Results 1 to 2 of 2

Thread: Help with Log

  1. #1
    Junior Member
    Join Date
    Sep 2017
    Posts
    1

    Default Help with Log

    Hello,

    I pose my problem here because it is the same problem. I would like to know if the Regikeys are likely to be dangerous for my computer.

    // info: Rootkit removal help file
    // copyright: (c) 2008-2017 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1EF2BF69AA8B90E42A7D4868C551EDB0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\33CB2A05DC9C1FB38AFF351CA0B081C3:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\47CA2FBBC0273BC32819E543302923AF:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA76301B744CAF070E41400:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D30CF9A3586C138449FCE4FD3D474979:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\E3461F56BCF2ACD4A880E257219B8736:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EDE8C96D5CBBB634E8E05C6A3D11FCF4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\A-Volute:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\DriversCloud.com\Langues:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Comodo\Installer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Origin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Razer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VideoLAN\VLC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Razer\Razer Cortex:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\3D Vision:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\PhysX:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\NVIDIA Corporation\Update Core:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\DPC Latency Tuner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Fast Boot:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Gaming APP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Live Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSI\Super Charger:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v4.0\Redist\DX Redist:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Synchronization Services\ADO.NET\v1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office16:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\IObit\IObit Uninstaller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Lang:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\PostureAgent\plugins\install:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1036:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat Reader DC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\CCleaner:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\cFosSpeed:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\DriversCloud.com:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\RogueKiller:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\TeamSpeak 3 Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Ansel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Control Panel Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Display.NvContainer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvContainer:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvStreamSrv:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\NvTelemetry:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\ShadowPlay:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{151AF600-C107-4230-A28D-9F2A2814D6D9}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{545D9ACB-FFA2-4B77-B439-702FBF6BD9D7}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C0C9399E-9639-46DA-99B3-DF456878C8CD}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C12A6C4B-E86D-46BB-8D1B-73A59A32D7A9}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C7231ED5-16C3-4642-BF8C-B97D9F376B22}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{620C4733-5810-492E-9664-8DADE5CE70DA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{6935EFAF-2FC3-4ACA-B511-3362A38EFADA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{27541053-8A6A-44FD-B3E7-4CDCEEC5E449}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Optimus.{865BB31E-9361-4DCF-BA75-A8C4FB47BDE5}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Optimus.{ACD732B7-066D-4585-A6C3-11A6823D151E}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Update.{6489146F-E1ED-4A1D-9929-2357A8942D46}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\Display.Update.{AEC80282-4109-4A8C-8B58-F3F99B5D9960}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{FA601CF1-92A3-4904-837A-AECA720EB963}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.ContainerTelemetryApiHelper.{CEFA52F1-E56B-48D9-BA0F-A2C787E4B747}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.LocalSystem.{094D6EA0-F3D0-44DF-BF6F-0351A1F8A65C}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.LocalSystem.{BDE1BCE3-8A33-4149-A323-3E27FB12D454}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.MessageBus.{55DEB713-3704-460C-AB9B-DCEB5CA7DE3F}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.MessageBus.{D177DF05-542A-407A-9F93-EDB11B686E57}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.NetworkService.{0DBB8DB2-B222-400C-881E-A2B568AB4D50}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.NetworkService.{6113274A-967F-4503-B82A-E6FD5D3195CB}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.Session.{3F779DB8-7C7C-4971-A26C-D339BA499F93}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.Session.{A62757A0-F83B-442E-A1D5-064B4180920B}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.User.{B0DC171E-A1E9-4D77-81D0-881E3B4DF305}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvContainer.User.{E95BED06-1E7E-4EBE-94C2-93E17B53F779}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NVDisplayContainerLS.{FB521F4B-44B6-4A9E-9525-F38265DA564C}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NVDisplayPluginWatchdog.{0BD0915C-AB5A-4489-976A-431544FF12A5}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NVDisplaySessionContainer.{139F1ACB-8190-4F30-8288-448083E432FA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvNodejs.{53BE0B0A-5858-48F5-87DC-8EFDE88BD774}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvNodejs.{DB7CE656-CD38-4750-A170-1B6CC7FD4190}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvPlugin.Watchdog.{827C4B19-B26B-4AA3-BB2C-35C7FF6F3CFA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvPlugin.Watchdog.{FE8E6AE2-5088-40DD-B598-1017A0112A4B}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvTelemetryContainer.{406BFD25-395A-4F89-906F-86A0DD5208F6}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvTelemetryContainer.{A61F2130-1388-46DB-899F-DCD1EB2F57E2}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\NvvHci.{E4B0E4EF-587F-40DE-978E-3429C1A48604}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\OSC.{3DCFE790-EA30-4670-861D-6DF86F345DEA}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\OSC.{DECC4DCD-2182-44F6-8530-AE0A26DA7532}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{1FF2CB38-92CD-4C53-88D4-4F294CC86C62}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{79A88201-451C-41F1-AF5B-F0F1BF6AF62F}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{C403082E-96A7-4CAF-9FBF-DDE5CCCC3051}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{CFB9218F-8CC0-48FC-9447-15B07B4FA52E}:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2\NSConfigurator:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2\UserInterface:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Nahimic\Nahimic2\UserInterface\x64:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Synchronization Services\ADO.NET\v1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft SQL Server Compact Edition\v3.5:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.50901.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Malwarebytes\Anti-Malware:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Chipset Device Software:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\IntelSGXPSW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\COMODO\COMODO Internet Security:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\MSI\MSI Gaming Lan Manager:Win32App_1:$DATA"


    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"
    Last edited by tashi; 2017-09-03 at 19:12. Reason: Split off from another's thread

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,282

    Default

    Hello Nolt72,

    This log alone is not raising a flag as even legitimate software may use rootkit technologies.

    Let us know the problem are you experiencing and also the operating system please.

    Best regards.
    Microsoft MVP Reconnect 2018
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •