Disk antivirus - black screen

G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
Here is the feedback for SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 19:59 on 18/03/2013 by Vicky
Administrator - Elevation successful

========== filefind ==========

Searching for "*avg*"
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcfg.log.1 --a---- 1024100 bytes [18:07 01/03/2010] [23:10 08/03/2010] 494F7B2F06A13099AD6892587FD38BEE
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcfg.log.2 --a---- 1024184 bytes [18:07 01/03/2010] [13:51 06/03/2010] 6DC45EA0087A4122F26AD76D6537FEA2
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcfg.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.1 --a---- 1024310 bytes [18:07 01/03/2010] [15:36 02/04/2010] E5171C6553C0C4596181E0998C6CD8C6
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.10 --a---- 1024382 bytes [18:07 01/03/2010] [04:05 18/03/2010] E0479904B19097C8EE30DFE358469304
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.2 --a---- 1024238 bytes [18:07 01/03/2010] [20:50 31/03/2010] 796F7A76451DE1C306C2CD5B1B3BC034
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.3 --a---- 1024346 bytes [18:07 01/03/2010] [06:49 30/03/2010] BFAC9C65B41A0A083F796807EEF1AFCE
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.4 --a---- 1024154 bytes [18:07 01/03/2010] [14:56 28/03/2010] FFFC8B9986BF8C172767E15DC16731D6
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.5 --a---- 1024366 bytes [18:07 01/03/2010] [01:39 27/03/2010] D8717B2D68D660D23AE7143B522D95E1
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.6 --a---- 1024278 bytes [18:07 01/03/2010] [03:15 25/03/2010] 3B6AE3DE143AAC1016EB50D00DDDBD22
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.7 --a---- 1024240 bytes [18:07 01/03/2010] [12:06 23/03/2010] 3B650A58D3E14A563275A3E48DADCDFB
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.8 --a---- 1024502 bytes [18:07 01/03/2010] [22:55 21/03/2010] 96D8C1032BC4F52E2B9C44D6753FE2E4
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.9 --a---- 1024472 bytes [18:07 01/03/2010] [02:17 20/03/2010] 1925AA470FA323A161E312242FECD89A
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjw.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjwsrv.log.1 --a---- 1024124 bytes [18:07 01/03/2010] [01:15 01/04/2010] 9442DB64EC83C5C648E3882EA5648F22
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgchjwsrv.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.1 --a---- 1024310 bytes [18:07 01/03/2010] [12:14 30/03/2010] 6D21F952D4310AD9CFD6160B939069A8
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.2 --a---- 1024268 bytes [18:07 01/03/2010] [17:24 29/03/2010] B180247670169CC0DDF5414AA4CD4C87
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.3 --a---- 1024686 bytes [18:07 01/03/2010] [23:55 22/03/2010] 363F66CAF2EE6CE820C91437132079B5
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.4 --a---- 1024394 bytes [18:07 01/03/2010] [02:48 18/03/2010] 2FAC39D756F65CABF6113D4E28580A08
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.5 --a---- 1024048 bytes [18:07 01/03/2010] [23:00 15/03/2010] 39BD04D8A3A120D45ECD5B53FF9B17A0
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.6 --a---- 1024602 bytes [18:07 01/03/2010] [13:40 09/03/2010] FAF7A30B624A15FCE00FF80E84EFD4C4
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.7 --a---- 1024658 bytes [18:07 01/03/2010] [13:40 02/03/2010] 4D437F3AB53BF8A5534F2729A5F46C5C
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.8 --a---- 1024126 bytes [18:07 01/03/2010] [21:38 02/03/2010] 8C5404F27A9C4F50511D25DC7D64C949
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgcore.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgfrw.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgldr.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avglng.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgns.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.1 --a---- 1024464 bytes [18:07 01/03/2010] [19:36 27/03/2010] 9582A694447F774D9F74E839B0E1C0F6
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.10 --a---- 1024044 bytes [18:07 01/03/2010] [23:03 15/03/2010] A7ADEF10D2D80BFBACFE52B29156AA3D
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.2 --a---- 1024848 bytes [18:07 01/03/2010] [10:57 16/03/2010] EE10F00CBBFFE62591CE9EE9FF9B20D3
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.3 --a---- 1024868 bytes [18:07 01/03/2010] [10:35 16/03/2010] 44811B31CB72463C096314A50EF2391F
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.4 --a---- 1024220 bytes [18:07 01/03/2010] [10:12 16/03/2010] 13AB2F643AD57D0BF39FA005DB6F5CFF
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.5 --a---- 1024088 bytes [18:07 01/03/2010] [09:55 16/03/2010] AEBDF9298CBD4CA357184C8BF99F1FE8
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.6 --a---- 1024240 bytes [18:07 01/03/2010] [09:44 16/03/2010] 3806BD83E6B50DA553EC5A3360724910
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.7 --a---- 1024006 bytes [18:07 01/03/2010] [09:29 16/03/2010] E6895C4EE3D4CC6C403D05F6CF497C27
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.8 --a---- 1024824 bytes [18:07 01/03/2010] [08:55 16/03/2010] F3853C5D19D11460A20266158811BCAB
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.9 --a---- 1024360 bytes [18:07 01/03/2010] [08:42 16/03/2010] 2902FA0A3A64D28394533965D4118155
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgrs.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgscan.log.lock --a---- 0 bytes [18:09 01/03/2010] [18:09 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.1 --a---- 1024080 bytes [18:09 01/03/2010] [13:41 31/03/2010] E59F734F82BEF32DAC2B30D444FC09FA
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.10 --a---- 1024098 bytes [18:09 01/03/2010] [22:47 15/03/2010] 9F88C69DF96812A0B4EA3DF7CE3C9F6F
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.2 --a---- 1024418 bytes [18:09 01/03/2010] [19:16 28/03/2010] 3C21DA0EE0A945A9F4B01F26197D7E3A
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.3 --a---- 1024256 bytes [18:09 01/03/2010] [22:28 25/03/2010] D20D31F282345E848AA8B943C5DA9265
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.4 --a---- 1024204 bytes [18:09 01/03/2010] [14:36 23/03/2010] B4D8E03664656A52F89D27FCED5C0747
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.5 --a---- 1024212 bytes [18:09 01/03/2010] [04:45 23/03/2010] BCC02756F1C2D87914E250FA194D2AC4
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.6 --a---- 1024186 bytes [18:09 01/03/2010] [18:22 22/03/2010] 4993C72AA3232A1762279AEC9F7D29BF
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.7 --a---- 1024230 bytes [18:09 01/03/2010] [06:00 22/03/2010] 1332A8E1B984A820508252572BC84453
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.8 --a---- 1024310 bytes [18:09 01/03/2010] [20:31 21/03/2010] A4EDE224ECA0EBEC04460B10B1B4D15E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.9 --a---- 1024060 bytes [18:09 01/03/2010] [00:16 19/03/2010] CE8688FE5327C19AC9EFB2E557F14D68
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsched.log.lock --a---- 0 bytes [18:09 01/03/2010] [18:09 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsrm.log.lock --a---- 0 bytes [18:09 01/03/2010] [18:09 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsrmac.log.lock --a---- 0 bytes [23:28 02/03/2010] [23:28 02/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgsrmacstat.log.lock --a---- 0 bytes [23:28 01/03/2010] [23:28 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgtdi.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgui.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgupd.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.1 --a---- 1024152 bytes [18:07 01/03/2010] [21:36 25/03/2010] 4A3986A141EE4F3BFD828F5D20616A71
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.10 --a---- 1024168 bytes [18:07 01/03/2010] [23:10 02/03/2010] E48D56572EF94C9CE2A622FCC2CB373D
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.2 --a---- 1024044 bytes [18:07 01/03/2010] [13:41 13/03/2010] 5C91341790988E2BED3C3AD9822F4A5A
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.3 --a---- 1024132 bytes [18:07 01/03/2010] [17:40 12/03/2010] 1180B1A922E6ABEC6955ACBB51443152
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.4 --a---- 1024074 bytes [18:07 01/03/2010] [13:40 11/03/2010] 677CD0157D0E6C5E040B342ED65FAED1
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.5 --a---- 1024238 bytes [18:07 01/03/2010] [23:09 09/03/2010] AB4EA5952D824A8B819E21A6D0DCD736
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.6 --a---- 1024186 bytes [18:07 01/03/2010] [13:41 08/03/2010] 535F22B1DAA822BCCA4291BEA7BAF0C9
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.7 --a---- 1024250 bytes [18:07 01/03/2010] [13:40 07/03/2010] 147C86D13531B5A1B08EFB0E61AF02A8
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.8 --a---- 1024068 bytes [18:07 01/03/2010] [23:10 05/03/2010] 30915E781FFB52D957EFCEAE19124AF2
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.9 --a---- 1024254 bytes [18:07 01/03/2010] [13:40 04/03/2010] BC9C5F7DD1EEF50140AB9D889CBBC5B2
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwd.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E
E:\Documents and Settings\All Users\Application Data\avg9\Log\avgwdsvc.log.lock --a---- 0 bytes [18:07 01/03/2010] [18:07 01/03/2010] D41D8CD98F00B204E9800998ECF8427E

Searching for "*vipre*"
No files found.

Searching for "*avast*"
No files found.

========== folderfind ==========

Searching for "*avg*"
E:\Documents and Settings\All Users\Application Data\avg9 d------ [18:06 01/03/2010]
E:\Documents and Settings\All Users\Application Data\avg9\AvgAm d------ [18:06 01/03/2010]
E:\Documents and Settings\All Users\Application Data\avg9\AvgApi d------ [18:06 01/03/2010]
E:\Program Files\AVG d------ [18:07 01/03/2010]
E:\Program Files\AVG\AVG9 d------ [18:07 01/03/2010]

Searching for "*vipre*"
E:\Program Files\Sunbelt Software\VIPRE d------ [10:58 13/12/2009]

Searching for "*avast*"
E:\Documents and Settings\All Users\Application Data\AVAST Software d------ [23:48 02/03/2011]
E:\Program Files\AVAST Software d------ [23:48 02/03/2011]
E:\Program Files\AVAST Software\Avast d------ [23:48 02/03/2011]

========== Regfind ==========

Searching for "avg"
[HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayRSAlert]
[HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayScanFinished]
[HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayScanFinishedThreatFound]
[HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayScanStarted]
[HKEY_CURRENT_USER\AppEvents\EventLabels\avgtrayWSAlert]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray]
@="AVG"
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray\avgtrayRSAlert]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray\avgtrayScanFinished]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray\avgtrayScanFinishedThreatFound]
[HKEY_CURRENT_USER\AppEvents\Schemes\Apps\avgtray\avgtrayScanStarted]
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVGeneral]
[HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\AVGeneral]
[HKEY_CURRENT_USER\Software\AppDataLow\Avg]
[HKEY_CURRENT_USER\Software\AppDataLow\Avg\Avg9]
[HKEY_CURRENT_USER\Software\Avg]
[HKEY_CURRENT_USER\Software\Avg\Avg9]
[HKEY_CURRENT_USER\Software\Avg\Avg9\avgui]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Free 9.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Avg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Avg\Avg9]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]
@="AVGeneralNotification Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification\CurVer]
@="AVGeneralNotification.AVGeneralNotification.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]
@="AVGeneralNotification Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}]
@="AVGeneralNotification Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\ProgID]
@="AVGeneralNotification.AVGeneralNotification.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\VersionIndependentProgID]
@="AVGeneralNotification.AVGeneralNotification"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\e:|Program Files|Microsoft Silverlight|4.0.60129.0|hr|system.resources.dll]
"system.resources,version="2.0.5.0",publicKeyToken="7cec85d7bea7798e",processorArchitecture="MSIL",fileVersion="4.0.60129.0",culture="hr""="3PgDT0$gy?~Dc}DI]?&!Complete4.0.60129.0>NGEM5AVgG=~j$-v0s9cr"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\avgfrw]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\avgui]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
"DllName"="avgssie.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\Registration\{91120000-0030-0000-0000-0000000FF1CE}]
"Current"="TQBJAEMAUgBPAFMATwBGAFQAIABTAE8ARgBUAFcAQQBSAEUAIABMAEkAQwBFAE4AUwBFACAAVABFAFIATQBTAA0ACgAyADAAMAA3ACAATQBJAEMAUgBPAFMATwBGAFQAIABPAEYARgBJAEMARQAgAFMAWQBTAFQARQBNACAARABFAFMASwBUAE8AUAAgAEEAUABQAEwASQBDAEEAVABJAE8ATgAgAFMATwBGAFQAVwBBAFIARQANAAoAQgBlAGwAbwB3ACAAYQByAGUAIAB0AGgAcgBlAGUAIABzAGUAcABhAHIAYQB0AGUAIABzAGUAdABzACAAbwBmACAATABpAGMAZQBuAHMAZQAgAFQAZQByAG0AcwAuAKAAIABPAG4AbAB5ACAAbwBuAGUAIABzAGUAdAAgAGEAcABwAGwAaQBlAHMAIAB0AG8AIAB5AG8AdQAuAKAAIABUAG8AIABkAGUAdABlAHIAbQBpAG4AZQAgAHcAaABpAGMAaAAgAEwAaQBjAGUAbgBzAGUAIABUAGUAcgBtAHMAIABhAHAAcABsAHkAIAB0AG8AIAB5AG8AdQAgAGMAaABlAGMAawAgAHQAaABlACAAbABpAGMAZQBuAHMAZQAgAGQAZQBzAGkAZwBuAGEAdABpAG8AbgAgAHAAcgBpAG4AdABlAGQAIABlAGkAdABoAGUAcgAgAG8AbgAgAHkAbwB1AHIAIABwAHIAbwBkAHUAYwB0ACAAawBlAHkALAAgAG4AZQBhAHIAIAB0AGgAZQAgAHAAcgBvAGQAdQBjAHQAIABuAGEAbQBlACAAbwBuACAAeQBvAHUAcgAgAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAG8AZgAgAEEAdQB0AGgAZQBuAHQAaQBjAGkAdAB5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG9Uninstall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002119030000000000000000F01FEC\Features]
"VSTAIDEFiles"="*'=!-^1,a=%'HvwuM1s`lKe5wH&]&@iPgg*yzeka^FHUlH5uN9JD-'X2le-Ps(AJAjg'5=pm02,i9u5Td?k78go{S9v~.(_vyvb?7hLd@@7WH?biopFjqbsZ4?0!M_EtF9n3t3Yv}eU**z@Br{g1g(Rsy?VXB]2dxS}AW1_mOA!$oMQKOGPv*5!ULp'a99B&BsXmnNlg^k^shb2)g(FNy?VXB]2dgMB+sWA*0?jr)%4E?mxW}?0KnSBBC@uW&p3_R8rRJ54(qwdUx@+wP31En{vb`BzOcNs9F9~+.(+LTJE7ydnm1rV!1A1_C0b~kk=YW@g!R3IjB@l52{kc-~ak={8UQmN?b?x%%F%R9~S_@!iX2C%EJ@-,dmh3~OTp%chs4XT1W@.n.cJ&=gEZ%m[NUKVZU?&~nA,q7iv-R*hIkzh[)@*)d?=di1Y&v,B]z(D@4AAgL2?R3hF,z@(CfHR}{9(tu$Vq'QBd!FH'Qp8GB@Z2YrD[[C?9x)rAZTkpo9u!-Gb}$QWPlH*czRL2*96Y3KkKmxWX_q'UA+WQJAj%VbnaI0G?y68!l89BL@n~CX`crX-O5$&uxpTp_=A89%l7Qjzj46CT9*IvZ8=EXq+,6+([Ae-p$J{+o=QtITuzyO8Zs.C2V_Fe`A~HkA-Ty8qv!42?$gW$r9lZ)wXcl7aRwE?=@sCO3=HmWx%iGDJ*,!!V-bI9%9sresQy6&Xc'BFM1pD(u8=H@`P&+d$2m}[fE+4Ia?QI?y=)RA)^-d%_JNIM]8P1ch1vDV6P}'-*F{zoM@Slv={j_uap)^fAv9p'S?&tq64pQ10,{zJA,Yg!GA[^F.EP^h6RToHvwCweq?[FVtL,~k~,kDG-p
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9E6E4EC855D9BF34D9BD86C879B6CF50\Features]
"Unload"="u.'b9VZqf(g6u.Q(31aRw.'b9VZqf(g6u.Q(31aR3%A_WCdVC=ArD*MY's'rCoNvaQ??WA8N.+Ou*==^_5Atk%aP[@k39+DK2=wznw1oIlDw`9*]Vce+$Dlub7ugvh{'O?V*zbDC&4G^t[$v`jp^b8?h~3)s3WpKY^waiZ($i@*g3(ck'{vR&Vk]w4)D3@YUMq@(lsE0o0zj66&JbAYYo.T6q&7l`kEAvTWqY9a$$*AxP3j6r0q3=NKk^=ex_~6miB{ql_n^If`rV@F3V9In-QxJw+pTIavR1Ajui34B5i*pP5GtkaI[JA=[mc$}ANtNqcYa&`QR{8}43dz3*$-zf=~q@1JK~9Ldk5Ts&9Z`G7CZAaHR*=1AxvDt!V548HKWN6@w@@(-xX[hdjDOv*`OxpsAv=PodbG9ttYPmwszLip+q?]1hNw&Z}43-0uH*u'b6?sFRLP5E6JdWe_dyaYS9@9%$8cKg02RA)G93(WuAARlrlY1.nr0ho3M.&@^-={4SJ1Ch$qc=SI$hb@r?ALT9])97-F+p@_STyD$z8I&&VX=$Co(D-e`=mCw}?Vs(tDdiL}1c6,1?BCPi8HupBD1?oGtNUY~u_?Eb97L2FM3R!MIk,9=ZzNVq9vk,Id[9G5%qw}nmS$=t@ihYG5~H^?0o~]Fhz_JT?6y$cswDcRLW~T+kgh7R?dC[s.0!5_xwa86dzvr4=weIEHFO+@3L-}L?+&3@?unl{hj-{W$YdC)QONT6?[PX.sA&AX(cs!_-5G]V@f`Yz,jqGIP$ncHCyFod8PRGSan5d8*5cSAk&@&&=Mw(GqmChEH6=$5'yTEh@D@8w!J(cf4HnN-^)acY=n6+$$.eUDl1@Vk90DML@`
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B3186732A5E214647B3B0A5DDA5B2592\Features]
"HPPhotoSmartExpress"="u.'b9VZqf(g6u.Q(31aRw.'b9VZqf(g6u.Q(31aR).z2K3m+~9)n5..0Y71*G`b{teMXd?zGT=dOg1+&df%(j,)1^?2Iht,(ihHFhW_uo]thZALISbH_AqC@q0WUa*6[B@WKO6TZctaHs?sD*G{l~9z!$NmJ3{Np,f2sI@]gb?+w`?&*csy$-Xzc?U^N+9Po.b]o}&_&4g[(VCaI}?E-t}M+fww=AbyIr!I`@=vR~Hc{9U6N.[!C6y^Z*@]tzrBQevBIN&b$-m)]KAwI2__'^Es)Kz$ug[IW{?bqPKHwY'i9)Bl6F'$pZ9`k{%Da]iBRv}px9brXL916`hwYraUdR*Z!ueecU?nIn{7-?.]PpGFPjdNez9vUgYN6fGgfrCsmSd_7190tZ7?aa$P97~nI)1dF^A=],!_gkr+?tvDL=0lqj?hTW'+s6)3tyY@X64?[F@&c]7cTyRnU^CHqdO!A29SGQ8uI*]XKOFpbI~x)d9]nq!@Ri2W3y@tqM]xM$@rH%YI1R339%1[3[f[&[9EbE,8v'V)0$*FJI3,ko9p4&=YFE,QkT^AfFIrR%AhsQWp]20+L(dz15Vc)8=fiKYjseW^SV4I[OJ3!k8Sho~H,'KqVp4yR9r!ii8^5dG8th8,7RJAr^e?*??[MEiQN'y_VNx7~RmgzS?}^d$@S?{bsy~&tP71~l9x.]m4N`IQ4c$LF,cK?N@0{6Zc}.tF^)eW3par`79l5LTgOWMxz@h,hMnWcP9]G`RRYnCsJL)2Pa_A@4APrw(i16pbN&=JmqYIm$?7TyuPpu%T88&*oP%GLD=PMK***don&?%21k*d})=dKhS]0p~o9]s[BM3(vq=a`13lbb(
