Results 1 to 2 of 2

Thread: Help with Log

  1. #1
    Junior Member
    Join Date
    Sep 2017
    Posts
    1

    Default Help with Log

    Hello,

    I pose my problem here because it is the same problem. I would like to know if the Regikeys are likely to be dangerous for my computer.

    // info: Rootkit removal help file
    // copyright: (c) 2008-2017 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1EF2BF69AA8B90E42A7D4868C551EDB0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\33CB2A05DC9C1FB38AFF351CA0B081C3:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\47CA2FBBC0273BC32819E543302923AF:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA76301B744CAF070E41400:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D30CF9A3586C138449FCE4FD3D474979:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E3461F56BCF2ACD4A880E257219B8736:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EDE8C96D5CBBB634E8E05C6A3D11FCF4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\A-Volute:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\DriversCloud.com\Langues:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Comodo\Installer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Origin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Razer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VideoLAN\VLC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Razer\Razer Cortex:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\3D Vision:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\PhysX:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\Update Core:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\DPC Latency Tuner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Fast Boot:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Gaming APP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Live Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Super Charger:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v4.0\Redist\DX Redist:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office16:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Uninstaller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Lang:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\PostureAgent\plugins\install:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1036:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat Reader DC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\CCleaner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\cFosSpeed:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\DriversCloud.com:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\RogueKiller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TeamSpeak 3 Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Ansel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Control Panel Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Display.NvContainer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvContainer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvStreamSrv:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvTelemetry:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\ShadowPlay:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{151AF600-C107-4230-A28D-9F2A2814D6D9}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{545D9ACB-FFA2-4B77-B439-702FBF6BD9D7}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C0C9399E-9639-46DA-99B3-DF456878C8CD}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C12A6C4B-E86D-46BB-8D1B-73A59A32D7A9}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C7231ED5-16C3-4642-BF8C-B97D9F376B22}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{620C4733-5810-492E-9664-8DADE5CE70DA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{6935EFAF-2FC3-4ACA-B511-3362A38EFADA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{27541053-8A6A-44FD-B3E7-4CDCEEC5E449}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Optimus.{865BB31E-9361-4DCF-BA75-A8C4FB47BDE5}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Optimus.{ACD732B7-066D-4585-A6C3-11A6823D151E}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Update.{6489146F-E1ED-4A1D-9929-2357A8942D46}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Update.{AEC80282-4109-4A8C-8B58-F3F99B5D9960}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{FA601CF1-92A3-4904-837A-AECA720EB963}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.ContainerTelemetryApiHelper.{CEFA52F1-E56B-48D9-BA0F-A2C787E4B747}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.LocalSystem.{094D6EA0-F3D0-44DF-BF6F-0351A1F8A65C}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.LocalSystem.{BDE1BCE3-8A33-4149-A323-3E27FB12D454}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.MessageBus.{55DEB713-3704-460C-AB9B-DCEB5CA7DE3F}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.MessageBus.{D177DF05-542A-407A-9F93-EDB11B686E57}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.NetworkService.{0DBB8DB2-B222-400C-881E-A2B568AB4D50}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.NetworkService.{6113274A-967F-4503-B82A-E6FD5D3195CB}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.Session.{3F779DB8-7C7C-4971-A26C-D339BA499F93}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.Session.{A62757A0-F83B-442E-A1D5-064B4180920B}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.User.{B0DC171E-A1E9-4D77-81D0-881E3B4DF305}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.User.{E95BED06-1E7E-4EBE-94C2-93E17B53F779}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NVDisplayContainerLS.{FB521F4B-44B6-4A9E-9525-F38265DA564C}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NVDisplayPluginWatchdog.{0BD0915C-AB5A-4489-976A-431544FF12A5}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NVDisplaySessionContainer.{139F1ACB-8190-4F30-8288-448083E432FA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvNodejs.{53BE0B0A-5858-48F5-87DC-8EFDE88BD774}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvNodejs.{DB7CE656-CD38-4750-A170-1B6CC7FD4190}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvPlugin.Watchdog.{827C4B19-B26B-4AA3-BB2C-35C7FF6F3CFA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvPlugin.Watchdog.{FE8E6AE2-5088-40DD-B598-1017A0112A4B}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvTelemetryContainer.{406BFD25-395A-4F89-906F-86A0DD5208F6}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvTelemetryContainer.{A61F2130-1388-46DB-899F-DCD1EB2F57E2}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvvHci.{E4B0E4EF-587F-40DE-978E-3429C1A48604}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\OSC.{3DCFE790-EA30-4670-861D-6DF86F345DEA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\OSC.{DECC4DCD-2182-44F6-8530-AE0A26DA7532}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{1FF2CB38-92CD-4C53-88D4-4F294CC86C62}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{79A88201-451C-41F1-AF5B-F0F1BF6AF62F}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{C403082E-96A7-4CAF-9FBF-DDE5CCCC3051}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{CFB9218F-8CC0-48FC-9447-15B07B4FA52E}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2\NSConfigurator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2\UserInterface:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2\UserInterface\x64:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft SQL Server Compact Edition\v3.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.50901.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Malwarebytes\Anti-Malware:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Chipset Device Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\IntelSGXPSW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\COMODO\COMODO Internet Security:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\MSI\MSI Gaming Lan Manager:Win32App_1:$DATA"


    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"
    Last edited by tashi; 2017-09-03 at 18:12. Reason: Split off from another's thread

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,379

    Default

    Hello Nolt72,

    This log alone is not raising a flag as even legitimate software may use rootkit technologies.

    Let us know the problem are you experiencing and also the operating system please.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •