**** I used AdwCleaner v6.010 and it came up clean. I used it ten days later and it came up with
***** [ Registry ] *****
[ - ] Key deleted: HKLM\SOFTWARE\Classes\SAVI.SAVI
[ - ] Key deleted: HKLM\SOFTWARE\Classes\SAVI.SAVI.3
I checked in my control panel and I have had 4 programs installed on my computer during that time period:
NetBeans IDE 8.1
Java 8 Update 101 (64-bit)
Java SE Development Kit 8 Update 101 (64-bit)
Sophos Anti-Virus.
Other than those programs being installed, I visited websites that are pretty safe, like my college website and netbeans.org and oracle.com and a few other places that are okay by safeweb.norton.com.
Anyway, I was wondering if anyone knew anything about those items in the registry. I still have them locked in the AdwCleaner quarantine. I have scanned them with Sophos Endpoint Security and Control and Malwarebytes Anti-Malware (free edition) and they both came up clean. I tried googling savi.savi.3 virus and came up with some information about Sophos Anti-Virus, with a file savi.dll also being associated. If they are genuinely associated with Sophos, I would like to restore them. However, if someone has infiltrated my computer through Sophos, I would like to delete them. Does anyone have any information? Has anyone experienced anything similar?
Thanks a lot!
Additional information:
They're currently located in quarantine. However, their filenames are
reg_kmxxiidzkqsvskvuaafvvcqalnidaaxu
reg_uyxbdxfygppblgvmiwglsjkfvebnxtfw
The first one is 588 bytes (4,096 bytes for "size on disk") and the second one is 446 bytes (4,096 bytes for "size on disk"). I don't know if those are realistic sizes for registry files. I thought it seemed small, but I have no idea.