Forum: War Ensemble BBS

Re: Registry - this can't be good

From Shadow@Sh@dow.br to alt.comp.os.windows-10,alt.comp.anti-virus,alt.comp.virus,comp.security.misc on Sun Sep 20 18:50:20 2020

From Newsgroup: comp.security.misc

On Sun, 20 Sep 2020 17:31:33 +0200, "s|b" <me@privacy.invalid> wrote:

So I'm visiting my sister and as usual I take a look at her PC (Windows
10, all recent updates), mostly to update old software. Her C: drive was
all clogged up, a folder (Software) that I use has miraculously
vanished, Fortnite was installed, ... At his point, I'm happy Chrome
isn't installed (again).

Then I look at the Registry and I see this: ><https://i.postimg.cc/W3TGJbdK/regedit.png>

The
hOhOhOhOhOhOhOhOhOhOhOhOhOhOhO

Sounds suspicious.
A Chinese Santa Claus?
;)
Seriously, try to put that as a filter in Regmon(or whatever
it's called now) and try to see what program is summoning it.

Cross posted to other relevant groups.
[]'s

That can't be good, right? Avast can't find anything. CCleaner doesn't
show me these files and SUPERAntiSpyware and Malwarebytes don't raise an >alarm either.

What could this be? The most recent backup image (Macrium) is dated
2018, but I'm inclined to use it to get rid of this crap... unless
anyone else has a better idea?

--
Don't be evil - Google 2004
We have a new policy - Google 2012
--- Synchronet 3.18a-Linux NewsLink 1.113