Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Winxp registry strange entries=malware?


  • Please log in to reply

#1
medusa569

medusa569

    Member

  • Member
  • PipPip
  • 20 posts
On a lark and not liking to be locked out I altered my registry software with no exclusion for scanning. ( yes I know the pitfalls of that)..but after scanning with this new unhampered parameter. I got over 800 registry entries with assigned disks letter ( i.e. S & P ) where I have never assigned anything over drive E. All these strange entries were in a strange code that looked greek to me..not computer language but like a code.
Are these possibly a type pf malware ?? I deleted these keys and so far found no problems yet in programs that I have tried but what had happened to my computer???! Had I not fudged around with the exclusion file ( back door method as the program does not allow altering it) then I would never have seen these items. NO other scanning with any program ever brought these items to light. thanks in advance for any brainstorming.
  • 0

Advertisements


#2
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
If you KNOW the pitfalls did you backup the registry first using, for example. ERUNT.
http://www.geekstogo...covery-utility/
Did you create a restore point before "playing around" with the registry.
Are you really only running SP2 with XP, support for which finished over two months ago, so no security updates will be received.
If all this sounds rather sharp, it is not meant to be, it is meant to make you think seriously about the correct way to alter registry keys.
Other than that, I cannot help you, I am not an expert in the registry, and that is what you need.

I also notice on another thread you started that you are fixing a friends computer and have run registry programs on it. My strong advice and the advice of this forum, keep away from them. Most are useless, many are dangerous. See this
http://miekiemoes.bl...weaking_13.html

Edited by Macboatmaster, 26 September 2010 - 02:14 PM.

  • 0

#3
123Runner

123Runner

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,308 posts
And I will 2nd what has already been stated. Messing with the registry serves no useful purpose. It will not make the computer faster or less cluttered.
If you say that you are still operational, then you are a lucky one.
Many times you will break it and then the only option is to re-install the OS.
  • 0

#4
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts

but after scanning with this new unhampered parameter. I got over 800 registry entries with assigned disks letter ( i.e. S & P ) where I have never assigned anything over drive E. All these strange entries were in a strange code that looked greek to me..not computer language but like a code.

What program did you use?
Is the system in any way not acting correctly?
Are any programs not working or any speed lacking off or online?
  • 0

#5
medusa569

medusa569

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
To the concerned members ( and believe me I fully understand the apprehension), yes of course i backed up the registry, the disk everything...been there done that. BUT,, I did learn something new......those files I found in registry under explorer/user assist....theey are a type of spyware...from Microsoft and more. Apparantly the entries are Rot13 encoded and they are "count" files. I deleted them and made a program that would cease the possability of making them in the future.
I have come out ahead of this particular storm...although a bit war weary.


:-) regards.....medusa


BTw the program was acting very buggy..exceedingly slow start ups and shut downs ( when it shut down) everything painfully slow.....I used registry first aid to scan the registry..although remeber i altered the exceptions list and when I scanned after that thats when i discovered these hidden files not seen before.Apparently deleting them has caused no harm.

Edited by medusa569, 26 September 2010 - 07:18 PM.

  • 0

#6
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
Since you believe there to be some type of infection then I suggest you go to the Malware Removal and Spyware Removal Forum and run all the steps located in the
START HERE. These self-help tools will help you clean up 70% of problems on your own.
If you are still having problems after doing the steps, then please post the reguested logs in THAT forum.
If you are unable to run any of the tools then start a new topic in the malware forum and put this in the subject line...I am unable to run any malware tools

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).

Add a link to this topic so that malware tech can see what steps have been taken here
  • 0

#7
deggitt

deggitt

    Member

  • Member
  • PipPipPip
  • 272 posts
Registry COUNT KEYS..........


http://personal-comp...3/v29/vic29.htm
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP