Results 1 to 7 of 7

Thread: Root Anylizer, red and yellow flags etc... what does this mean and what should I do?

  1. #1
    Junior Member
    Join Date
    Feb 2014
    Location
    Waterford, MI
    Posts
    5

    Question Root Anylizer, red and yellow flags etc... what does this mean and what should I do?

    // info: Rootkit removal help file
    // copyright: (c) 2008-2017 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"No admin in ACL","C:\Windows.old\WINDOWS\System32\Tasks_Migrated\Microsoft\Windows\Shell\CreateObjectTask"
    File:"No admin in ACL","C:\Windows.old\WINDOWS\System32\Tasks_Migrated\Microsoft\Windows\SettingSync\BackgroundUploadTask"
    File:"Unknown ADS","C:\Windows.old\ProgramData\Microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\ProgramData\Microsoft\Windows\DeviceMetadataStore:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files (x86)\MSBuild:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021091A0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109411090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109510090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109610090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109611090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109810090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A20000000100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A20090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109AB0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109E60090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021599B0090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109831090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1BF4A48A307DBD84980E866B94D98210:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\2D6F4B0BEA2FA1544969F6F2A698B723:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\2DA216A277B7494489BD1F1FA1B4FF59:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3e43b73803c7c394f8a6b2f0402e19c2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\844C97FE649617D41843300487880C45:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\87824B78CE79BB646AFA3D705666CB86:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\b25099274a207264182f8181add555d0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\c1c4f01781cc94c4c8fb1542c0981a2a:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D20352A90C039D93DBF6126ECE614057:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EFEE0228DC83E77358593193D847A0EC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Pictures:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Public:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Public\Your iPage Order Confirmation - owner :ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Pictures\walmart.png:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\1996 Chevy Lumina 4 door V.docx:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Gmail - Ford Spark Plug Settlement, Claim # AM10393507.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Medication Record Resident.docx:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Photo by Walgreens _ Order Confirmation.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Photo by Walgreens _ Order Confirmation2.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\planer+downrigging.docx:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\pws.txt:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\gary.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ10th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ5th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ8th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ9th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJandGums.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJandJessica.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJbirthdayparty.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\ajGobooks.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJgradeschoolage.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJnJessicaNGrandmaNgrandpa.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJwhatYear.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\cedarpoint.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess7thgradeHonors1.jpeg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess7thgradeHonors2.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess8thgradehonor1.png.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess8thgradeHonors2.jpeg.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\jessica10thgrade.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JessicaXmasShow.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JessNJustin.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JessZoo.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JustinVisiting.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\LkStClairMid90s.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (10).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (10).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (11).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (12).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (13).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (14).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (15).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (16).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (17).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (18).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (19).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (2).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (2).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (20).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (21).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (22).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (23).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (24).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (25).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (26).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (27).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (28).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (29).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (3).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (3).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (30).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (31).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (32).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (33).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (34).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (35).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (36).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (37).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (38).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (39).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (4).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (4).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (40).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (41).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (42).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (43).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (44).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (45).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (46).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (47).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (48).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (49).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (5).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (5).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (50).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (51).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (52).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (53).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (54).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (55).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (56).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (57).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (58).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (59).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (6).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (6).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (60).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (61).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (62).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (63).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (64).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (65).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (66).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (67).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (68).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (69).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (7).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (7).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (8).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (8).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (9).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (9).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Welcome Scan.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\AppData\Roaming\Microsoft\IdentityCRL\production:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Frank\AppData\Local\VirtualStore\Program Files (x86)\Corel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Frank\AppData\Local\VirtualStore\Program Files (x86)\Corel\Corel PaintShop Pro X9:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\HP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\HP Photo Creations:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\SupportAssist\Client:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\Protexis64\27026335.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis64\B002E8B3B8.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis64\KGyGaAvL.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis\27026335.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis\B002E8B3B8.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis\KGyGaAvL.sys"
    File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\Windows\DeviceMetadataStore:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
    File:"No admin in ACL","C:\ProgramData\McAfee\Proxy\data"
    File:"Unknown ADS","C:\ProgramData\Dell\QuickSet:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\CyberLink\CLDShowX.ini:Update.CL:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Corel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Backup and Recovery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Customer Connect:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Digital Delivery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Wireless:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ImgBurn:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Visual Studio 8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSBuild:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Wyse\PocketCloud:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Wyse\PocketCloud\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Contacts:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\SOXE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Installer\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VideoLAN\VLC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Works\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Visual Studio\COMMON\IDE\IDE98:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1036:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\3082:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1033\GrooveForms5\FormsStyles:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\McAfee\SiteAdvisor:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\LG Electronics\LG Mobile Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\LG Electronics\LG United Mobile Drivers:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel Control Center:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Processor Graphics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\HP Software Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\IrisOCR_12.3.4.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\IrisOCR_12.3.7.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\HP Officejet 5740 series\bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\Common\HPDestPlgIn:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Framework:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Wireless\Bluetooth Suite:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe:Microsoft_Appcompat_ReinstallUpgrade:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell\SupportAssistAgent:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell\SupportAssistAgent\bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\Power2Go8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\PowerDirector10:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\PowerDVD10:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\BIL:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB\Resources\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\MSMAPI\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\SFPCA Cache:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Access.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Excel.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Groove.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\InfoPath.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office64.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office64.WW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\OneNote.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Outlook.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Proofing.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Publisher.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Brother\PE-DESIGN 8 (Trial Version):Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat Reader DC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\McAfee:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Mouse and Keyboard Center:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\UNP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Zune:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Zune\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.50907.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office12\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\HP\HP Officejet 5740 series:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\HP\HP Officejet 5740 series\Bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\DellDataVault:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\QuickSet:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\SARemediation:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\SupportAssist:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\SupportAssistAgent:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\QuickSet\help:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\DW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Jpn","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Jpn","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"
    Last edited by tashi; 2017-07-27 at 19:55. Reason: Replaced email address with owner

