Results 1 to 2 of 2

Thread: No admin in ACL

  1. #1
    Junior Member
    Join Date
    Aug 2009

    Default No admin in ACL

    I just installed RootAlyzer and analyzed for the first time. I am very new to all of this, so need to be coached on the proper steps to follow. Here is the log...My thanks for your help!

    *** BEGIN LOG

    // info: Rootkit removal help file
    // copyright: (c) 2008-2009 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"No admin in ACL","C:\WINDOWS\system32\CEBA8F6815.sys"
    File:"No admin in ACL","C:\WINDOWS\system32\KGyGaAvL.sys"

    .... END LOG

  2. #2
    Junior Member
    Join Date
    Aug 2009

    Default P.S. to original post

    Here's a postscript to my original post, above...

    Under your "Help" section, you folks have written:

    No admin in ACL

    Every file, folder and registry key has associated Access Control Lists. These control which users and user groups may access the object, and how they may do so. RootAlyzer checks various parameters to check whether ACLs are modified and non-standard.

    In case of doubt, cross-check by trying to access the listed files or folders in Windows Explorer (regedit.exe for registry entries). Keep in mind though that Microsoft started to hide some system entries of Windows Vista even to administrators (which is a legit security measure). RootAlyzer tries to whitelist those (not showing them in the results list), but updates to Vista may add more, yet unwhitelisted, entries.

    I looked for these files with Explorer and could not find either of them.

    I am running Windows XP SP3.

    Thanks again for your help.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts