Problem Trojan Horse Clicker.ABCT

[alexcks]

This is my problem, once i click IE and it will prompt out a message from my AVG stated Trojan Horse Clicker.ABCT ,Trojan Horse Downloader.Generic8.BKIE infected..How to solve this problem ..Here is my DDS


DDS (Ver_09-07-30.01) - NTFSx86
Run by Alex at 22:34:38.90 on Thu 09/03/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2039.1156 [GMT 8:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
"C:\WINDOWS\system32\svchost.exe"
C:\WINDOWS\Explorer.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Program Files\Dealio Toolbar\SearchSettings.exe
C:\Utopia\Angel\Angel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Alex\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\HUAWEI~1\HUAWEI~1\3 USB Modem.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Alex\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\program files\common files\mozilla shared\firefox.exe
C:\Documents and Settings\Alex\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.my/
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,
mWinlogon: Taskman=c:\recycler\s-1-5-21-0403467923-7137748367-392496563-3311\wnzip32.exe
BHO: {01257a92-bb63-4220-8598-17f87c3f54eb} - c:\windows\system32\jsogjodd.dll
BHO: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - c:\program files\dealio toolbar\DealioToolbarIE.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: : {bc178773-968f-41fc-ac2d-a8877ca20360} - c:\windows\system32\bdkljvv.dll
BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\dealio toolbar\SearchSettings.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - c:\program files\dealio toolbar\DealioToolbarIE.dll
uRun: [Utopia Angel] "c:\utopia\angel\Angel.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Octoshape Streaming Services] "c:\documents and settings\alex\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrun
uRun: [Google Update] "c:\documents and settings\alex\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [DataLayer] c:\progra~1\common~1\pcsuite\datala~1\DATALA~1.EXE
mRun: [PCSuiteTrayApplication] c:\progra~1\nokia\nokiap~1\TRAYAP~1.EXE
mRun: [SearchSettings] c:\program files\dealio toolbar\SearchSettings.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyPoker.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxps://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {88D969C0-F192-11D4-A65F-0040963251E5} - hxxps://wimpro.cce.hp.com/ChatEntry/downloads/msxml4.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {27BF4501-0BBF-4608-98A1-9D09C21E42D6} = 123.136.100.2 123.136.100.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: dtwlbhbg - bdkljvv.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\alex\applic~1\mozilla\firefox\profiles\v1o20p4y.default\
FF - prefs.js: keyword.URL - hxxp://malaysia.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=150911&p=
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\mozilla firefox\extensions\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c}\components\DealioToolbarFF.dll
FF - component: c:\program files\mozilla firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\alex\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\alex\application data\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\documents and settings\alex\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll

============= SERVICES / DRIVERS ===============

R0 jiqafudf;jiqafudf;c:\windows\system32\drivers\jiqafudf.sys [2001-8-23 23424]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-11 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-11 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-11 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-11 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-11 297752]
R2 jvsmuoal;Microsoft USB Generic Parent Monitor;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 gupdate1c9f0b56b7a891f;Google Update Service (gupdate1c9f0b56b7a891f);c:\program files\google\update\GoogleUpdate.exe [2009-6-19 133104]
S2 msupdate;Microsoft security update service;c:\windows\system32\mssrv32.exe [2009-9-2 31232]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\alex\locals~1\temp\wygf.tmp --> c:\docume~1\alex\locals~1\temp\WYGF.tmp [?]

=============== Created Last 30 ================

2009-09-03 22:11 83,712 a------- c:\windows\system32\drivers\67365882.sys
2009-09-03 22:11 705 a------- C:\awqejfl.exe
2009-09-03 22:11 705 a------- C:\vjfivah.exe
2009-09-03 22:11 105,472 a------- C:\dnweoxoo.exe
2009-09-03 22:10 2 a------- C:\1144087706
2009-09-03 22:10 190,464 a------- C:\kwryitsy.exe
2009-09-03 22:08 <DIR> --d----- c:\docume~1\alex\applic~1\qxhtqves
2009-09-02 17:22 31,232 a------- c:\windows\system32\mssrv32.exe
2009-09-02 10:44 3,248 a------- c:\windows\system32\wbem\Outlook_01ca2b774db99fd6.mof
2009-09-01 11:06 <DIR> --d----- c:\windows\ERUNT
2009-09-01 10:46 <DIR> --d----- C:\SDFix
2009-08-31 21:51 <DIR> --d----- c:\program files\Uniblue
2009-08-31 21:46 <DIR> --d----- c:\docume~1\alex\applic~1\Uniblue
2009-08-30 18:50 <DIR> --dsh--- c:\windows\system32\lowsec
2009-08-30 18:50 24,576 a------- c:\windows\system32\stu2.exe
2009-08-30 14:16 <DIR> --d----- c:\windows\system32\LogFiles
2009-08-29 13:38 0 a--shr-- C:\khq
2009-08-29 00:38 5,280 a------- c:\windows\TWIN40.INI
2009-08-29 00:38 39,718 a------- c:\windows\TWIN40.BMP
2009-08-29 00:38 25,808 a------- c:\windows\system\CTL3DV2.DLL
2009-08-29 00:38 55 a------- c:\windows\TBIME.INI
2009-08-29 00:38 78,928 a------- c:\windows\TBUNINST.EXE
2009-08-29 00:37 20,976 a------- c:\windows\system\CTL3D.DLL
2009-08-16 00:55 <DIR> --d----- c:\windows\ServicePackFiles

==================== Find3M ====================

2009-08-30 18:52 17,920 a------- c:\windows\system32\userinit.exe
2009-08-26 18:13 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-26 18:13 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-05 17:11 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-18 02:55 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 02:18 233,472 a------- c:\windows\system32\wmpdxm.dll
2009-06-27 00:18 659,456 a------- c:\windows\system32\wininet.dll
2009-06-27 00:18 81,920 a------- c:\windows\system32\ieencode.dll
2009-06-26 02:36 661,504 a------- c:\windows\system32\mqqm.dll
2009-06-26 02:36 517,120 a------- c:\windows\system32\mqsnap.dll
2009-06-26 02:36 471,552 a------- c:\windows\system32\mqutil.dll
2009-06-26 02:36 225,280 a------- c:\windows\system32\mqoa.dll
2009-06-26 02:36 186,880 a------- c:\windows\system32\mqtrig.dll
2009-06-26 02:36 177,152 a------- c:\windows\system32\mqrt.dll
2009-06-26 02:36 138,240 a------- c:\windows\system32\mqad.dll
2009-06-26 02:36 123,392 a------- c:\windows\system32\mqrtdep.dll
2009-06-26 02:36 95,744 a------- c:\windows\system32\mqsec.dll
2009-06-26 02:36 48,640 a------- c:\windows\system32\mqupgrd.dll
2009-06-26 02:36 47,104 a------- c:\windows\system32\mqdscli.dll
2009-06-26 02:36 16,896 a------- c:\windows\system32\mqise.dll
2009-06-25 16:44 724,480 a------- c:\windows\system32\lsasrv.dll
2009-06-25 16:44 298,496 a------- c:\windows\system32\kerberos.dll
2009-06-25 16:44 168,448 a------- c:\windows\system32\schannel.dll
2009-06-25 16:44 133,632 a------- c:\windows\system32\msv1_0.dll
2009-06-25 16:44 59,392 a------- c:\windows\system32\wdigest.dll
2009-06-25 16:44 56,320 a------- c:\windows\system32\secur32.dll
2009-06-24 11:10 44,818 a------- c:\windows\War3Unin.dat
2009-06-24 11:10 139,264 a------- c:\windows\War3Unin.exe
2009-06-24 11:10 2,829 a------- c:\windows\War3Unin.pif
2009-06-23 18:34 290,869 a------- c:\windows\system32\storm.dll
2009-06-23 18:34 372,736 a------- c:\windows\system32\ijl15.dll
2009-06-22 19:49 117,248 a------- c:\windows\system32\mqtgsvc.exe
2009-06-22 19:49 19,968 a------- c:\windows\system32\mqbkup.exe
2009-06-22 19:49 4,608 a------- c:\windows\system32\mqsvc.exe
2009-06-19 16:11 499,712 a------- c:\windows\system32\msvcp71.dll
2009-06-19 16:11 348,160 a------- c:\windows\system32\msvcr71.dll
2009-06-16 22:55 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 22:55 82,432 a------- c:\windows\system32\fontsub.dll
2009-06-16 12:36 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-06-12 19:50 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 19:50 76,288 a------- c:\windows\system32\telnet.exe
2009-06-10 22:56 87,328 a------- c:\windows\system32\bcmwlcoi.dll
2009-06-10 22:21 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 22:13 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-06-10 14:32 132,096 a------- c:\windows\system32\wkssvc.dll

============= FINISH: 22:35:02.07 ===============

[tetonbob]

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

One or more of the identified infections steal information. If this system is used for online banking or has credit card information on it, all passwords should be changed immediately by using a different computer (not the infected one!) to make the changes. Banking and credit card institutions, if any, should be notified of the possible security breach. I suggest that you read this article too.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------

1. Download Combofix from any of the links below. You must rename it before saving it. Name it ComFx and Save it to your desktop.
   
   Link 1
   Link 2
   
   
   
   
   
   
   --------------------------------------------------------------------
   
   
   * IMPORTANT !!! Place ComFx.exe on your Desktop
   
2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
   
   
   You can get help on disabling your protection programs here
   
   
   AVG 8.5
   Please open the AVG 8.5 Control Center, by right clicking on the AVG icon on task bar.
   • Click on Open AVG Interface.
   • Double click on Resident Shield
   • Deselect the option to "Enable Resident Shield."
   • Save changes, and exit the application.
   • To re-enable AVG 8.5, please select "Enable Resident Shield" again.
   
   
3. Double click on ComFx.exe & follow the prompts.
   
4. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
   
   Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
   
   
   
   
   
   The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.
   
   With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
   
   Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.
   
   ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.
   
   Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:
   
   The Recovery Console was successfully installed.
   
   
   
   Click on Yes, to continue scanning for malware. NOTE: If the Recovery Console does NOT install, click on No, do NOT continue, and let me know.
   
5. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
   
6. When finished, it shall produce a log for you. Post that log in your next reply
   
   Note:
   Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
   
   ---------------------------------------------------------------------------------------------
   
7. Ensure your AntiVirus and AntiSpyware applications are re-enabled. A reboot should have done this.
   
   
   ---------------------------------------------------------------------------------------------

[alexcks]

Unbelievable, it really help, it solve my problem i think ..should see couple of day, now i click IE it won't prompt a message from AVG..

TQ .

[tetonbob]

alexcks -

This machine had multiple infections, and it usually takes more than one set of instructions to fix things, as I already mentioned.

Quote:

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Post the log at C:\Combofix.txt for review and await next instructions.

[tetonbob]

Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help