Weird reg keys surfaced at RootKitReveal Scan

Hi dear wilders.

i'm by no means a security expert, so i could really use some advice on this one:

i scanned my system using RootKitReveal, and got 3 puzzling discrepencies in the registry:
1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\€쀐㸸 , discrepency: 0 bytes Key name contains embedded nulls (*)
2) HKLM\SOFTWARE\ODBC\ODBCINST.INI\Conversor de página de código MS , discrepency: 0 bytes Hidden from Windows API.
3) HKLM\SOFTWARE\ODBC\ODBCINST.INI\MS Code Page-Übersetzer , discrepency: 0 bytes Hidden from Windows API.

the last two keys contain addressing to C:\WINDOWS\System32\MSCPXL32.dll, and my guess is they are just some benign translation-feature keys. the first key (the one with the gibberish chars), however, contains 2 weird value dati:
a) C:\WINDOWS\System32\ReinstallBackups\€쀐㸸\DriverFiles\.INF ,
b) c:\ati\support\wxp-w2k-catalyst-7-962-031202m1-012924c\driver\2kxp_inf\cx_12924.inf
(again, the gibberish chars are given as is). The two values seem unrelated, and it seems weird to me they should be in the same registery key.


anyone familiar with these inf's or reg keys? are they some sort of malware?

i'd MUCH apprechiate any knowledgable advice.

 

Hi, Gandalf123,

These two links should Help you out with what RR is detecting;

http://www.sysinternals.com/Forum/forum_posts.asp?TID=1761&KW=ODBCINST.INI

http://www.sysinternals.com/Forum/forum_posts.asp?TID=333& amp;KW=Reinstall

Regards T