I ran it before I came to seek help on this forum~
Post the logs please.
I ran it before I came to seek help on this forum~
Post the logs please.
I guess I did try to run it before now that I think of it but the following problem occured, which occured the last time but I didn't go on with it at that time,: It told me to remove AVG, so I did but I didn't remove user settings and the other thing and yet it doesn't allow me to now reinstall it so I can fully uninstall AVG thereafter so ComboFix would work.
EDIT: One or more of its components still seems to be running in the background and it's not visible to an uninstaller and also the file in C: drive cannot be deleted. I cannot delete the Avgse.dll file only.
EDIT2: Okay, it seems to be running now since I only have that .dll file left. Yet, I cannont reintsall it. The installer doesn't even come up...
ComboFix 11-04-04.02 - Waka 05/04/2011 14:24:23.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2047.925 [GMT 1:00]
Running from: c:\documents and settings\Waka\Desktop\ComboFix.exe
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Waka\System
c:\documents and settings\Waka\System\win_qs8.jqx
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-05 to 2011-04-05 )))))))))))))))))))))))))))))))
.
.
2011-04-05 12:25 . 2011-04-05 12:25 -------- d-----w- C:\_OTL
2011-04-04 11:27 . 2011-04-04 11:27 -------- d-----w- c:\program files\ESET
2011-04-02 13:24 . 2011-04-02 13:24 -------- d-----w- c:\documents and settings\Waka\Application Data\SUPERAntiSpyware.com
2011-04-02 13:24 . 2011-04-02 13:24 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-01 19:14 . 2005-08-01 17:34 82944 ----a-w- c:\program files\Mozilla Firefox\aproposfix\sed.exe
2011-04-01 19:14 . 2005-01-13 19:41 126976 ----a-w- c:\program files\Mozilla Firefox\aproposfix\zip.exe
2011-04-01 19:14 . 2001-01-26 18:37 103424 ----a-w- c:\program files\Mozilla Firefox\aproposfix\grep.exe
2011-04-01 18:20 . 2011-04-01 18:20 -------- d-----w- c:\program files\FileASSASSIN
2011-03-27 01:02 . 2011-03-27 01:03 -------- d-----w- c:\documents and settings\Waka\Application Data\ImgBurn
2011-03-27 00:57 . 2011-03-27 00:57 -------- d-----w- c:\program files\ImgBurn
2011-03-14 05:39 . 2011-03-14 05:39 -------- d-----w- c:\program files\Microsoft Silverlight
2011-03-14 05:29 . 2011-03-14 05:35 -------- d-----w- c:\documents and settings\Waka\Local Settings\Application Data\ApplicationHistory
2011-03-14 05:25 . 2011-03-14 05:25 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-03-14 05:18 . 2011-03-14 05:18 -------- d-----w- c:\documents and settings\Waka\Application Data\Windows Search
2011-03-14 05:18 . 2011-03-14 05:18 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2011-03-14 05:14 . 2011-03-14 05:14 -------- d-----w- c:\windows\system32\winrm
2011-03-14 05:14 . 2011-03-14 05:14 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-03-14 05:13 . 2011-03-14 05:13 -------- d-----w- c:\documents and settings\Waka\Application Data\Windows Desktop Search
2011-03-14 05:12 . 2011-03-14 05:31 -------- d-----w- c:\program files\Windows Desktop Search
2011-03-14 05:11 . 2011-03-14 05:11 -------- d-----w- c:\windows\system32\URTTEMP
2011-03-14 04:40 . 2011-03-14 04:40 -------- d-----w- c:\windows\system32\XPSViewer
2011-03-14 03:59 . 2011-03-14 03:59 -------- d-----w- c:\program files\VS Revo Group
2011-03-12 12:28 . 2011-03-12 12:28 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 12:28 . 2011-03-12 12:28 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-03-07 12:28 . 2011-03-07 17:41 -------- d-----w- c:\documents and settings\Waka\.android
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-04 16:50 . 2010-04-02 15:14 140248 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-04 16:50 . 2010-04-02 15:17 266400 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-04 16:50 . 2010-04-02 15:12 266400 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-03 05:02 . 2010-04-02 15:12 266400 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-02-19 23:03 . 2011-02-19 23:03 421200 ----a-w- c:\windows\system32\msvcp100.dll
2011-02-19 00:40 . 2011-02-19 00:40 773968 ----a-w- c:\windows\system32\msvcr100.dll
2011-02-09 13:53 . 2008-04-14 04:42 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 04:41 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-03 23:43 . 2010-04-02 15:12 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-02-02 21:40 . 2010-04-15 21:39 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 19:19 . 2009-06-19 20:22 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2009-06-17 22:34 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-06-17 22:34 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2008-04-14 04:42 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 04:39 290048 ----a-w- c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2008-12-11 114688]
"SPIRun"="SPIRun.dll" [2006-11-29 8704]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
"QFan Help"="c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe" [2009-03-09 598528]
"Cpu Level Up help"="c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-11-30 881152]
"Ai Nap"="c:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2009-01-02 1427968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-26 1753192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Waka^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\documents and settings\Waka\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccipStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\worms reloaded\\WormsReloaded.exe"=
"e:\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"e:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"e:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Steam\\steamapps\\kingamd\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\kingamd\\counterstrike source beta\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\kingamd\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead 2\\left4dead2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57147:TCP"= 57147:TCP:Pando Media Booster
"57147:UDP"= 57147:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6958:TCP"= 6958:TCP:League of Legends Launcher
"6958:UDP"= 6958:UDP:League of Legends Launcher
"6906:TCP"= 6906:TCP:League of Legends Launcher
"6906:UDP"= 6906:UDP:League of Legends Launcher
"6938:TCP"= 6938:TCP:League of Legends Launcher
"6938:UDP"= 6938:UDP:League of Legends Launcher
"6893:TCP"= 6893:TCP:League of Legends Launcher
"6893:UDP"= 6893:UDP:League of Legends Launcher
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"6897:TCP"= 6897:TCP:League of Legends Launcher
"6897:UDP"= 6897:UDP:League of Legends Launcher
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13/09/2010 16:27 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [07/09/2010 03:48 26064]
R0 mrdd;Marvell Removable Disk Control Driver;c:\windows\system32\drivers\mrdd.sys [18/06/2009 03:25 18984]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [12/04/2009 13:08 152616]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [03/11/2009 15:57 691696]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/09/2010 03:48 251728]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [07/09/2010 03:49 299984]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19/08/2010 21:42 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19/08/2010 21:42 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19/08/2010 21:42 26192]
R3 DCamUSBNovatek;USB2.0 HD UVC Camera;c:\windows\system32\drivers\nvtcam.sys [03/08/2010 14:30 2697728]
R3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\drivers\hidusbf.sys [18/06/2009 13:10 4544]
R3 hxctlflt;hxctlflt;c:\windows\system32\drivers\hxctlflt.sys [03/08/2010 14:30 99968]
R3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [18/06/2009 13:03 742936]
R3 t3filt;t3filt;c:\windows\system32\drivers\t3filt.sys [18/06/2009 13:03 1803136]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\Waka\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\Waka\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\Waka\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS --> c:\docume~1\Waka\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [?]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" --> c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"c:\program files\AVG\AVG10\avgwdsvc.exe" --> c:\program files\AVG\AVG10\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 14:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys --> c:\windows\system32\drivers\Ambfilt.sys [?]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [24/09/2010 05:38 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [11/12/2010 21:41 79360]
S3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [18/06/2009 17:22 22784]
S3 guillflt;Guillemot Audio Lower Filter;c:\windows\system32\drivers\guillflt.sys [03/08/2010 14:31 54784]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [14/04/2008 05:42 14336]
S3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [11/04/2007 17:23 45440]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14/04/2008 05:42 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 14:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-05 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
FF - ProfilePath - c:\documents and settings\Waka\Application Data\Mozilla\Firefox\Profiles\ldfpmils.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Zynga Community Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\Waka\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-05 14:27
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SPIRun = Rundll32 SPIRun.dll,RunDLLEntry?
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2011-04-05 14:29:02
ComboFix-quarantined-files.txt 2011-04-05 13:29
.
Pre-Run: 12,108,455,936 bytes free
Post-Run: 12,061,777,920 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - C90DD59FF62E64C8F3D2047087A1C8F2
After running ComboFix I've been able to reinstall AVG. :)
Any changes to the warnings?
Nope. They still show up when I start my browser.
When was the last update to AVG?
Personally I would dump AVG for either Avast, Avira, Comodo or MSE.
07/04/11. Hmm, I'm considering that too. I'll give one of them a go.
I'm sort of thinking that this may be a false positive from AVG.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.