What are these... ?

Will post two screencaps, re oddball entries: happened to use msconfig dialog box the other night, and saw these listings. No idea what they are, how long they've been there, but it seems a bit unsettling.

Thanks, for any ideas on this, SG1 (Pat)

 

And, here's second entry.

SG1 (Pat)

 

The Windows service entry strikes me as a randomly named file used by RootkitRevealer That randomly named service is created by RootkitRevealer.exe in %temp% but when the service exits it should be deleted. If you search the hard drive do you find that possible .exe file in a temp folder and have you recently used Sysinternals RootkitRevealer ?

Bubba

 

Bubba;

Used SI's RKR a while back; seemed to have trouble running it re other security apps allowing it (as RKR now creates random file name/s, as method to fool possible black hats on one's PC as I understand it).

Did search for the "U... whatever" listing, and found nothing.

Thanks, SG1 (Pat)

 

Was that "U... whatever" search in regards to the registry also ?

Since it's shown as a service I'd be sure I took care and made sure I was looking for this whatever file.

 

Bubba;

Pardon me, I stand corrected. I did search of C: drive, not the reg., and you are right of course about looking in the reg. I'll do that.

Thanks, SG1 (Pat)

 

Bubba;

Re my mystery "U... whatever" file (so-called as I didn't have name proper in front of me at the time, but I'm not blaze about unknowns of any type on our PC).

Here is reg. report about said file, and I still have no idea what this pertains to - any ideas?

Thanks, SG1 (Pat)

==================================
REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 7/13/2006 4:18:27 PM for strings:
; 'uvztldxk'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]
"UVZTLDXK"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_UVZTLDXK]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_UVZTLDXK\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_UVZTLDXK\0000]
"Service"="UVZTLDXK"
"DeviceDesc"="UVZTLDXK"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\UVZTLDXK]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\UVZTLDXK]
"DisplayName"="UVZTLDXK"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\UVZTLDXK\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\UVZTLDXK\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\UVZTLDXK\Enum]
"0"="Root\\LEGACY_UVZTLDXK\\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_UVZTLDXK]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_UVZTLDXK\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_UVZTLDXK\0000]
"Service"="UVZTLDXK"
"DeviceDesc"="UVZTLDXK"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UVZTLDXK]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UVZTLDXK]
"DisplayName"="UVZTLDXK"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UVZTLDXK\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_UVZTLDXK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_UVZTLDXK\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_UVZTLDXK\0000]
"Service"="UVZTLDXK"
"DeviceDesc"="UVZTLDXK"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UVZTLDXK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UVZTLDXK]
"DisplayName"="UVZTLDXK"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UVZTLDXK\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UVZTLDXK\Enum]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UVZTLDXK\Enum]
"0"="Root\\LEGACY_UVZTLDXK\\0000"

[HKEY_USERS\S-1-5-21-796845957-1960408961-725345543-1003\Software\Novatix\ExplorerPlus\CurrentVersion\NxFind\FileNames]
"1"="UVZTLDXK "

; End Of The Log...