    Default

    Hi Haemel,

    all entries from HP should be good. Did you do an software update from HP while scanning with RootAlyzer?
    The first entry shouldn't be there, you can find more information here.
    Best regards - Beste Grüße,

    Matt

  3. #3
    Junior Member
    Join Date
    Oct 2008
    Posts
    7

    Default

    Thanks for your answer.

    No I didn't update HP. But, like you, I think they are OK. I have a HP-pc here.

    2nd. I do not see a special solution in the thread you mentioned for the TEMP map, except that I should mail you the "packed" file?

    Haemel

  4. #4
    Junior Member
    Join Date
    Oct 2008
    Posts
    7

    Default

    After I sent the packed cabfile to you e-mail adress I did a deep scan again. It showed me the HP 'no admin in ACL' remarks again, but NOT the TEMP line anymore!

    Another discovery:
    - the TEMP map was created when I installed Windows Vista on my system
    - the TEMP map was changed with a scheduled Windows Vista update on april 15

    Haemel
    Last edited by Haemel; 2009-04-19 at 09:29.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •