2009-11-04, 02:49
Hi there,

Since I don't get infected A lot (& when I do it's usually an f/p); I'm wondering if A very pecular start-up entry actually could be linked to A rootkit of some sort.

Normally I use Opera 10, webmail & A very tight security & cleanup operation on this pc since my last installation. (approx 8 months ago)
I sometimes use less secure browsers because of necessary website visits.

I run most regular XP-services, spybot, some other securrity software, regularly updates & I did install An AV A month ago to try it out (didn't work for me)
So thats off my pc again.

Now the weird part, after I used sysinternals pagefile cleaner A couple of weeks ago [pagedefrag] & if i'm remembering correctly I did came across A malware site, but I'm not completely sure.
The next day I restarted my computer there was A weird registrykey appearing in my startup (seen it via residentshield): 'NoDriveAutoRun' if I should believe Regedit, it's A simple key that belongs to Explorer; but why didn't it appear before that time?

I'm not giving any values yet, but I just wanted to know:
A: Is there A regular/not harmful hexidecimal value that could appear?
B: Are there value's that appear when infected by A rootkit?
C: Why is it added by the time I do A startup? (probably because it is A rootkit.)
D: the key(s) we are (probably?) talking about:

