Hello and welcome to our forums,
This is indeed a strange behavior. Most likely, that SID represents your own user.
You can proceed as it follows to see whether it returns your username or not:
- open an elevated PowerShell prompt
Code: Select all
$sid = new-object system.security.principal.securityidentifier("SID")
$objUser = $sid.translate([System.Security.Principal.NTAccount])
$objUser.value
Could you please try that and see if it returns your username?
The
"ProfileService" key contains subkeys that store references to the user profiles on a Windows computer. These references include the location of the profile, the security identifier (SID) of the user associated with the profile, and other information.
The
"References" key contains subkeys that store information about the user profiles that are currently loaded on the system. These subkeys include the SID of the user associated with the profile, the path to the profile, and other information.
It's important to note that modifying the registry key improperly can cause serious problems that may require you to reinstall your operating system. Therefore, it's recommended to be very careful when working with the registry.
That being said, I highly doubt that your EXE setup tries to modify that key.
Most likely, I would say that is a "noise" entry captured from some other system process.
Did you perform the repackaging operation on a clean Virtual Machine? Please note we recommend this so as little "noise" as possible is captured during the process.
Additionally, if possible, could you please share with me the name of the EXE package that you are trying to repackage so I can run some tests on my end as well?
Best regards,
Catalin