Results 1 to 4 of 4

Thread: Pls check my RootAlyzer outputs and advise re further steps

  1. #1
    Junior Member
    Join Date
    Jul 2015
    Posts
    2

    Question Pls check my RootAlyzer outputs and advise re further steps

    Hi all,

    I am a newbie woth RootAlyzer. This is what it's found. However no Action was shown, so I am not sure what to do with this crap.
    Any advice from more experienced users will be very much appreciated

    File:"Unknown ADS","C:\Windows\Temp\FacRecovery\mount:$WIMMOUNTDATA:$DATA"
    File:"Unknown ADS","C:\Users\UserName\OneDrive:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\UserName\OneDrive\Share:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\UserName\OneDrive\Документы:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\UserName\OneDrive\Документы\Новая папка:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\UserName\OneDrive\Документы\Новая папка (2):ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\UserName\Documents\Scanned Documents\Приветствие программы сканирования.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}","8"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}","8"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Jpn","DuState"
    Last edited by tashi; 2015-12-14 at 04:23. Reason: Moved from the malware forum

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello jbionic,

    The RootAlyzer is more of an analyst tool, how is the computer running, any issues?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Jul 2015
    Posts
    2

    Default

    Thanks, tashi. I've had a few malicious candies that were identified and removed by MalwareBytes. Right after removing them that I decided to double-check with Spybot S&D just to make sure there were no more hidden left-overs. If you say those from the list are ok, then I feel relieved.

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hi jbionic,

    They appear to be normal files.

    if any issues out of the ordinary do pop up let me know and I will direct you to the malware forum so someone can take a look at the system.

    All the best.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •