Results 1 to 5 of 5

Thread: No admin in ACL

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2023-02-22, 01:40 #1
    Borg666
    Borg666 is offline
    Junior Member
    Join Date
    Apr 2014
    Posts
    2

    Default No admin in ACL

    Hi Tashi,

    as I'm a pretty n00b in this kind of task, may I ask you how to figure out, if my accidently click on an unknown EXE, which was downloaded from a not reliable source, was any harmful in my case?



    // info: Rootkit removal help file
    // copyright: (c) 2008-2023 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","C:\ProgramData\Acronis:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\Diagnosis\ETLLogs\DlTel-Merge.etl:$ETLUNIQUECVDATA:$DATA"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-08-06-19-40-20-805-10872"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-08-14-17-28-29-088-9424"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-09-08-18-42-30-436-9548"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-09-09-23-21-29-627-16000"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-09-23-23-42-17-320-7336"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-10-08-02-11-48-092-8744"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-10-22-19-09-36-711-9520"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-11-05-00-03-06-485-9768"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-11-18-00-50-48-508-8044"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-12-02-21-23-28-167-10108"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2020-12-17-06-41-52-118-7484"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-03-13-16-03-43-858-788"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-03-18-22-45-51-583-3628"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-03-30-22-46-36-607-7184"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-04-14-23-30-04-627-4324"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-04-28-21-02-09-482-3356"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-05-12-21-28-27-043-7964"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-06-12-03-14-31-837-9544"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-07-07-12-20-20-727-10172"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-07-21-23-43-16-517-8592"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-08-07-20-44-16-487-4712"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-09-15-22-30-31-161-9604"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-09-29-19-54-58-869-8984"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-10-13-18-19-42-014-6352"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-10-26-22-06-14-566-3052"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-11-13-01-10-08-464-5236"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-11-30-19-29-29-135-4820"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2021-12-23-04-33-07-255-8748"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-01-06-04-00-43-752-6428"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-01-20-00-35-04-200-8884"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-02-03-00-14-55-688-8360"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-03-16-00-57-49-278-8536"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-03-30-22-08-46-727-636"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-04-13-22-10-34-739-4464"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-04-28-03-57-26-445-6604"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-05-25-17-57-50-068-5428"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-06-08-21-47-45-521-8560"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-06-23-17-28-17-774-7060"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-07-06-18-09-17-157-1608"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-07-21-02-56-45-257-8632"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-08-04-02-56-31-430-8884"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-08-17-23-17-45-635-8660"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-08-25-01-35-24-043-9880"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-09-01-03-09-22-629-6284"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-09-14-17-28-42-440-9152"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-09-17-06-57-22-604-6268"
    File:"No admin in ACL","C:\ProgramData\Dropbox\Update\Log\DropboxUpdate.log-2022-09-27-22-18-51-083-6032"
    File:"Unknown ADS","C:\Program Files (x86)\Acronis:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CheckDrive:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HD Tune:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Acronis:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Bonjour\Bonjour.Resources:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Acronis\TrueImageHome:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Bonjour:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\MiniTool Partition Wizard 10:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\rempl:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\WinRAR:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\RealVNC\VNC4:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\RealVNC\VNC4\Mirror Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\RealVNC\VNC4\Printer Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\CPUID\CPU-Z:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Axis Communications\AXIS Camera Station:Win32App_1:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Services\CPK2HWU","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Services\CPK1HWU","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Services\CPK2HWU","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Services\CPK1HWU","Final"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\WOW6432Node\AppID","{1111A26D-EF95-4A45-9F55-21E52ADF9887}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\WOW6432Node\AppID","{1111A26D-EF95-4A45-9F55-21E52ADF9887}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\AppID","{1111A26D-EF95-4A45-9F55-21E52ADF9887}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Classes\WOW6432Node\WOW6432Node\AppID","{1111A26D-EF95-4A45-9F55-21E52ADF9887}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Classes\WOW6432Node\AppID","{1111A26D-EF95-4A45-9F55-21E52ADF9887}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Classes\AppID","{1111A26D-EF95-4A45-9F55-21E52ADF9887}"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","MsSense.exe"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Provider"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","ProvidersMigration"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Provider","Av"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Provider","CBP"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Provider","DPA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Provider","Fw"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Provider","SecurityApp"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Provider\SecurityApp","WebProtection"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","MsSense.exe"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center","Provider"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center","ProvidersMigration"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider","Av"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider","CBP"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider","DPA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider","Fw"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider","SecurityApp"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp","WebProtection"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"


    Thanks and regards,
    Borg666
    Last edited by tashi; 2023-02-23 at 17:03. Reason: Split off from another thread, so you have your own topic. :-)
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules