Hello all,

Any insight you can give me will be helpful. I have read this forum a lot but never had to post. Thought I was pretty good with computer and don’t understand how both of my computers are infected with almost the same registry keys.

I formatted both computers less than 2 weeks ago because I suspected a problem and thought I would be clean. Tonight after reading some stuff on the new AVG from Grisoft just released I thought I would download it and see what it was like for giggles. It found 476 or some odd registry keys it listed as warnings and that they were Internet Explorer Active X registry key entries. I don't even use Internet Explorer and if I do it is once in a great while. My laptop I am almost 100 percent since the format that I have not even launched internet explorer. Which is why this is puzzling me?

I use:

Firefox
Zone Alarm Professional Firewall
Avast Free Edition
Threatfire from PC Tools and Spyware Doctor - Those three are actively running all the time. I also have PC Tools Antivirus, Spyware Terminator (on desktop), Super Antispyware, Antivir installed but they do not run as an active scanners. I also have Mcafee Siteadvisor and No Script for firefox which tells me what sites to stay away. I know a little bit paranoid but some of things I have been reading lately kind of justifies it and since AVG just found all this crap.

I started to think that I had a hacked version of AVG so I triple checked that it was the right Grisoft website so it is not that unless there site was jacked.

I just can't figure out where I got the infection I know 100 percent that my laptop has not been on any warez, porn, or any other malware sites because I have been the only once using it and not that much. The desktop however not so sure if anyone else used it. I don't have shared directories on the computers because I have kept them in an internet zone and not a trusted zone to each other.

I restarted and did another scan and it is finding the same registry keys again. I will figure that out I hope probably reformat but I need to figure out how they are getting on both computers. I will keep it clean but I would like to cuss my head off. It is not detecting what ever is putting them back there.

Can someone take a look at the picture files that I have placed and see what they think. I made a list of software that I have on both computers and I think I might just have to format again and check after each software is installed (that sounds like so much fun).

My gut is telling me it is a root kit somehow or rogue software which I have tried like hell to stay away from. Anyone know of a good root kit software. AVG and Antivir did not find anything.

Any suggestions on programs to find out how they got there. Or what it is AVG is finding stuff but not what is placing it there.

I would like to find a program that will detect the infection so that I won’t use that CD or External Hard drive. There is no way I can just trash everything including backups without having something that will catch it.

I was going to attach the pictures but I don't see that option. I would paste the export of the scan but it is 23 pages a bit long I think. Can you attach a text file?

One other thing I don't see why they are listed as warnings is it cause they are registry entries.

I will leave my post up without deleting it just in case someone else has the same problem and panics. I looked at the results of the scans and both scans came up with 476 warnings which I thought was kind of odd and got me thinking. I disabled Spyware doctor and let AVG remove the registry entries. Restarted and they were not put back in with Spyware doctor disable. I am almost 100 percent positive that those where the immunization files from Spyware Doctor. After this scan which has found nothing so far I am going to re-enable Spyware Doctor. If that is it, which I know it is (pretty damn sure) AVG just dropped a notch in my book. I used to use it on some of my slower computers but this is ridiculous especially if you are someone that doesn't have that much computer experience and it would have happened to them.

Edit: That is exactly what it was, that really irritates me. I will be uninstalling AVG immediately.

You're right in your diagnosis, and I'm afraid AVG has shot itself in the foot over this. There's been a lot of feedback to them about this issue, but they persist in declaring that they're not going to fix it. They call it 'incompatibility' and say the solution is to remove the software in question. But I call them false positives, and in my view AVG should fix them.

I've already emailed them once about this issue (I'm a paying AVG7.5 user who will not upgrade to AVG8 while this situation persists), and I received the usual answer. It seems to me that only weight of customer response will make them change their mind.

That is indeed ridiculous that they tell you to uninstall the software. Do they give you any facts that those are problems or admit that they are false positives.

Edit: that is bull if they are not false positives and indeed it was a problem why would it not detect Spyware doctor placing them there. What a load!

It appears to be the same problem AVG is having, with SpywareBlaster:

Avg 8 And Spywareblaster - Conflicts Are Occuring

It seems there might be a pattern that they are only trying to get you to use there product and possibly pay to use there full software. Huh. I actually thought about buying it before I figured out what it was. Figures Although I don't recommend most users taking my opinion, just cause I am not all knowledgeable, but this makes me consider AVG as questionable software if they do not fix this and keep giving that kind of answer.

Edit: Hell even Microsoft was quicker to fix there false positive with Spyware Terminator. LOL

AVG FAQ 1198: Infection detected in "ActiveX Compatibility" registry key

Take a look at this thread:

http://www.wilderssecurity.com/showthread....666#post1231666

It's starting to look as though AVG are moving on this issue, at last. And at least some of what they've been saying about the whole issue has been wrong, if I understand correctly what I'm reading here.

with respect; you seem to have numerous antivirus programs installed?

AVG, Avast, PC tools antivirus , antivir.......



if you wish for a known AVG 7.5 download try

http://www.oldapps.com/AVG_antivirus.php

I actually only have Avast which is running and PC Tools Antivirus installed but not actively running its scanner. Antivir was something that I tried and so was AVG to see how I liked there products. I occasionally like to see what else is out there. From what I have gathered the current version of Avast is a little bit better than the 7.5 version of AVG. Personal preference because it is pretty close. But Avast scans for spyware and Rootkits. Antivir doesn't scans for spyware and up until this recent version of AVG they had eliminated spyware scans and still don't have rootkits. I don't think Avast scans the registry however and that was why I was evaluating some more. I don't know if I will find a free one that does it all on its own. Although I am not positive on the Avast not scanning the registry.