What is ...\Explorer\UserAssist\... Registry Key?

Hi, I found this key in my registry:


It contains approx. 700 fields all similar as the two below:

HRZR_EHACVQY:%pfvqy6%\Ba Yvar Ersrerapr\Serrolgr'f Thvqr gb Serr Bayvar Ersrerapr.hey



Any idea what this is about?  I'm running Win98se.
Who is Participating?
Here are the two most comprehensible web sites mentioning this Registry key that I've found (using the search engine Google.com).  The second one is from the "cached" pages stored currently at Google.  Neither is all that clear.  On the second one, I did try the link to the German ZDnet page it mentioned, but the page location had changed.


also try spybot
it will check for spyware
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

Steve, I believe those keys in the Win98 registry are all legitimate ones, not having to do with spyware, etc.  (My seach turned up some of your same sites.)  I have looked in my Win98se registry and I have the same keys.  Take a look at my second link.
czechmateAuthor Commented:
Thanks guys for all the links.  I have visited some of
them before I've come here (in fact I'm here 'cause ain't
nothing worthwhile on Google:)

I think LeeTutor is right in saying the keys in question
are legitimate.    On the second LeeTutor's link somebody
says it is encrypted history of program activity.  Well it
is posible but it certainly is not an authoritative
statement.  It is the only piece of info that is actually
relevant to my question.  

Thanks for advice on Trojan  removals etc, I have all that
including Adaware.

The Question remains: what is the key "..\userassist\count" about or what purpose does it serve?
It is similar to some Japanese character entries, do you use foreign lanuage character sets?
czechmateAuthor Commented:
Hi guys, here's some feedback.
No, these are not Japanese characters MrBillisMe, even
though they definitely look like it:))  Thanks to the second link in LeeTutor comment I eventually figured out
at least some of it.

The entries are encrypted with ROT13 algorithm. That ROT13
exists I only found after I cracked it already.  This is
not bragging, it just shows you how simple the algo is.  
You simply add 13 to each character in A..Z range and if
it spills out you continue at the beginning.
Anyway today I was given a link where you can
encode/decode the stuff.


Then I decrypted contents of ..\count key and it is some
kind of history of Favorites menu and aparently other
customized menus.  Here's couple of examples:

Sample 1
Original entry:
HRZR_EHACVQY:%pfvqy6%\Yvaxf\paa\PAAsa - gur svanapvny

Plain text:

Sample 2


I still don't know what the purpose of these keys is.  Are
they used when a menu item is activated?  On the other
hand I have entries there that have been long time removed
from my menus.  So, does anybody have a test rig on which
to try delete the whole thing? :))

Ok I found the actual reg key here .. not sure exactly what it does but here it is.


So my guess based on that is that it is associated with dreamweaver 4 if you use that then there u go.

As for trying to delete it all you need to do if you choose to do this is create a backup of the registry and then delete the files .. if it messes things up then restore the registry and you will be back where you were before.

I hope that having an idea exactly where the registry key is from is of some help :)

czechmateAuthor Commented:
Griffon thanks for your contribution.  I do not use Dreamweaver, dreamweaver is just one of the apps that are using the key.  As I wrote above it is some kind of repository of links and commands, for what I don't know.  Anyway I think I leave it as it is, the points go to Lee Tutor he put me on the right track.
Thanks guys,
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.