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,999

    Default

    Hello frankooooo,

    The RootAlyzer is an analyst tool, in general all items found by the RootAlyzer are not necessarily malicious.

    As the log isn't waving a flag could you tell me how the computer is running, was there a particular reason for running a rootkit scan?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Feb 2014
    Location
    Waterford, MI
    Posts
    5

    Default

    Thanks for your response. I only suspect that there may be too many tracking or malware type stuff going on in my laptop Windows 10, considering the way things are these days... and my wifi video streaming stuff seems to be slower than it should be from this laptop.... the items with the red flags gives me the impression that they are bad?

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,999

    Default

    Hello frankooooo,

    Quote Originally Posted by frankooooo View Post
    the items with the red flags gives me the impression that they are bad?
    Could you copy and paste only the red flag items here please.

    Also please list all security software installed.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Junior Member
    Join Date
    Feb 2014
    Location
    Waterford, MI
    Posts
    5

    Default

    Quote Originally Posted by tashi View Post
    Hello frankooooo,



    Could you copy and paste only the red flag items here please.

    Also please list all security software installed.

    Best regards.
    sorry for not responding sooner...

    // copyright: (c) 2008-2017 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"No admin in ACL","C:\Windows.old\WINDOWS\System32\Tasks_Migrated\Microsoft\Windows\Shell\CreateObjectTask"
    File:"No admin in ACL","C:\Windows.old\WINDOWS\System32\Tasks_Migrated\Microsoft\Windows\SettingSync\BackgroundUploadTask"
    File:"Unknown ADS","C:\Windows.old\ProgramData\Microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\ProgramData\Microsoft\Windows\DeviceMetadataStore:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files (x86)\MSBuild:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows.old\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021091A0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109411090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109510090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109610090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109611090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109810090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A20000000100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109A20090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109AB0090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109E60090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F10090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\000021599B0090400100000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\00005109831090400000000000F01FEC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1926E8D15D0BCE53481466615F760A7F:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1BF4A48A307DBD84980E866B94D98210:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\1D5E3C0FEDA1E123187686FED06E995A:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\2D6F4B0BEA2FA1544969F6F2A698B723:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\2DA216A277B7494489BD1F1FA1B4FF59:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\3e43b73803c7c394f8a6b2f0402e19c2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\844C97FE649617D41843300487880C45:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\87824B78CE79BB646AFA3D705666CB86:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\b25099274a207264182f8181add555d0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\c1c4f01781cc94c4c8fb1542c0981a2a:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D20352A90C039D93DBF6126ECE614057:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Windows\Installer\$PatchCache$\Managed\EFEE0228DC83E77358593193D847A0EC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Pictures:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Public:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Public\Your iPage Order Confirmation - fjamedurejr@gmail.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Pictures\walmart.png:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\1996 Chevy Lumina 4 door V.docx:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Gmail - Ford Spark Plug Settlement, Claim # AM10393507.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Medication Record Resident.docx:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Photo by Walgreens _ Order Confirmation.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\Photo by Walgreens _ Order Confirmation2.pdf:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\planer+downrigging.docx:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\SkyDrive\Documents\pws.txt:ms-properties:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\gary.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ10th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ5th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ8th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJ9th.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJandGums.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJandJessica.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJbirthdayparty.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\ajGobooks.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJgradeschoolage.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJnJessicaNGrandmaNgrandpa.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\AJwhatYear.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\cedarpoint.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess7thgradeHonors1.jpeg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess7thgradeHonors2.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess8thgradehonor1.png.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\Jess8thgradeHonors2.jpeg.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\jessica10thgrade.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JessicaXmasShow.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JessNJustin.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JessZoo.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\JustinVisiting.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Pictures\oldfampics\LkStClairMid90s.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (10).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (10).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (11).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (12).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (13).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (14).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (15).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (16).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (17).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (18).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (19).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (2).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (2).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (20).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (21).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (22).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (23).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (24).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (25).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (26).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (27).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (28).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (29).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (3).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (3).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (30).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (31).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (32).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (33).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (34).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (35).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (36).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (37).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (38).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (39).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (4).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (4).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (40).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (41).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (42).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (43).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (44).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (45).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (46).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (47).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (48).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (49).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (5).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (5).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (50).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (51).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (52).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (53).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (54).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (55).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (56).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (57).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (58).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (59).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (6).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (6).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (60).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (61).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (62).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (63).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (64).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (65).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (66).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (67).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (68).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (69).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (7).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (7).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (8).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (8).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (9).jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image (9).png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Image.png:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\Documents\Scanned Documents\Welcome Scan.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
    File:"Unknown ADS","C:\Users\Frank\AppData\Roaming\Microsoft\IdentityCRL\production:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Frank\AppData\Local\VirtualStore\Program Files (x86)\Corel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Users\Frank\AppData\Local\VirtualStore\Program Files (x86)\Corel\Corel PaintShop Pro X9:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\HP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\HP Photo Creations:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\SupportAssist\Client:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\Protexis64\27026335.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis64\B002E8B3B8.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis64\KGyGaAvL.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis\27026335.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis\B002E8B3B8.sys"
    File:"No admin in ACL","C:\ProgramData\Protexis\KGyGaAvL.sys"
    File:"Unknown ADS","C:\ProgramData\Microsoft\OFFICE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\Microsoft\Windows\DeviceMetadataStore:Win32App_1:$DATA"
    File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
    File:"No admin in ACL","C:\ProgramData\McAfee\Proxy\data"
    File:"Unknown ADS","C:\ProgramData\Dell\QuickSet:Win32App_1:$DATA"
    File:"Unknown ADS","C:\ProgramData\CyberLink\CLDShowX.ini:Update.CL:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Corel:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Backup and Recovery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Customer Connect:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Digital Delivery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Wireless:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\ImgBurn:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Visual Studio 8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Mozilla Firefox:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\MSBuild:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Wyse\PocketCloud:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Wyse\PocketCloud\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Contacts:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\SOXE:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Shared\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Photo Gallery\Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Windows Live\Installer\en:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\VideoLAN\VLC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Works\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Visual Studio\COMMON\IDE\IDE98:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft SQL Server Compact Edition\v3.1:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office14:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1036:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\3082:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Microsoft Office\Office12\1033\GrooveForms5\FormsStyles:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\McAfee\SiteAdvisor:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\LG Electronics\LG Mobile Driver:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\LG Electronics\LG United Mobile Drivers:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel Control Center:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Management Engine Components:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Intel\Intel(R) Processor Graphics:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\HP Software Update:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\IrisOCR_12.3.4.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\IrisOCR_12.3.7.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\HP Officejet 5740 series\bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\HP\Common\HPDestPlgIn:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Framework:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Google\Chrome\Application:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Wireless\Bluetooth Suite:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe:Microsoft_Appcompat_ReinstallUpgrade:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell\SupportAssistAgent:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Dell\SupportAssistAgent\bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\Power2Go8:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\PowerDirector10:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\CyberLink\PowerDVD10:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\BIL:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\DESIGNER:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\Ole DB\Resources\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\System\MSMAPI\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\SFPCA Cache:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\VC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Access.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Excel.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Groove.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\InfoPath.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office64.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office64.WW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\OneNote.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Outlook.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Proofing.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Publisher.en-us:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Common Files\Adobe\ARM\1.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Brother\PE-DESIGN 8 (Trial Version):Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files (x86)\Adobe\Acrobat Reader DC:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\McAfee:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Mouse and Keyboard Center:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\UNP:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Zune:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Zune\en-US:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Realtek\Audio\HDA:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Silverlight\5.1.50907.0:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office12:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Microsoft Office\Office12\1033:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\iCLS Client:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Intel\Intel(R) Rapid Storage Technology:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\HP\HP Officejet 5740 series:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\HP\HP Officejet 5740 series\Bin:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\DellDataVault:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\QuickSet:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\SARemediation:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\SupportAssist:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\SupportAssistAgent:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Dell\QuickSet\help:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\DW:Win32App_1:$DATA"
    File:"Unknown ADS","C:\Program Files\Common Files\microsoft shared\VC:Win32App_1:$DATA"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center","Svc"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Jpn","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\WOW6432Node\Microsoft\InputMethod\Chs","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\Security Center\Svc","Upgrade"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Jpn","DuState"
    RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\InputMethod\Chs","DuState"

  6. #6
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,999

    Default

    Hello frankooooo,

    I am not seeing anything, sometimes even legitimate software uses rootkit technologies.

    Quote Originally Posted by tashi View Post
    Also please list all security software installed.
    Quote Originally Posted by frankooooo View Post
    and my wifi video streaming stuff seems to be slower than it should be from this laptop....
    Is that a new issue? Windows 10 can eat resources.

    Articles that may be of interest, there are lots of others.

    http://www.computerworld.com/article...r-privacy.html

    http://www.pcworld.com/article/30952...r-privacy.html

    Some users are using programs like Spybot Anti Beacon, long thread here

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  7. #7
    Junior Member
    Join Date
    Feb 2014
    Location
    Waterford, MI
    Posts
    5

    Default

    Quote Originally Posted by tashi View Post
    Hello frankooooo,



    I am not seeing anything, sometimes even legitimate software uses rootkit technologies.





    Is that a new issue? Windows 10 can eat resources.

    Articles that may be of interest, there are lots of others.

    http://www.computerworld.com/article...r-privacy.html

    http://www.pcworld.com/article/30952...r-privacy.html

    Some users are using programs like Spybot Anti Beacon, long thread here

    Best regards.
    Thanks for letting me know.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •