Posted 06 February 2010 - 12:43 AM
I am running Windows XP SP2 on an HP 630 media center computer, about 5 years old; I have kept it updated on a regular basis. I have used Norton Antivirus and Internet Security (updated each year) since Day 1 on this computer, and have used SpyBot Search and Destroy regularly as well. Recently, I have noted a marked slowdown with several functions. Again, I ran SpyBot S&D, and also AdAware, and fixed everything these programs found.
This evening, I decided to check the Registry for anything that obviously didn't belong. I made a list of all software with which I was unfamiliar found in both HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE, then looked up each with Google. I was able to eliminate all but five entries as being used by legitimate software on my computer, but I am hesitant to eliminate ANYTHING from the registry until I'm absolutely certain that they're malware. The entries in question are:
from HKEY_CURRENT_USER Software:
Leadertech - PowerRegister - not sure if this is Adware or not
ORL - VNCHooks - this one I'm pretty sure is malware from what I read
from HKEY_LOCAL_MACHINE Software:
58f - nothing found on this
COft5Y - nothing found on this
Motive - Acme - this program is found on my C drive under Documents and Settings/All Users/Application Data. From my own reading, I'm not sure if this is a friendly keylogger (I have used remote support chat from Symantec/Norton on one occasion), a bad keylogger, or just plain malware.
If these five items were found in your Registry, would you keep them, or blow them away? Thank you in advance for any advice you can offer!
MAD in IA