 | |
| |
| 12 Feb 2013 | #1 |
| | UserAssist{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}Count Registry Inspect I was wondering if someone could have a quick look at these two registry elements that I've attached? Registry keys are located at: HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerUserAssist{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}Count and HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerUserAssist{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}Count I've just noticed the locations the keys are pointing to are using characters that make me think it's left over malware links or something. The fact it's using drive letters I don't have assigned, and in another language I thought I'd ask here. Also, using ccleaner it removes entries from this location only to have more removed at a later run date. |
My System Specs | |
| 12 Feb 2013 | #2 |
| Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1 SecretCity | |
| My System Specs |
| 12 Feb 2013 | #3 |
| | RogueKiller Code: RogueKiller V8.5.1 _x64_ [Feb 12 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Craig [Admin rights]
Mode : Scan -- Date : 02/12/2013 23:06:40
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 14 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{F3D3C09B-0AC5-414F-9CFF-AA0A70C69E4E} : NameServer (8.26.56.26,8.20.247.20) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 realmedia.channel4.com
127.0.0.1 webstat.channel4.com
127.0.0.1 s0.2mdn.net
127.0.0.1 imagec16.247realmedia.com
127.0.0.1 realmedia.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
[...]
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST3400832AS ATA Device +++++
--- User ---
[MBR] c803b3d6f7e6aa9b4ff765b3cb38f130
[BSP] 499c8530ef537dff8a017b6548ee39b0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 381552 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST380817AS ATA Device +++++
--- User ---
[MBR] 58216cbb943701146193585082b76fdd
[BSP] 20755ced4876ac454b7b89288476c71c : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: Hitachi HTS541680J9SA00 ATA Device +++++
--- User ---
[MBR] 59e978553f6543c9aa35db7e64b6b9aa
[BSP] 57347e001ed53d65cccf43f8c2196c60 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 76317 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive3: WDC WD20EURS-63S48Y0 ATA Device +++++
--- User ---
[MBR] 472ad2bfdc6262379d10973e382af0dc
[BSP] 278fb93e2f79dec4f3e16885a6a43e09 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive4: StoreJet Transcend USB Device +++++
--- User ---
[MBR] bd8140db097d736ff472ef67582b7d0a
[BSP] 9bd1f3cb1324c735f7d22a0757288225 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1]_S_02122013_02d2306.txt >>
RKreport[1]_S_02122013_02d2306.txt EDIT: I have read and am aware of what these 2 folders are supposed to do. But I have no idea what: Q:\\Tnzrf\\Cbxre Avtug ng gur Vairagbel\\PryroevglCbxre.rkr"=hex:1e,00,00,00, I have mapped network location on Q: but not on R: which makes me wonder about: "R:\\KNZCC\\frghc_knzcc.ong"=hex:1e,00,00,00,00,00,00,00,00,00,00,00,00,00,00, |
| My System Specs |
| . |
| |
| 12 Feb 2013 | #4 |
| Microsoft Windows 7 Home Premium 64-bits 7601 Multiprocessor Free Service Pack 1 SecretCity | quite normal |
| My System Specs |
| 12 Feb 2013 | #5 |
| | Thank you for clarifying. A network location in my home got hit with a virus and I was checking my system was secure |
| My System Specs |
 |
UserAssist{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}Count Registry Inspect problems?
| Thread Tools | |
| Similar help and support threads for: UserAssist{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}Count Registry Inspect | ||||
| Thread | Forum | |||
| Registry problem after windows update and registry optimization tool | Backup and Restore | |||
| Driver Sweeper can't delete all registry files in registry editor | Drivers | |||
| need help with *dmp inspect | BSOD Help and Support | |||
All times are GMT -5. The time now is 12:32 PM.