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7676C1C593BBC34FB9950B1858BD66A\Features]
"Gallery_Help30"="3%A_WCdVC=ArD*MY's'rCoNvaQ??WA8N.+Ou*==^_5Atk%aP[@k39+DK2=wznw1oIlDw`9*]Vce+$Dlub7ugvh{'O?V*zbDC&4G^t[$v`jp^b8?h~3)s3WpKY^waiZ($i@*g3(ck'{vR&Vk]w4)D3@YUMq@(lsE0o0zj66&JbAYYo.T6q&7l`kEAvTWqY9a$$*AxP3j6r0q3=NKk^=ex_~6miB{ql_n^If`rV@F3V9In-QxJw+pTIavR1Ajui34B5i*pP5GtkaI[JA=[mc$}ANtNqcYa&`QR{8}43dz3*$-zf=~q@1JK~9Ldk5Ts&9Z`G7CZAaHR*=1AxvDt!V548HKWN6@w@@(-xX[hdjDOv*`OxpsAv=PodbG9ttYPmwszLip+q?]1hNw&Z}43-0uH*u'b6?sFRLP5E6JdWe_dyaYS9@9%$8cKg02RA)G93(WuAARlrlY1.nr0ho3M.&@^-={4SJ1Ch$qc=SI$hb@r?ALT9])97-F+p@_STyD$z8I&&VX=$Co(D-e`=mCw}?Vs(tDdiL}1c6,1?BCPi8HupBD1?oGtNUY~u_?Eb97L2FM3R!MIk,9=ZzNVq9vk,Id[9G5%qw}nmS$=t@ihYG5~H^?0o~]Fhz_JT?6y$cswDcRLW~T+kgh7R?dC[s.0!5_xwa86dzvr4=weIEHFO+@3L-}L?+&3@?unl{hj-{W$YdC)QONT6?[PX.sA&AX(cs!_-5G]V@f`Yz,jqGIP$ncHCyFod8PRGSan5d8*5cSAk&@&&=Mw(GqmChEH6=$5'yTEh@D@8w!J(cf4HnN-^)acY=n6+$$.eUDl1@Vk90DML@`Z&,-*tj}bfO9Tac'$99g]{DIoG%'RuZ^
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F18A77EB513B6664B93FEA070CDA0B75\Features]
"BufferChm"="gu1}a'%%o9hE)^G_acXpx3!zWPhrq8&D@uZ`TPfRlK]77X%1L@6PgxvA+&!bx}Q(Q9Ji?9Su565J~M7@ok&R=StA6?)pL]VgbS1DI{yG?{?Bz?KvOvgwR^71Tm`57-{,d==LyKNnPe&woAx7]$V{DAr.FOVtqD+4?6m~^23BR=Cs_@'-P^VKPr~CF*p!)A`v[Z=?V88`dlrcialYK9(m^PihfvcI4K'yukD}29QsE=)[RC'Es-y[TC)Yk@+=8++u&f&?A)h(jdoE[=uF5J)Sps6r${)vXRh@(A'R$e?vlk4uVYSrBhg[m9h8F)%&4RPi}I-6Fx%AQ?j9B?vA4)F`CMeM(@Ym59b*6b,xoj!nEVGXTV@qd@@TLaps(-*L3RoYe?O(8?&xpmZ6n4'XsOe{Asn~59D)yx$m=3Rj]X5ypsD_g?GMtt`1SuX2K0X-`=oSz@V}~9$9=m$P3U7T]d){`8T(Z_^d1%5=g6!!VpXH!@sY~t1RU}Ly{tVww7T~R@=j3rj]jTSt$GmPwq=hT9EgI&*8q*ANxW~aj8TVZ@xt$M`qg{PQ$s,C3xF+G?~M^[!~VP0,(T]!-IG(QA0xsfl!&n~ZV@Hr=?A1~=t_Ong[a6=4(!{be_idi?~zLD%[4{hHOipHykBQVA@LBa`t%^PhLwzuG2JcE=C%0U633!D)sY)Pj-]Y=9{c(_-a2bK5p`E%1V?jPAS~)p%1)Bak^kC[ei,~WAu5(PWmm+qt)LGan5Y0x=eg)5{Gk.yKa0]5,wHah8Iv4hBI{w(,wRO~UmH)h=a}PV_IFLHT)}[Qy*`,*?mcOp2YXhLIIPIs$8qM_8B6p]n.7mAQ8fJq=v1G&@uk@89Jbn0]f7=Tg4Bh
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the duration of the idle thread is active in the sample interval, and subtracting that time from interval duration. (Each processor has an idle thread tha
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX\0000]
"Service"="AvgTdiX"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX\0000]
"DeviceDesc"="AVG Free Network Redirector"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX\0000]
"Service"="AvgTdiX"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX\0000]
"DeviceDesc"="AVG Free Network Redirector"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX\0000]
"Service"="AvgTdiX"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX\0000]
"DeviceDesc"="AVG Free Network Redirector"
[HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayRSAlert]
[HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayScanFinished]
[HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayScanFinishedThreatFound]
[HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayScanStarted]
[HKEY_USERS\.DEFAULT\AppEvents\EventLabels\avgtrayWSAlert]
[HKEY_USERS\.DEFAULT\AppEvents\Schemes\Apps\avgtray]
[HKEY_USERS\.DEFAULT\Software\AppDataLow\Avg]
[HKEY_USERS\.DEFAULT\Software\AppDataLow\Avg\Avg9]
[HKEY_USERS\.DEFAULT\Software\Avg]
[HKEY_USERS\.DEFAULT\Software\Avg\Avg9]
[HKEY_USERS\S-1-5-19\AppEvents\EventLabels\avgtrayRSAlert]
[HKEY_USERS\S-1-5-19\AppEvents\EventLabels\avgtrayScanFinished]
[HKEY_USERS\S-1-5-19\AppEvents\EventLabels\avgtrayScanFinishedThreatFound]
[HKEY_USERS\S-1-5-19\AppEvents\EventLabels\avgtrayScanStarted]
[HKEY_USERS\S-1-5-19\AppEvents\EventLabels\avgtrayWSAlert]
[HKEY_USERS\S-1-5-19\AppEvents\Schemes\Apps\avgtray]
[HKEY_USERS\S-1-5-19\Software\AppDataLow\Avg]
[HKEY_USERS\S-1-5-19\Software\AppDataLow\Avg\Avg9]
[HKEY_USERS\S-1-5-19\Software\Avg]
[HKEY_USERS\S-1-5-19\Software\Avg\Avg9]
[HKEY_USERS\S-1-5-20\AppEvents\EventLabels\avgtrayRSAlert]
[HKEY_USERS\S-1-5-20\AppEvents\EventLabels\avgtrayScanFinished]
[HKEY_USERS\S-1-5-20\AppEvents\EventLabels\avgtrayScanFinishedThreatFound]
[HKEY_USERS\S-1-5-20\AppEvents\EventLabels\avgtrayScanStarted]
[HKEY_USERS\S-1-5-20\AppEvents\EventLabels\avgtrayWSAlert]
[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\avgtray]
[HKEY_USERS\S-1-5-20\Software\AppDataLow\Avg]
[HKEY_USERS\S-1-5-20\Software\AppDataLow\Avg\Avg9]
[HKEY_USERS\S-1-5-20\Software\Avg]
[HKEY_USERS\S-1-5-20\Software\Avg\Avg9]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\EventLabels\avgtrayRSAlert]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\EventLabels\avgtrayScanFinished]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\EventLabels\avgtrayScanFinishedThreatFound]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\EventLabels\avgtrayScanStarted]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\EventLabels\avgtrayWSAlert]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\Schemes\Apps\avgtray]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\Schemes\Apps\avgtray]
@="AVG"
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\Schemes\Apps\avgtray\avgtrayRSAlert]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\Schemes\Apps\avgtray\avgtrayScanFinished]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\Schemes\Apps\avgtray\avgtrayScanFinishedThreatFound]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\AppEvents\Schemes\Apps\avgtray\avgtrayScanStarted]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Adobe\Acrobat Reader\9.0\AVGeneral]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Adobe\Adobe Acrobat\9.0\AVGeneral]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\AppDataLow\Avg]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\AppDataLow\Avg\Avg9]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Avg]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Avg\Avg9]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Avg\Avg9\avgui]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Free 9.0]
[HKEY_USERS\S-1-5-18\AppEvents\EventLabels\avgtrayRSAlert]
[HKEY_USERS\S-1-5-18\AppEvents\EventLabels\avgtrayScanFinished]
[HKEY_USERS\S-1-5-18\AppEvents\EventLabels\avgtrayScanFinishedThreatFound]
[HKEY_USERS\S-1-5-18\AppEvents\EventLabels\avgtrayScanStarted]
[HKEY_USERS\S-1-5-18\AppEvents\EventLabels\avgtrayWSAlert]
[HKEY_USERS\S-1-5-18\AppEvents\Schemes\Apps\avgtray]
[HKEY_USERS\S-1-5-18\Software\AppDataLow\Avg]
[HKEY_USERS\S-1-5-18\Software\AppDataLow\Avg\Avg9]
[HKEY_USERS\S-1-5-18\Software\Avg]
[HKEY_USERS\S-1-5-18\Software\Avg\Avg9]

