Hardware Upgrade Forum

Hardware Upgrade Forum (https://www.hwupgrade.it/forum/index.php)
-   Guida all'uso dei Programmi (https://www.hwupgrade.it/forum/forumdisplay.php?f=122)
-   -   Avira Antivirus 9/10 (https://www.hwupgrade.it/forum/showthread.php?t=1514684)


johannes 24-08-2007 08:19

Quote:

Originariamente inviato da DarkWolf (Messaggio 18377688)
Ma qui parliamo di antivir (Avira) e non richiede nessun seriale. :mbe:

quando lo scarichi. non so. riproverò....
grazie.:)

juninho85 24-08-2007 19:57

Quote:

Originariamente inviato da johannes (Messaggio 18378866)
quando lo scarichi. non so. riproverò....
grazie.:)

scarica da qui

VasquacK 24-08-2007 21:39

con avira aggiornata ad oggi improvvisamente Spywareterminatorsetup.exe è infetto da un trojan donwloader....

Dite che c'è da preoccuparsi o metto da escludere?

DarkWolf 24-08-2007 21:47

Quote:

Originariamente inviato da VasquacK (Messaggio 18390050)
con avira aggiornata ad oggi improvvisamente Spywareterminatorsetup.exe è infetto da un trojan donwloader....
Dite che c'è da preoccuparsi o metto da escludere?

Prova a fare analizzare il file qui:
http://www.kaspersky.com/scanforvirus

AnCa 25-08-2007 05:51

Controllo mail
 
Ciao a tutti.
Dopo i vostri commenti, sarei propenso ad installare Antivir PE su un portatile che fondamentalmente viene utilizzato con Office XP (2002), Internet (Firefox) e mail (Thunderbird). Pensavo di affiancarlo a Comodo Firewall e Spybot.
La cosa che mi lascia perplesso è la mancanza del controllo dei messaggi di posta in ingresso. Ho capito che controlla gli allegati quando si tenta di aprirli ma con i messaggi con contenuto attivo (html, xhtml), qual'è la situazione?

juninho85 25-08-2007 08:46

Quote:

Originariamente inviato da AnCa (Messaggio 18391866)
Ciao a tutti.
Dopo i vostri commenti, sarei propenso ad installare Antivir PE su un portatile che fondamentalmente viene utilizzato con Office XP (2002), Internet (Firefox) e mail (Thunderbird). Pensavo di affiancarlo a Comodo Firewall e Spybot.
La cosa che mi lascia perplesso è la mancanza del controllo dei messaggi di posta in ingresso. Ho capito che controlla gli allegati quando si tenta di aprirli ma con i messaggi con contenuto attivo (html, xhtml), qual'è la situazione?

quanti post dovrò scrivere ancora per sfatare questa leggenda?:mbe:

xcdegasp 25-08-2007 08:59

Quote:

Originariamente inviato da AnCa (Messaggio 18391866)
Ciao a tutti.
Dopo i vostri commenti, sarei propenso ad installare Antivir PE su un portatile che fondamentalmente viene utilizzato con Office XP (2002), Internet (Firefox) e mail (Thunderbird). Pensavo di affiancarlo a Comodo Firewall e Spybot.
La cosa che mi lascia perplesso è la mancanza del controllo dei messaggi di posta in ingresso. Ho capito che controlla gli allegati quando si tenta di aprirli ma con i messaggi con contenuto attivo (html, xhtml), qual'è la situazione?

bhè basterebbe spendere 20€ per avere quella voce di cui parli inclusa ufficialmente... non mi sembra una cifra esagerata :rolleyes:

AnCa 25-08-2007 10:17

Quote:

Originariamente inviato da juninho85 (Messaggio 18392374)
quanti post dovrò scrivere ancora per sfatare questa leggenda?:mbe:

Scusami ma ho letto tutto il tuo Thread, sebbene velocemente e aiutato dal Trova di Firefox, e non ho trovato nessuna menzione relativa al controllo di eventuali messaggi (non allegati) in ingresso infetti. Se l'ho saltato per sbaglio, ti sarei grato se me lo evidenziassi; anche perché cercando "pop" o "posta" in questa discussione non c'è nulla al riguardo.

Quote:

Originariamente inviato da xcdegasp (Messaggio 18392469)
bhè basterebbe spendere 20€ per avere quella voce di cui parli inclusa ufficialmente... non mi sembra una cifra esagerata :rolleyes:

Cerco non è una cifra esagerata ma vorrei rimanere nel campo FREE, anche perché pago già una licenza KIS 6 single user (su un'altra macchina) e a questo punto mi è più conveniente estenderla a 3 users. A cosa ti riferisci con "inclusa ufficialmente..."?

VasquacK 25-08-2007 11:03

Codice:

AhnLab-V3        2007.8.25.0        2007.08.24        -
AntiVir        7.4.1.63        2007.08.24        TR/Delphi.Downloader.Gen
Authentium        4.93.8        2007.08.24        -
Avast        4.7.1029.0        2007.08.25        -
AVG        7.5.0.484        2007.08.24        -
BitDefender        7.2        2007.08.25        -
CAT-QuickHeal        9.00        2007.08.25        -
ClamAV        0.91        2007.08.24        -
DrWeb        4.33        2007.08.25        -
eSafe        7.0.15.0        2007.08.23        -
eTrust-Vet        31.1.5085        2007.08.24        -
Ewido        4.0        2007.08.24        -
FileAdvisor        1        2007.08.25        -
Fortinet        2.91.0.0        2007.08.25        -
F-Prot        4.3.2.48        2007.08.24        -
F-Secure        6.70.13030.0        2007.08.24        -
Ikarus        T3.1.1.12        2007.08.25        Trojan-Spy.Win32.Delf.uh
Kaspersky        4.0.2.24        2007.08.25        -
McAfee        5105        2007.08.24        -
Microsoft        1.2803        2007.08.25        -
NOD32v2        2483        2007.08.24        -
Norman        5.80.02        2007.08.24        -
Panda        9.0.0.4        2007.08.24        Suspicious file
Prevx1        V2        2007.08.25        -
Rising        19.37.42.00        2007.08.24        -
Sophos        4.21.0        2007.08.25        -
Sunbelt        2.2.907.0        2007.08.25        -
Symantec        10        2007.08.25        -
TheHacker        6.1.8.172        2007.08.25        -
VBA32        3.12.2.3        2007.08.24        -
VirusBuster        4.3.26:9        2007.08.24        -
Webwasher-Gateway        6.0.1        2007.08.25        Trojan.Delphi.Downloader.Gen

questo è il risultato di virus total...

sul sito di kaspersky nn viene rilevato nulla,come d'altronde è riportato anche qui

juninho85 25-08-2007 11:06

Quote:

Originariamente inviato da AnCa (Messaggio 18393246)
Scusami ma ho letto tutto il tuo Thread, sebbene velocemente e aiutato dal Trova di Firefox, e non ho trovato nessuna menzione relativa al controllo di eventuali messaggi (non allegati) in ingresso infetti. Se l'ho saltato per sbaglio, ti sarei grato se me lo evidenziassi; anche perché cercando "pop" o "posta" in questa discussione non c'è nulla al riguardo.

in prima pagina non ho messo nessun riferimento,però vista la periodicità con cui leggo questa cosa mi toccherà provvedere a fare almeno un cenno alla questione ;)
Quote:

Originariamente inviato da VasquacK (Messaggio 18393814)
sul sito di kaspersky nn viene rilevato nulla,come d'altronde è riportato anche qui

kasersky non è un dio in terra,dunque prendete sempre tutto con le molle...intanto segnala la cosa qui e fai presente di cosa si tratta ;)

gratta 25-08-2007 11:28

[OT]
Già che lavori sulla prima pagina puoi rivedere l'impaginazione? ;)
A me continua a sballare il layout (la pagina diventa larghissima), ma non capisco se è un problema di immagini e di testi... :boh:

Succede solo a me?
[/OT]

juninho85 25-08-2007 11:34

non è un problema tuo ma si tratta della compilazione dei post,in particolare del 2° post,però non posso fare diversamente,se vado a capo non si capisce nulla in particolare nei valori di registro ;)

GmG 25-08-2007 11:36

Quote:

Originariamente inviato da juninho85 (Messaggio 18394223)
non è un problema tuo ma si tratta della compilazione dei post,in particolare del 2° post,però non posso fare diversamente,se vado a capo non si capisce nulla in particolare nei valori di registro ;)

Non puoi mettere il testo all'interno del tag CODE ?

juninho85 25-08-2007 11:52

Quote:

Originariamente inviato da GmG (Messaggio 18394246)
Non puoi mettere il testo all'interno del tag CODE ?

uscirebbe fuori questo:
Codice:



       
Quote:

       
       
               
       
       

                       

                       
                               

                                        Originariamente inviato da juninho85
                                        (Messaggio 17960741)
                               

                               
Modifiche apportate al sistema dall'installazione di avira personal:
Installazione applicazioni:
Avira AntiVir PersonalEdition Classic

Autorun:
X:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
X:\Programmi\AntiVir PersonalEdition Classic\sched.exe
X:\Programmi\AntiVir PersonalEdition Classic\avguard.exe

File copiati:
X:\Documents and Settings\All Users\Application Data\addr_file.html
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\addr_file.html
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\AVWIN.INI
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\update.conf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\IDX\classic-9x-en.info
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\IDX\master.idx
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\JOBS\scanjob.avj
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\JOBS\startupd.avj
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\JOBS\updjob.avj
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\sched.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\setup.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\Upd-2006-12-15-04-13-49.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
X::\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\REPORTS\14dcc229.avl
X:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk
X:\Documents and Settings\All Users\Start Menu\Programs\AntiVir PersonalEdition Classic\AntiVir Help.lnk
X:\Documents and Settings\All Users\Start Menu\Programs\AntiVir PersonalEdition Classic\AntiVir PersonalEdition Classic on the Internet.lnk
X:\Documents and Settings\All Users\Start Menu\Programs\AntiVir PersonalEdition Classic\Start AntiVir PersonalEdition Classic.lnk
X:\Program Files\AntiVir PersonalEdition Classic\alldiscs.avp
X:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
X:\Program Files\AntiVir PersonalEdition Classic\antivir.oem
X:\Program Files\AntiVir PersonalEdition Classic\antivir0.vdf
X:\Program Files\AntiVir PersonalEdition Classic\antivir1.vdf
X:\Program Files\AntiVir PersonalEdition Classic\antivir2.vdf
X:\Program Files\AntiVir PersonalEdition Classic\antivir3.vdf
X:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
X:\Program Files\AntiVir PersonalEdition Classic\avcmd.exe
X:\Program Files\AntiVir PersonalEdition Classic\avconfig.cpl
X:\Program Files\AntiVir PersonalEdition Classic\avconfig.dll
X:\Program Files\AntiVir PersonalEdition Classic\avconfig.exe
X:\Program Files\AntiVir PersonalEdition Classic\avevtlog.dll
X:\Program Files\AntiVir PersonalEdition Classic\avewin32.dll
X:\Program Files\AntiVir PersonalEdition Classic\avgcmxp.dll
X:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
X:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
X:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
X:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
X:\Program Files\AntiVir PersonalEdition Classic\avinet.dll
X:\Program Files\AntiVir PersonalEdition Classic\avnotify.dll
X:\Program Files\AntiVir PersonalEdition Classic\avnotify.exe
X:\Program Files\AntiVir PersonalEdition Classic\avpack32.dll
X:\Program Files\AntiVir PersonalEdition Classic\avpref.dll
X:\Program Files\AntiVir PersonalEdition Classic\avreg.dll
X:\Program Files\AntiVir PersonalEdition Classic\avrep.dll
X:\Program Files\AntiVir PersonalEdition Classic\avrpbase.dll
X:\Program Files\AntiVir PersonalEdition Classic\avscan.dll
X:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
X:\Program Files\AntiVir PersonalEdition Classic\avwin.chm
X:\Program Files\AntiVir PersonalEdition Classic\avwinll.dll
X:\Program Files\AntiVir PersonalEdition Classic\build.dat
X:\Program Files\AntiVir PersonalEdition Classic\ccev.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccevrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccgen.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccgenrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccgrdrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccguard.dll
X:\Program Files\AntiVir PersonalEdition Classic\cclic.dll
X:\Program Files\AntiVir PersonalEdition Classic\cclicrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccmainrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccprofil.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccquamgr.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccquarc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccreporc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccreport.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccscanrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccsched.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccscherc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccupdate.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccupdrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\common_msg.avr
X:\Program Files\AntiVir PersonalEdition Classic\deldir.exe
X:\Program Files\AntiVir PersonalEdition Classic\eula.txt
X:\Program Files\AntiVir PersonalEdition Classic\guardevt.dll
X:\Program Files\AntiVir PersonalEdition Classic\guardgui.exe
X:\Program Files\AntiVir PersonalEdition Classic\guardmsg.dll
X:\Program Files\AntiVir PersonalEdition Classic\hbedv.key
X:\Program Files\AntiVir PersonalEdition Classic\licmgr.dll
X:\Program Files\AntiVir PersonalEdition Classic\licmgr.exe
X:\Program Files\AntiVir PersonalEdition Classic\luke.dll
X:\Program Files\AntiVir PersonalEdition Classic\lukeres.dll
X:\Program Files\AntiVir PersonalEdition Classic\mfc71.dll
X:\Program Files\AntiVir PersonalEdition Classic\msvcp71.dll
X:\Program Files\AntiVir PersonalEdition Classic\msvcr71.dll
X:\Program Files\AntiVir PersonalEdition Classic\mydocs.avp
X:\Program Files\AntiVir PersonalEdition Classic\preupd.exe
X:\Program Files\AntiVir PersonalEdition Classic\process.avp
X:\Program Files\AntiVir PersonalEdition Classic\psapi.dll
X:\Program Files\AntiVir PersonalEdition Classic\rchelp.dll
X:\Program Files\AntiVir PersonalEdition Classic\rcimage.dll
X:\Program Files\AntiVir PersonalEdition Classic\rctext.dll
X:\Program Files\AntiVir PersonalEdition Classic\readme.txt
X:\Program Files\AntiVir PersonalEdition Classic\rmdiscs.avp
X:\Program Files\AntiVir PersonalEdition Classic\scewxml.dll
X:\Program Files\AntiVir PersonalEdition Classic\sched.exe
X:\Program Files\AntiVir PersonalEdition Classic\schedr.dll
X:\Program Files\AntiVir PersonalEdition Classic\setup.dll
X:\Program Files\AntiVir PersonalEdition Classic\setup.exe
X:\Program Files\AntiVir PersonalEdition Classic\setupprf.dat
X:\Program Files\AntiVir PersonalEdition Classic\shlext.dll
X:\Program Files\AntiVir PersonalEdition Classic\smtplib.dll
X:\Program Files\AntiVir PersonalEdition Classic\sqlite3.dll
X:\Program Files\AntiVir PersonalEdition Classic\sysdir.avp
X:\Program Files\AntiVir PersonalEdition Classic\sys_rw16.dll
X:\Program Files\AntiVir PersonalEdition Classic\sys_rw32.dll
X:\Program Files\AntiVir PersonalEdition Classic\unacev2.dll
X:\Program Files\AntiVir PersonalEdition Classic\update.exe
X:\Program Files\AntiVir PersonalEdition Classic\update_msg.avr
X:\Program Files\AntiVir PersonalEdition Classic\updgui.dll
X:\Program Files\AntiVir PersonalEdition Classic\updguirc.dll
X:\Program Files\AntiVir PersonalEdition Classic\updlib.dll
X:\Program Files\AntiVir PersonalEdition Classic\updlibrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\weblink.url
X:\WINDOWS\system32\drivers\avgntdd.sys
X:\WINDOWS\system32\drivers\avgntmgr.sys

Modiche al registro:

ADD        [HKEY_CURRENT_USER\Software\H+BEDV]

ADD        [HKEY_CURRENT_USER\Software\H+BEDV\AntiVir PersonalEdition Classic V 7]

ADD        [HKEY_CURRENT_USER\Software\H+BEDV\AntiVir PersonalEdition Classic V 7\SeenMessages]
ADD        200612150001="20061215-20061215"

REMOVE        [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew]

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Shell Extension for Malware scanning]
ADD        @="{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45AC2688-0253-4ED8-97DE-B5370FA7D48A}]
ADD        @="Shell Extension for Malware scanning"

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45AC2688-0253-4ED8-97DE-B5370FA7D48A}\InProcServer32]
ADD        @="C:\\Program Files\\AntiVir PersonalEdition Classic\\shlext.dll"
ADD        ThreadingModel="Apartment"

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Shell Extension for Malware scanning]
ADD        @="{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}]

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\H+BEDV]

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\H+BEDV\AntiVir PersonalEdition Classic V 7]
ADD        AppDataDirectory="C:\\Documents and Settings\\All Users\\Application Data\\AntiVir PersonalEdition Classic\\"
ADD        FilterType=dword:00000001
ADD        LastUpdate=dword:458267a9
ADD        Path="C:\\Program Files\\AntiVir PersonalEdition Classic\\"
ADD        ProductID="3ec703e540fb53ed551d358673af589911fd20ac"
ADD        SecurityDetection=dword:00000001
ADD        WSC_CompanyName="Avira GmbH"
ADD        WSC_DisplayName="Avira AntiVir PersonalEdition Classic"
ADD        WSC_ProductId="ad166499-45f9-482a-a743-fdd3350758c7"

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\PROVIDERS\Performance]
CHANGE        Performance Refresh=dword:00000000

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM]
CHANGE        C:\\WINDOWS\\System32\\Drivers\\HTTP.sys[UlMofResource]="LowDateTime:1643546752,HighDateTime:29666663***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\ACPI.sys[ACPIMOFResource]="LowDateTime:650848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\intelppm.sys[PROCESSORWMI]="LowDateTime:2080848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\ipnat.sys[IPNATMofResource]="LowDateTime:-1061007232,HighDateTime:29664841***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\mssmbios.sys[MofResource]="LowDateTime:-1629086336,HighDateTime:29655115***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\advapi32.dll[MofResourceName]="LowDateTime:660848256,HighDateTime:29655114***Binary mof compiled successfully"

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE]
CHANGE        C:\\WINDOWS\\System32\\Drivers\\HTTP.sys[UlMofResource]="LowDateTime:1643546752,HighDateTime:29666663***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\ACPI.sys[ACPIMOFResource]="LowDateTime:650848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\intelppm.sys[PROCESSORWMI]="LowDateTime:2080848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\ipnat.sys[IPNATMofResource]="LowDateTime:-1061007232,HighDateTime:29664841***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\DRIVERS\\mssmbios.sys[MofResource]="LowDateTime:-1629086336,HighDateTime:29655115***Binary mof compiled successfully"
CHANGE        C:\\WINDOWS\\system32\\advapi32.dll[MofResourceName]="LowDateTime:660848256,HighDateTime:29655114***Binary mof compiled successfully"

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib]
CHANGE        Last Counter=dword:00000d9c
CHANGE        Last Help=dword:00000d9d

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls]
ADD        Avira AntiVir PersonalEdition Classic="C:\\PROGRA~1\\ANTIVI~1\\avconfig.cpl"

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2]
ADD        C:\\PROGRA~1\\ANTIVI~1\\avconfig.cpl=dword:0000000a

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ADD        avgnt="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"

CHANGE        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
ADD        {45AC2688-0253-4ED8-97DE-B5370FA7D48A}="Shell Extension for Malware scanning"

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
ADD        DisplayIcon="C:\\Program Files\\AntiVir PersonalEdition Classic\\rcimage.dll,1"
ADD        DisplayName="Avira AntiVir PersonalEdition Classic"
ADD        HelpLink=hex(2):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,77,00,77,00,2e,00,61,00,76,00,69,00,72,00,61,00,2e,00,63,00,6f,00,6d,00,2f,00,65,00,6e,00,2f,00,74,00,65,00,63,00,68,00,6e,00,69,00,63,00,61,00,6c,00,5f,00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,00,00
ADD        ModifyPath="C:\\Program Files\\AntiVir PersonalEdition Classic\\SETUP.EXE"
ADD        Publisher="Avira GmbH"
ADD        URLInfoAbout="http://www.free-av.com"
ADD        URLUpdateInfo="http://www.free-av.com"
ADD        UninstallString="C:\\Program Files\\AntiVir PersonalEdition Classic\\SETUP.EXE /REMOVE"

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD]

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation]

ADD        [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic V 7]
ADD        ID=dword:00000039
ADD        Lang="EN"
ADD        Name="Avira AntiVir PersonalEdition Classic"
ADD        Type="ANSI"

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]
CHANGE        @=dword:0000000b

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager]
ADD        PendingFileRenameOperations=hex(7):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,00,20,00,53,00,65,00,74,00,74,00,69,00,6e,00,67,00,73,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,72,00,73,00,5c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,74,00,61,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,0...

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULER]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="AntiVir PersonalEdition Classic Scheduler"
ADD        Legacy=dword:00000001
ADD        Service="AntiVirScheduler"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="AntiVirScheduler"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSERVICE]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSERVICE\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="AntiVir PersonalEdition Classic Guard"
ADD        Legacy=dword:00000001
ADD        Service="AntiVirService"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSERVICE\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="AntiVirService"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="avgio"
ADD        Legacy=dword:00000001
ADD        Service="avgio"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="avgio"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="avgntflt"
ADD        Legacy=dword:00000001
ADD        Service="avgntflt"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="avgntflt"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler]
ADD        Description="Service to schedule AntiVir jobs and updates."
ADD        DisplayName="AntiVir PersonalEdition Classic Scheduler"
ADD        ErrorControl=dword:00000001
ADD        ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,73,00,63,00,68,00,65,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD        ObjectName="LocalSystem"
ADD        Start=dword:00000002
ADD        Type=dword:00000110

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler\Enum]
ADD        0="Root\\LEGACY_ANTIVIRSCHEDULER\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService]
ADD        Description="Offers permanent protection against viruses and malware with the AntiVir search engine. "
ADD        DisplayName="AntiVir PersonalEdition Classic Guard"
ADD        ErrorControl=dword:00000001
ADD        ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,75,00,61,00,72,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD        ObjectName="LocalSystem"
ADD        Start=dword:00000002
ADD        Type=dword:00000110

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService\Enum]
ADD        0="Root\\LEGACY_ANTIVIRSERVICE\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application]
CHANGE        Sources=hex(7):48,00,2b,00,42,00,45,00,44,00,56,00,20,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,00,00,57,00,53,00,48,00,00,00,57,00,4d,00,49,00,41,00,64,00,61,00,70,00,74,00,65,00,72,00,00,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,69,00,6e,00,4d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,72,00,6f,00,64,00,75,00,63,00,74,00,20,00,41,00,63,00,74,00,69,00,76,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,0...

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\H+BEDV AntiVir]
ADD        CategoryCount=dword:00000003
ADD        CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD        EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD        TypesSupported=dword:00000007

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System]
CHANGE        Sources=hex(7):61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,0...

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt]
ADD        CategoryCount=dword:00000001
ADD        CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD        EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD        TypesSupported=dword:00000007

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance]
ADD        First Counter=dword:00000d90
ADD        First Help=dword:00000d91
ADD        Last Counter=dword:00000d9c
ADD        Last Help=dword:00000d9d
ADD        Object List="3472 3478"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgio]
ADD        DependOnGroup=hex(7):00,00
ADD        DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD        DisplayName="avgio"
ADD        ErrorControl=dword:00000001
ADD        ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,69,00,6f,00,2e,00,73,00,79,00,73,00,00,00
ADD        Start=dword:00000001
ADD        Type=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgio\Enum]
ADD        0="Root\\LEGACY_AVGIO\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgio\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt]
ADD        DependOnGroup=hex(7):00,00
ADD        DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD        Description="Avira AntiVir PersonalEdition Classic mini-filter used for on-access scan to provide real-time antivirus security."
ADD        DisplayName="avgntflt"
ADD        ErrorControl=dword:00000001
ADD        Group="FSFilter Anti-Virus"
ADD        ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,2e,00,73,00,79,00,73,00,00,00
ADD        Start=dword:00000003
ADD        Type=dword:00000002

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Enum]
ADD        0="Root\\LEGACY_AVGNTFLT\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Instances]
ADD        DefaultInstance="avgntflt Instance"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Instances\avgntflt Instance]
ADD        Altitude="320500"
ADD        Flags=dword:00000000

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
CHANGE        @=dword:0000000b

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
ADD        PendingFileRenameOperations=hex(7):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,00,20,00,53,00,65,00,74,00,74,00,69,00,6e,00,67,00,73,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,72,00,73,00,5c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,74,00,61,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,0...

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULER]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="AntiVir PersonalEdition Classic Scheduler"
ADD        Legacy=dword:00000001
ADD        Service="AntiVirScheduler"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="AntiVirScheduler"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSERVICE]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSERVICE\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="AntiVir PersonalEdition Classic Guard"
ADD        Legacy=dword:00000001
ADD        Service="AntiVirService"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSERVICE\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="AntiVirService"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="avgio"
ADD        Legacy=dword:00000001
ADD        Service="avgio"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="avgio"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT]
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT\0000]
ADD        Class="LegacyDriver"
ADD        ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD        ConfigFlags=dword:00000000
ADD        DeviceDesc="avgntflt"
ADD        Legacy=dword:00000001
ADD        Service="avgntflt"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT\0000\Control]
ADD        *NewlyCreated*=dword:00000000
ADD        ActiveService="avgntflt"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler]
ADD        Description="Service to schedule AntiVir jobs and updates."
ADD        DisplayName="AntiVir PersonalEdition Classic Scheduler"
ADD        ErrorControl=dword:00000001
ADD        ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,73,00,63,00,68,00,65,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD        ObjectName="LocalSystem"
ADD        Start=dword:00000002
ADD        Type=dword:00000110

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler\Enum]
ADD        0="Root\\LEGACY_ANTIVIRSCHEDULER\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService]
ADD        Description="Offers permanent protection against viruses and malware with the AntiVir search engine. "
ADD        DisplayName="AntiVir PersonalEdition Classic Guard"
ADD        ErrorControl=dword:00000001
ADD        ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,75,00,61,00,72,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD        ObjectName="LocalSystem"
ADD        Start=dword:00000002
ADD        Type=dword:00000110

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService\Enum]
ADD        0="Root\\LEGACY_ANTIVIRSERVICE\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application]
CHANGE        Sources=hex(7):48,00,2b,00,42,00,45,00,44,00,56,00,20,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,00,00,57,00,53,00,48,00,00,00,57,00,4d,00,49,00,41,00,64,00,61,00,70,00,74,00,65,00,72,00,00,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,69,00,6e,00,4d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,72,00,6f,00,64,00,75,00,63,00,74,00,20,00,41,00,63,00,74,00,69,00,76,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,0...

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\H+BEDV AntiVir]
ADD        CategoryCount=dword:00000003
ADD        CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD        EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD        TypesSupported=dword:00000007

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System]
CHANGE        Sources=hex(7):61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,0...

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt]
ADD        CategoryCount=dword:00000001
ADD        CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD        EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD        TypesSupported=dword:00000007

CHANGE        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance]
ADD        First Counter=dword:00000d90
ADD        First Help=dword:00000d91
ADD        Last Counter=dword:00000d9c
ADD        Last Help=dword:00000d9d
ADD        Object List="3472 3478"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgio]
ADD        DependOnGroup=hex(7):00,00
ADD        DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD        DisplayName="avgio"
ADD        ErrorControl=dword:00000001
ADD        ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,69,00,6f,00,2e,00,73,00,79,00,73,00,00,00
ADD        Start=dword:00000001
ADD        Type=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgio\Enum]
ADD        0="Root\\LEGACY_AVGIO\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgio\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt]
ADD        DependOnGroup=hex(7):00,00
ADD        DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD        Description="Avira AntiVir PersonalEdition Classic mini-filter used for on-access scan to provide real-time antivirus security."
ADD        DisplayName="avgntflt"
ADD        ErrorControl=dword:00000001
ADD        Group="FSFilter Anti-Virus"
ADD        ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,2e,00,73,00,79,00,73,00,00,00
ADD        Start=dword:00000003
ADD        Type=dword:00000002

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Enum]
ADD        0="Root\\LEGACY_AVGNTFLT\\0000"
ADD        Count=dword:00000001
ADD        NextInstance=dword:00000001

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Instances]
ADD        DefaultInstance="avgntflt Instance"

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Instances\avgntflt Instance]
ADD        Altitude="320500"
ADD        Flags=dword:00000000

ADD        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Security]
ADD        Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
CHANGE        History="C:\\Documents and Settings\\LocalService\\Local Settings\\History"

CHANGE        [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
CHANGE        History="C:\\Documents and Settings\\LocalService\\Local Settings\\History"

                       
                       

               



personalmente non mi piace granchè,però se per voi è di più facile lettura modificarlo non mi costa nulla ;)

GmG 25-08-2007 12:20

Quote:

Originariamente inviato da juninho85 (Messaggio 18394473)
uscirebbe fuori questo:

personalmente non mi piace granchè,però se per voi è di più facile lettura modificarlo non mi costa nulla ;)

Con più code viene meglio ;)

Installazione applicazioni:
Codice:

Avira AntiVir PersonalEdition Classic
Autorun:
Codice:

X:\Programmi\AntiVir PersonalEdition Classic\avgnt.exe
X:\Programmi\AntiVir PersonalEdition Classic\sched.exe
X:\Programmi\AntiVir PersonalEdition Classic\avguard.exe

File copiati:
Codice:

X:\Documents and Settings\All Users\Application Data\addr_file.html
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\addr_file.html
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\AVWIN.INI
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\update.conf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\IDX\classic-9x-en.info
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\IDX\master.idx
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\JOBS\scanjob.avj
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\JOBS\startupd.avj
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\JOBS\updjob.avj
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\avguard.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\sched.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\setup.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\LOGFILES\Upd-2006-12-15-04-13-49.log
X:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
X::\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\REPORTS\14dcc229.avl
X:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk
X:\Documents and Settings\All Users\Start Menu\Programs\AntiVir PersonalEdition Classic\AntiVir Help.lnk
X:\Documents and Settings\All Users\Start Menu\Programs\AntiVir PersonalEdition Classic\AntiVir PersonalEdition Classic on the Internet.lnk
X:\Documents and Settings\All Users\Start Menu\Programs\AntiVir PersonalEdition Classic\Start AntiVir PersonalEdition Classic.lnk
X:\Program Files\AntiVir PersonalEdition Classic\alldiscs.avp
X:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
X:\Program Files\AntiVir PersonalEdition Classic\antivir.oem
X:\Program Files\AntiVir PersonalEdition Classic\antivir0.vdf
X:\Program Files\AntiVir PersonalEdition Classic\antivir1.vdf
X:\Program Files\AntiVir PersonalEdition Classic\antivir2.vdf
X:\Program Files\AntiVir PersonalEdition Classic\antivir3.vdf
X:\Program Files\AntiVir PersonalEdition Classic\avcenter.exe
X:\Program Files\AntiVir PersonalEdition Classic\avcmd.exe
X:\Program Files\AntiVir PersonalEdition Classic\avconfig.cpl
X:\Program Files\AntiVir PersonalEdition Classic\avconfig.dll
X:\Program Files\AntiVir PersonalEdition Classic\avconfig.exe
X:\Program Files\AntiVir PersonalEdition Classic\avevtlog.dll
X:\Program Files\AntiVir PersonalEdition Classic\avewin32.dll
X:\Program Files\AntiVir PersonalEdition Classic\avgcmxp.dll
X:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
X:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
X:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
X:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
X:\Program Files\AntiVir PersonalEdition Classic\avinet.dll
X:\Program Files\AntiVir PersonalEdition Classic\avnotify.dll
X:\Program Files\AntiVir PersonalEdition Classic\avnotify.exe
X:\Program Files\AntiVir PersonalEdition Classic\avpack32.dll
X:\Program Files\AntiVir PersonalEdition Classic\avpref.dll
X:\Program Files\AntiVir PersonalEdition Classic\avreg.dll
X:\Program Files\AntiVir PersonalEdition Classic\avrep.dll
X:\Program Files\AntiVir PersonalEdition Classic\avrpbase.dll
X:\Program Files\AntiVir PersonalEdition Classic\avscan.dll
X:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
X:\Program Files\AntiVir PersonalEdition Classic\avwin.chm
X:\Program Files\AntiVir PersonalEdition Classic\avwinll.dll
X:\Program Files\AntiVir PersonalEdition Classic\build.dat
X:\Program Files\AntiVir PersonalEdition Classic\ccev.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccevrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccgen.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccgenrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccgrdrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccguard.dll
X:\Program Files\AntiVir PersonalEdition Classic\cclic.dll
X:\Program Files\AntiVir PersonalEdition Classic\cclicrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccmainrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccprofil.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccquamgr.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccquarc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccreporc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccreport.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccscanrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccsched.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccscherc.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccupdate.dll
X:\Program Files\AntiVir PersonalEdition Classic\ccupdrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\common_msg.avr
X:\Program Files\AntiVir PersonalEdition Classic\deldir.exe
X:\Program Files\AntiVir PersonalEdition Classic\eula.txt
X:\Program Files\AntiVir PersonalEdition Classic\guardevt.dll
X:\Program Files\AntiVir PersonalEdition Classic\guardgui.exe
X:\Program Files\AntiVir PersonalEdition Classic\guardmsg.dll
X:\Program Files\AntiVir PersonalEdition Classic\hbedv.key
X:\Program Files\AntiVir PersonalEdition Classic\licmgr.dll
X:\Program Files\AntiVir PersonalEdition Classic\licmgr.exe
X:\Program Files\AntiVir PersonalEdition Classic\luke.dll
X:\Program Files\AntiVir PersonalEdition Classic\lukeres.dll
X:\Program Files\AntiVir PersonalEdition Classic\mfc71.dll
X:\Program Files\AntiVir PersonalEdition Classic\msvcp71.dll
X:\Program Files\AntiVir PersonalEdition Classic\msvcr71.dll
X:\Program Files\AntiVir PersonalEdition Classic\mydocs.avp
X:\Program Files\AntiVir PersonalEdition Classic\preupd.exe
X:\Program Files\AntiVir PersonalEdition Classic\process.avp
X:\Program Files\AntiVir PersonalEdition Classic\psapi.dll
X:\Program Files\AntiVir PersonalEdition Classic\rchelp.dll
X:\Program Files\AntiVir PersonalEdition Classic\rcimage.dll
X:\Program Files\AntiVir PersonalEdition Classic\rctext.dll
X:\Program Files\AntiVir PersonalEdition Classic\readme.txt
X:\Program Files\AntiVir PersonalEdition Classic\rmdiscs.avp
X:\Program Files\AntiVir PersonalEdition Classic\scewxml.dll
X:\Program Files\AntiVir PersonalEdition Classic\sched.exe
X:\Program Files\AntiVir PersonalEdition Classic\schedr.dll
X:\Program Files\AntiVir PersonalEdition Classic\setup.dll
X:\Program Files\AntiVir PersonalEdition Classic\setup.exe
X:\Program Files\AntiVir PersonalEdition Classic\setupprf.dat
X:\Program Files\AntiVir PersonalEdition Classic\shlext.dll
X:\Program Files\AntiVir PersonalEdition Classic\smtplib.dll
X:\Program Files\AntiVir PersonalEdition Classic\sqlite3.dll
X:\Program Files\AntiVir PersonalEdition Classic\sysdir.avp
X:\Program Files\AntiVir PersonalEdition Classic\sys_rw16.dll
X:\Program Files\AntiVir PersonalEdition Classic\sys_rw32.dll
X:\Program Files\AntiVir PersonalEdition Classic\unacev2.dll
X:\Program Files\AntiVir PersonalEdition Classic\update.exe
X:\Program Files\AntiVir PersonalEdition Classic\update_msg.avr
X:\Program Files\AntiVir PersonalEdition Classic\updgui.dll
X:\Program Files\AntiVir PersonalEdition Classic\updguirc.dll
X:\Program Files\AntiVir PersonalEdition Classic\updlib.dll
X:\Program Files\AntiVir PersonalEdition Classic\updlibrc.dll
X:\Program Files\AntiVir PersonalEdition Classic\weblink.url
X:\WINDOWS\system32\drivers\avgntdd.sys
X:\WINDOWS\system32\drivers\avgntmgr.sys

Modiche al registro:
Codice:

ADD [HKEY_CURRENT_USER\Software\H+BEDV]

ADD [HKEY_CURRENT_USER\Software\H+BEDV\AntiVir PersonalEdition Classic V 7]

ADD [HKEY_CURRENT_USER\Software\H+BEDV\AntiVir PersonalEdition Classic V 7\SeenMessages]
ADD 200612150001="20061215-20061215"

REMOVE [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew]

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Shell Extension for Malware scanning]
ADD @="{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45AC2688-0253-4ED8-97DE-B5370FA7D48A}]
ADD @="Shell Extension for Malware scanning"

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45AC2688-0253-4ED8-97DE-B5370FA7D48A}\InProcServer32]
ADD @="C:\\Program Files\\AntiVir PersonalEdition Classic\\shlext.dll"
ADD ThreadingModel="Apartment"

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Shell Extension for Malware scanning]
ADD @="{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}]

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\H+BEDV]

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\H+BEDV\AntiVir PersonalEdition Classic V 7]
ADD AppDataDirectory="C:\\Documents and Settings\\All Users\\Application Data\\AntiVir PersonalEdition Classic\\"
ADD FilterType=dword:00000001
ADD LastUpdate=dword:458267a9
ADD Path="C:\\Program Files\\AntiVir PersonalEdition Classic\\"
ADD ProductID="3ec703e540fb53ed551d358673af589911fd20ac"
ADD SecurityDetection=dword:00000001
ADD WSC_CompanyName="Avira GmbH"
ADD WSC_DisplayName="Avira AntiVir PersonalEdition Classic"
ADD WSC_ProductId="ad166499-45f9-482a-a743-fdd3350758c7"

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\PROVIDERS\Performance]
CHANGE Performance Refresh=dword:00000000

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM]
CHANGE C:\\WINDOWS\\System32\\Drivers\\HTTP.sys[UlMofResource]="LowDateTime:1643546752,HighDateTime:29666663***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\ACPI.sys[ACPIMOFResource]="LowDateTime:650848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\intelppm.sys[PROCESSORWMI]="LowDateTime:2080848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\ipnat.sys[IPNATMofResource]="LowDateTime:-1061007232,HighDateTime:29664841***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\mssmbios.sys[MofResource]="LowDateTime:-1629086336,HighDateTime:29655115***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\advapi32.dll[MofResourceName]="LowDateTime:660848256,HighDateTime:29655114***Binary mof compiled successfully"

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\WDM\DREDGE]
CHANGE C:\\WINDOWS\\System32\\Drivers\\HTTP.sys[UlMofResource]="LowDateTime:1643546752,HighDateTime:29666663***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\ACPI.sys[ACPIMOFResource]="LowDateTime:650848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\intelppm.sys[PROCESSORWMI]="LowDateTime:2080848256,HighDateTime:29655114***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\ipnat.sys[IPNATMofResource]="LowDateTime:-1061007232,HighDateTime:29664841***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\DRIVERS\\mssmbios.sys[MofResource]="LowDateTime:-1629086336,HighDateTime:29655115***Binary mof compiled successfully"
CHANGE C:\\WINDOWS\\system32\\advapi32.dll[MofResourceName]="LowDateTime:660848256,HighDateTime:29655114***Binary mof compiled successfully"

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib]
CHANGE Last Counter=dword:00000d9c
CHANGE Last Help=dword:00000d9d

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls]
ADD Avira AntiVir PersonalEdition Classic="C:\\PROGRA~1\\ANTIVI~1\\avconfig.cpl"

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2]
ADD C:\\PROGRA~1\\ANTIVI~1\\avconfig.cpl=dword:0000000a

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
ADD avgnt="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"

CHANGE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
ADD {45AC2688-0253-4ED8-97DE-B5370FA7D48A}="Shell Extension for Malware scanning"

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
ADD DisplayIcon="C:\\Program Files\\AntiVir PersonalEdition Classic\\rcimage.dll,1"
ADD DisplayName="Avira AntiVir PersonalEdition Classic"
ADD HelpLink=hex(2):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,77,00,77,00,2e,00,61,00,76,00,69,00,72,00,61,00,2e,00,63,00,6f,00,6d,00,2f,00,65,00,6e,00,2f,00,74,00,65,00,63,00,68,00,6e,00,69,00,63,00,61,00,6c,00,5f,00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,00,00
ADD ModifyPath="C:\\Program Files\\AntiVir PersonalEdition Classic\\SETUP.EXE"
ADD Publisher="Avira GmbH"
ADD URLInfoAbout="http://www.free-av.com"
ADD URLUpdateInfo="http://www.free-av.com"
ADD UninstallString="C:\\Program Files\\AntiVir PersonalEdition Classic\\SETUP.EXE /REMOVE"

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD]

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation]

ADD [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic V 7]
ADD ID=dword:00000039
ADD Lang="EN"
ADD Name="Avira AntiVir PersonalEdition Classic"
ADD Type="ANSI"

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent]
CHANGE @=dword:0000000b

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager]
ADD PendingFileRenameOperations=hex(7):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,00,20,00,53,00,65,00,74,00,74,00,69,00,6e,00,67,00,73,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,72,00,73,00,5c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,74,00,61,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,0...

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULER]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="AntiVir PersonalEdition Classic Scheduler"
ADD Legacy=dword:00000001
ADD Service="AntiVirScheduler"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="AntiVirScheduler"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSERVICE]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSERVICE\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="AntiVir PersonalEdition Classic Guard"
ADD Legacy=dword:00000001
ADD Service="AntiVirService"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTIVIRSERVICE\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="AntiVirService"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="avgio"
ADD Legacy=dword:00000001
ADD Service="avgio"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIO\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="avgio"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="avgntflt"
ADD Legacy=dword:00000001
ADD Service="avgntflt"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGNTFLT\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="avgntflt"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler]
ADD Description="Service to schedule AntiVir jobs and updates."
ADD DisplayName="AntiVir PersonalEdition Classic Scheduler"
ADD ErrorControl=dword:00000001
ADD ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,73,00,63,00,68,00,65,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD ObjectName="LocalSystem"
ADD Start=dword:00000002
ADD Type=dword:00000110

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler\Enum]
ADD 0="Root\\LEGACY_ANTIVIRSCHEDULER\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService]
ADD Description="Offers permanent protection against viruses and malware with the AntiVir search engine. "
ADD DisplayName="AntiVir PersonalEdition Classic Guard"
ADD ErrorControl=dword:00000001
ADD ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,75,00,61,00,72,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD ObjectName="LocalSystem"
ADD Start=dword:00000002
ADD Type=dword:00000110

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService\Enum]
ADD 0="Root\\LEGACY_ANTIVIRSERVICE\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application]
CHANGE Sources=hex(7):48,00,2b,00,42,00,45,00,44,00,56,00,20,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,00,00,57,00,53,00,48,00,00,00,57,00,4d,00,49,00,41,00,64,00,61,00,70,00,74,00,65,00,72,00,00,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,69,00,6e,00,4d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,72,00,6f,00,64,00,75,00,63,00,74,00,20,00,41,00,63,00,74,00,69,00,76,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,0...

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\H+BEDV AntiVir]
ADD CategoryCount=dword:00000003
ADD CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD TypesSupported=dword:00000007

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System]
CHANGE Sources=hex(7):61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,0...

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt]
ADD CategoryCount=dword:00000001
ADD CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD TypesSupported=dword:00000007

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl\Performance]
ADD First Counter=dword:00000d90
ADD First Help=dword:00000d91
ADD Last Counter=dword:00000d9c
ADD Last Help=dword:00000d9d
ADD Object List="3472 3478"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgio]
ADD DependOnGroup=hex(7):00,00
ADD DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD DisplayName="avgio"
ADD ErrorControl=dword:00000001
ADD ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,69,00,6f,00,2e,00,73,00,79,00,73,00,00,00
ADD Start=dword:00000001
ADD Type=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgio\Enum]
ADD 0="Root\\LEGACY_AVGIO\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgio\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt]
ADD DependOnGroup=hex(7):00,00
ADD DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD Description="Avira AntiVir PersonalEdition Classic mini-filter used for on-access scan to provide real-time antivirus security."
ADD DisplayName="avgntflt"
ADD ErrorControl=dword:00000001
ADD Group="FSFilter Anti-Virus"
ADD ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,2e,00,73,00,79,00,73,00,00,00
ADD Start=dword:00000003
ADD Type=dword:00000002

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Enum]
ADD 0="Root\\LEGACY_AVGNTFLT\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Instances]
ADD DefaultInstance="avgntflt Instance"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Instances\avgntflt Instance]
ADD Altitude="320500"
ADD Flags=dword:00000000

ADD [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
CHANGE @=dword:0000000b

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
ADD PendingFileRenameOperations=hex(7):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,44,00,6f,00,63,00,75,00,6d,00,65,00,6e,00,74,00,73,00,20,00,61,00,6e,00,64,00,20,00,53,00,65,00,74,00,74,00,69,00,6e,00,67,00,73,00,5c,00,41,00,6c,00,6c,00,20,00,55,00,73,00,65,00,72,00,73,00,5c,00,41,00,70,00,70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,20,00,44,00,61,00,74,00,61,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,0...

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULER]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="AntiVir PersonalEdition Classic Scheduler"
ADD Legacy=dword:00000001
ADD Service="AntiVirScheduler"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSCHEDULER\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="AntiVirScheduler"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSERVICE]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSERVICE\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="AntiVir PersonalEdition Classic Guard"
ADD Legacy=dword:00000001
ADD Service="AntiVirService"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTIVIRSERVICE\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="AntiVirService"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="avgio"
ADD Legacy=dword:00000001
ADD Service="avgio"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIO\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="avgio"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT]
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT\0000]
ADD Class="LegacyDriver"
ADD ClassGUID="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
ADD ConfigFlags=dword:00000000
ADD DeviceDesc="avgntflt"
ADD Legacy=dword:00000001
ADD Service="avgntflt"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGNTFLT\0000\Control]
ADD *NewlyCreated*=dword:00000000
ADD ActiveService="avgntflt"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler]
ADD Description="Service to schedule AntiVir jobs and updates."
ADD DisplayName="AntiVir PersonalEdition Classic Scheduler"
ADD ErrorControl=dword:00000001
ADD ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,73,00,63,00,68,00,65,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD ObjectName="LocalSystem"
ADD Start=dword:00000002
ADD Type=dword:00000110

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler\Enum]
ADD 0="Root\\LEGACY_ANTIVIRSCHEDULER\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService]
ADD Description="Offers permanent protection against viruses and malware with the AntiVir search engine. "
ADD DisplayName="AntiVir PersonalEdition Classic Guard"
ADD ErrorControl=dword:00000001
ADD ImagePath=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,75,00,61,00,72,00,64,00,2e,00,65,00,78,00,65,00,00,00
ADD ObjectName="LocalSystem"
ADD Start=dword:00000002
ADD Type=dword:00000110

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService\Enum]
ADD 0="Root\\LEGACY_ANTIVIRSERVICE\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application]
CHANGE Sources=hex(7):48,00,2b,00,42,00,45,00,44,00,56,00,20,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,00,00,57,00,53,00,48,00,00,00,57,00,4d,00,49,00,41,00,64,00,61,00,70,00,74,00,65,00,72,00,00,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,57,00,69,00,6e,00,4d,00,67,00,6d,00,74,00,00,00,57,00,69,00,6e,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,50,00,72,00,6f,00,64,00,75,00,63,00,74,00,20,00,41,00,63,00,74,00,69,00,76,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,0...

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\H+BEDV AntiVir]
ADD CategoryCount=dword:00000003
ADD CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\guardevt.dll"
ADD TypesSupported=dword:00000007

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System]
CHANGE Sources=hex(7):61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,00,00,00,57,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,55,00,70,00,64,00,61,00,74,00,65,00,20,00,41,00,67,00,65,00,6e,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,53,00,63,00,72,00,69,00,70,00,74,00,20,00,48,00,6f,00,73,00,74,00,00,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,0...

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt]
ADD CategoryCount=dword:00000001
ADD CategoryMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD EventMessageFile="C:\\Program Files\\AntiVir PersonalEdition Classic\\avgntflt.sys"
ADD TypesSupported=dword:00000007

CHANGE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance]
ADD First Counter=dword:00000d90
ADD First Help=dword:00000d91
ADD Last Counter=dword:00000d9c
ADD Last Help=dword:00000d9d
ADD Object List="3472 3478"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgio]
ADD DependOnGroup=hex(7):00,00
ADD DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD DisplayName="avgio"
ADD ErrorControl=dword:00000001
ADD ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,69,00,6f,00,2e,00,73,00,79,00,73,00,00,00
ADD Start=dword:00000001
ADD Type=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgio\Enum]
ADD 0="Root\\LEGACY_AVGIO\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgio\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt]
ADD DependOnGroup=hex(7):00,00
ADD DependOnService=hex(7):46,00,6c,00,74,00,4d,00,67,00,72,00,00,00,00,00
ADD Description="Avira AntiVir PersonalEdition Classic mini-filter used for on-access scan to provide real-time antivirus security."
ADD DisplayName="avgntflt"
ADD ErrorControl=dword:00000001
ADD Group="FSFilter Anti-Virus"
ADD ImagePath=hex(2):5c,00,3f,00,3f,00,5c,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,6e,00,74,00,69,00,56,00,69,00,72,00,20,00,50,00,65,00,72,00,73,00,6f,00,6e,00,61,00,6c,00,45,00,64,00,69,00,74,00,69,00,6f,00,6e,00,20,00,43,00,6c,00,61,00,73,00,73,00,69,00,63,00,5c,00,61,00,76,00,67,00,6e,00,74,00,66,00,6c,00,74,00,2e,00,73,00,79,00,73,00,00,00
ADD Start=dword:00000003
ADD Type=dword:00000002

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Enum]
ADD 0="Root\\LEGACY_AVGNTFLT\\0000"
ADD Count=dword:00000001
ADD NextInstance=dword:00000001

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Instances]
ADD DefaultInstance="avgntflt Instance"

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Instances\avgntflt Instance]
ADD Altitude="320500"
ADD Flags=dword:00000000

ADD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt\Security]
ADD Security=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00

CHANGE [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
CHANGE History="C:\\Documents and Settings\\LocalService\\Local Settings\\History"

CHANGE [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
CHANGE History="C:\\Documents and Settings\\LocalService\\Local Settings\\History"


juninho85 25-08-2007 12:41

modificato il 3° post!

papero giallo 25-08-2007 20:12

ciao a tutti,
sul sito di comodo, ho trovato che si può scaricare un altro loro programma free anti malware et etc... Comodo BO Clean. Io ho già installato avira, comodo come firewall, ssm e spyware terminator. Ma sarebbe un doppione di questi ultimi??
Grazie per la pazienza....:)

lucas72 26-08-2007 09:10

strano problema aggiornamento antivir
 
Ciao
Ho un problema su un pc ad aggiornare avira antivir pe free.
Ho scaricato l'ultima versione dal sito e il file zippato con gli aggiornamenti (quello per windows xp)

Ho installato gli aggiornamenti manualmente su un pc (nuovo) con win xp sp2 e tutto è andato bene, ho provato ad installare lo stesso pacchetto con gli aggiornamenti su un altro pc (un vecchio PIII che uso come muletto ma con installato sempre win xp sp2) sempre con il manual update e dopo un po' alla fine del processo mi ritrovo sempre con la stessa finestra di errore:

" Update of the VDF update kit failled"

Non capisco. Come mai?
Grazie

juninho85 26-08-2007 10:04

hai provato a leggere il report?

Blue Spirit 26-08-2007 13:22

Quote:

Originariamente inviato da papero giallo (Messaggio 18400307)
ciao a tutti,
sul sito di comodo, ho trovato che si può scaricare un altro loro programma free anti malware et etc... Comodo BO Clean. Io ho già installato avira, comodo come firewall, ssm e spyware terminator. Ma sarebbe un doppione di questi ultimi??
Grazie per la pazienza....:)

credo di no, andrebbe a supportare spyware terminator, anche perchè ha solo un motore di scansione on demand...io l'ho scaricato ma non l'ho installato, perchè non lo conosco bene, e nel suo ambito ho sentito parlare positivamente di a-squared free e superantispyware...attendo lumi dai luminari della sezione:D


Tutti gli orari sono GMT +1. Ora sono le: 05:48.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
Hardware Upgrade S.r.l.