PDA

View Full Version : RootAlyzer results, help needed



Palmer
2014-05-20, 02:27
Hi, I need some help interpreting the results of a RootAlyzer scan. This is the first time I've used it and the scan has identified files and a registry key as possible malware.


// info: Rootkit removal help file
// copyright: (c) 2008-2014 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Users\User\Pictures\PHONE Nok 2009-13 6303 Classic\2013-05-03 PHONE Nokia 6303 classic\PHONE Nokia 6303 classic 001.mp4:TOC.WMV:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20140408-0011\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20140301-0010\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20140301-0009\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20140213-0008\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
File:"Unknown ADS","C:\PerfLogs\System\Diagnostics\20131220-0007\report.xml:Qgrg2rf1Znaluncm1kfl1xla5h:$DATA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc\","Vol"



I have fairly basic computer know how and am not sure what to make of these results. I am particularly concerned about the Registry key as this seems to be associated with Microsoft Security center and is flagged red. I am not sure what most of the files refer to apart from pictures downloaded from a mobile.

Help and advice appreciated.

tashi
2014-05-20, 09:23
Hello Palmer,

Those entries do not look bad, mostly diagnostic files.

How is your computer running? :)

Best regards.

Palmer
2014-05-20, 22:15
Hello Tashi,

Thanks for your advice. My computer is glitchy and temperamental at the moment which is why I ran the RootAlyzer. However I think the behaviour is mainly due to a lack of RAM. It is fairly old and needs a memory boost.
Cheers