Searching for "avast"
[HKEY_CURRENT_USER\Software\AVAST Software]
[HKEY_CURRENT_USER\Software\AVAST Software\Avast]
[HKEY_CURRENT_USER\Software\AVAST Software\WRC\SearchRules\public.avast.com]
[HKEY_CURRENT_USER\Software\AVAST Software\WRC\SearchRules\public.avast.com]
"url"="^http(s)?\:\/\/public\.avast\.com\/(.)*"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\avast! Free Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avastsounds]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avastsounds]
@="avastsoundsfile"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avastsounds]
"Content Type"="application/avast-sounds"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastsoundsfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastsoundsfile]
@="avast! soundpack file"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastsoundsfile\shell\open\command]
@=""E:\Program Files\AVAST Software\Avast\aswChLic.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6569EAFC-365E-4EF4-932A-454CCD5E1434}\1.0]
@="avast! WebRep 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6569EAFC-365E-4EF4-932A-454CCD5E1434}\1.0\0\win32]
@="E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6569EAFC-365E-4EF4-932A-454CCD5E1434}\1.0\HELPDIR]
@="E:\Program Files\AVAST Software\Avast"
[HKEY_LOCAL_MACHINE\SOFTWARE\LogMeIn\V5\AVManagement]
"CurrentAVName"="avast! Free Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\avast]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AAVMKER4\0000]
"DeviceDesc"="avast! Asynchronous Virus Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASWTDI\0000]
"DeviceDesc"="avast! Network Shield Support"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AAVMKER4\0000]
"DeviceDesc"="avast! Asynchronous Virus Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AAVMKER4\0000]
"DeviceDesc"="avast! Asynchronous Virus Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AAVMKER4\0000]
"DeviceDesc"="avast! Asynchronous Virus Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ASWTDI\0000]
"DeviceDesc"="avast! Network Shield Support"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AAVMKER4\0000]
"DeviceDesc"="avast! Asynchronous Virus Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWTDI\0000]
"DeviceDesc"="avast! Network Shield Support"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"E:\Program Files\AVAST Software\Avast\aswRegSvr.exe"="aswRegSvr"
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\AVAST Software]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\AVAST Software\Avast]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\AVAST Software\WRC\SearchRules\public.avast.com]
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\AVAST Software\WRC\SearchRules\public.avast.com]
"url"="^http(s)?\:\/\/public\.avast\.com\/(.)*"
[HKEY_USERS\S-1-5-21-2000478354-2147159105-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\avast! Free Antivirus]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"E:\Program Files\AVAST Software\Avast\aswRegSvr.exe"="aswRegSvr"

Searching for "Vipre"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"E:\Program Files\Sunbelt Software\VIPRE\"="1"

-= EOF =-
 
G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
Results of Security Check:

Results of screen317's Security Check version 0.99.61
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Java(TM) 6 Update 20
Java(TM) 6 Update 7
Java 2 Runtime Environment, SE v1.4.2_18
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (3.6.18) Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive E:: 3%
````````````````````End of Log``````````````````````
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
One of the 4 computer guys installed VIPRE on your PC. Test your computer for abit and let me know if you still experience any issues. If not, we will clean up here and will make some recommendations

Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on:
    • AVG
      VIPRE
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • When prompted click on Yes and then on next.
  • Put a check on any folders that are found and select delete
  • When prompted select yes then on next
  • Once done click Finish.


Update your system
Delete older Java version from your computer by downloading JavaRa
  • Run JavaRa.exe, then click Remove JRE.
  • Let the tool run
  • Once it finishes, close JavaRa

Currently, the following programs on your PC are outdated:
Keeping your programs (especially Adobe and Java products) updated is essential. Outdated programs make your PC more vulnerable to future malware threats. To help you:
  • Download and install Update Checker. It will notify you if any of your programs require an update.
  • Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
  • Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here
 
G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
When using Revo Uninstaller, neither AVG nor VIPRE appear in the list of programs.....(I noticed Avast isn't on there either).

Other notes:

1. Will updating Java interfere with my yahoo website? I'm surprised Java and Adobe flash player don't go through the automatic update process - I had that turned on.
2. Should I update Adobe reader or remove it? I also have Adobe Acrobat 9 Pro, Adobe Premier Elements 8.0 and Adobe Photoshop 8.0, so is there any overlapping? I also noticed that on Revo Uninstaller, I have Adobe Flashplayer 10 Plugin and Adobe Flashplayer 11 ActiveX.
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Goto Start > Control Panel > Add/remove programs. Uninstall the following:

  • Java™ 6 Update 20
    Java™ 6 Update 7
    Java 2 Runtime Environment, SE v1.4.2_18
    Adobe Flash Player 10
    Adobe Reader 9
    Mozilla Firefox (3.6.18)

Then goto the links I provided in the previous post and re-download the programs.

For firefox, you can download the latest version here

Adobe Acrobat 9 Pro, Adobe Premier Elements 8.0 and Adobe Photoshop 8.0 is fine.

Removing Java won't affect yahoo because you will install the newest version back. Java is heavily exploited by hackers and it is strongly recommended you completely uninstall it. However you can keep it, just update to the newest version.

Let's try removing avg with AVG Remover
 
G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
I've uninstalled the programs as noted. I've downloaded AVG Remover and after a very long text file, it says it's not on my computer. Do you want me to copy and paste the long message here? If I read correctly, it almost sounds like AVG was part of Firefox but what do I know <G>. I'll wait on installing a newer Java....maybe that's the one that I don't need for running the website - I'm sure time will tell.

"Adobe Acrobat 9 Pro, Adobe Premier Elements 8.0 and Adobe Photoshop 8.0 is fine."....I guess these are separate programs and don't include Reader and Flash Player. I'll download those now.
 
G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
When downloading Adobe Reader, it installed Google Chrome and the Google tool bar. I removed the tool bar from my IE.....can I go into add/remove programs and eliminate Chrome like I did Firefox? I just don't see the need for all these web browsers (although I noticed that to visit the Tiffany and Co. website, it would never let me on the site through IE...that's why I had downloaded Firefox).

The adobe flash player link didn't work but I went on the net and did it from there.

I believe the only thing left from your prior list is to install Update Checker which I'm getting ready to do.
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Try this one:

http://download.macromedia.com/get/flashplayer/current/support/uninstall_flash_player.exe

You have the option to not install Google Toolbar. Google chrome is considered safer than Internet Explorer. YOu can remove it in the add/remove programs list.
 
G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
Everything is done and I also removed a few programs that I no longer use on this computer. I downloaded filehippo and it says I have 6 updates ready. But most are things that I don't even use (i.e., Windows Messenger).

Do I just ignore all (including 2 beta things that I don't want to do either)?

Otherwise, ready for next step - especially what to use as my virus program.
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Giving heart said:
Everything is done and I also removed a few programs that I no longer use on this computer. I downloaded filehippo and it says I have 6 updates ready. But most are things that I don't even use (i.e., Windows Messenger).
Click to expand...

You can just ignore the other programs. Just make sure you update Adobe products and Java. Below is a list of suggestions, I would recommend you to try firefox with the suggested add-ons and sandboxie. Sandboxie is highly recommended :)

If you are no longer experiencing any other issues, your PC is now clean!

Double click on OTL to run it
  • Click on the Cleanup button at the top.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes
  • This will remove itself and other tools we may have used.

Also, open adwCleaner and click Uninstall



Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one

In addition to Microsoft Security Essentials, you need additional protection such as a firewall and behavioural blocker.


Other steps that you may want to do to further protect your system/files:
  • Sandboxie - "Quarantines" your browser so anything that you do in it will be isolated from your system.
  • Backup important files regulary to an external hard-drive or USB

Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

Should you want to try a product but don't know how it performs, here is a list of current reviews to help you decide.

Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.
  • KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
  • AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
  • NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
  • Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.

Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask :)

My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
 
G

Giving heart

New Member
Thread author
Verified
Mar 17, 2013
19
I think I have a deer in the headlight look right now, so I'll start in the morning. In the meantime....I'm so braindead - what is OTL? Not coming to me right now :)
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Giving heart said:
I think I have a deer in the headlight look right now, so I'll start in the morning. In the meantime....I'm so braindead - what is OTL? Not coming to me right now :)
Click to expand...

OTL is
10.jpg


The tool you downloaded from here: http://malwaretips.com/Announcement-NEED-HELP-REMOVING-VIRUSES-Mandatory-scans-and-logs-before-we-start
 

Similar threads

Gandalf_The_Grey
    • Like
Security News Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Replies
0
Views
802
Security News
Gandalf_The_Grey
Gandalf_The_Grey
M
    • Wow
    • Sad
  • Locked
I got infected with .boza ransomware
Replies
3
Views
876
Windows Malware Removal Help & Support
nasdaq
nasdaq
tracker
  • Locked
I am infected with a hijack loader that has never been detected by any antivirus software, and I cannot remove it.
Replies
7
Views
831
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top