help needed please problem with hijack this. LOG NOW INCLUDED

annie123

aliEnRIK wrote: »

Hijack doesnt work properly on a 64 bit system so theyre nothing to worry about

Do I have a 64bit system?

annie123

downloading combofix now

said error win32only!

aliEnRIK

annie123 wrote: »

Do I have a 64bit system?

yes you do

aliEnRIK

annie123 wrote: »

downloading combofix now

said error win32only!

Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives (Just continue - forget about the error it gives as it will work on a 64 bit system. If you still have issues then RUN AS ADMIN olike you did with hijack)
Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out

If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
(If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive)

annie123

I'm on my old computer now.
I've done the scan but now I am unable to access any web browser as it says they are marked for deletion!

Help!!!!!!!!!!!

aliEnRIK

annie123 wrote: »

I'm on my old computer now.
I've done the scan but now I am unable to access any web browser as it says they are marked for deletion!

Help!!!!!!!!!!!

Odd

Tried a reboot?

annie123

no, will do that and keep fingers crossed as system restore is one of the things says missing files when I tried it yesterday.

annie123

right, restart worked, pheww

Where do I find the log?
just noticed you told me, off to find it

aliEnRIK

annie123 wrote: »

no, will do that and keep fingers crossed as system restore is one of the things says missing files when I tried it yesterday.

You never mentioned that before. What exactly has happened recently? (missing files, viruses, new programs etc)

annie123

ComboFix 11-06-15.04 - Simon & Annie 16/06/2011 14:50:17.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3061.2010 [GMT 1:00]
Running from: c:\users\Simon & Annie\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\INSTALL.LOG
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
.

---

BITS: Possible infected sites

---

.
hxxp://ads1.msads.net
.
((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))
.
.
2011-06-16 13:54 . 2011-06-16 13:54

---

d

---

w- c:\users\Default\AppData\Local\temp
2011-06-16 13:47 . 2011-06-16 13:48

---

d

---

w- C:\32788R22FWJFW
2011-06-16 10:19 . 2011-06-16 10:19 388096 ----a-r- c:\users\Simon & Annie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-16 10:19 . 2011-06-16 10:19

---

d

---

w- c:\program files (x86)\Trend Micro
2011-06-16 09:43 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-16 09:43 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 16:04 . 2011-06-15 16:04 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-06-15 16:04 . 2011-06-15 16:04 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-06-15 16:04 . 2011-06-15 16:04 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-06-15 16:04 . 2011-06-15 16:04 89048 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-06-15 16:04 . 2011-06-15 16:04 465880 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-06-15 16:04 . 2011-06-15 16:04 1892184 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-06-15 16:04 . 2011-06-15 16:04 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-06-15 16:04 . 2011-06-15 16:04 1974616 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-06-03 06:47 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-27 16:05 . 2011-05-27 16:05

---

d

---

w- c:\program files (x86)\Common Files\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-29 08:11 . 2010-06-21 10:57 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-29 08:11 . 2010-06-21 10:57 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-10 12:10 . 2011-04-05 16:40 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-05 16:40 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-04-05 16:41 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-04-05 16:41 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2011-04-05 16:41 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-05 16:41 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-05 16:41 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-05 16:41 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-05 16:41 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-11 09:13 . 2011-04-11 09:13 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-11 09:13 . 2011-04-11 09:13 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-11 09:13 . 2011-04-11 09:13 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-11 09:13 . 2011-04-11 09:13 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-11 09:13 . 2011-04-11 09:13 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-11 09:13 . 2011-04-11 09:13 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-11 09:13 . 2011-04-11 09:13 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-11 09:13 . 2011-04-11 09:13 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-11 09:13 . 2011-04-11 09:13 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-11 09:13 . 2011-04-11 09:13 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-11 09:13 . 2011-04-11 09:13 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-11 09:13 . 2011-04-11 09:13 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-11 09:13 . 2011-04-11 09:13 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-11 09:13 . 2011-04-11 09:13 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-11 09:13 . 2011-04-11 09:13 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-11 09:13 . 2011-04-11 09:13 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-11 09:13 . 2011-04-11 09:13 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-11 09:13 . 2011-04-11 09:13 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-11 09:13 . 2011-04-11 09:13 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-11 09:13 . 2011-04-11 09:13 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-11 09:13 . 2011-04-11 09:13 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-11 09:13 . 2011-04-11 09:13 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-11 09:13 . 2011-04-11 09:13 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-04-11 09:13 . 2011-04-11 09:13 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-11 09:13 . 2011-04-11 09:13 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-11 09:13 . 2011-04-11 09:13 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-11 09:13 . 2011-04-11 09:13 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-11 09:13 . 2011-04-11 09:13 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-11 09:13 . 2011-04-11 09:13 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-11 09:13 . 2011-04-11 09:13 448512 ----a-w- c:\windows\system32\html.iec
2011-04-11 09:13 . 2011-04-11 09:13 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-11 09:13 . 2011-04-11 09:13 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-11 09:13 . 2011-04-11 09:13 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-11 09:13 . 2011-04-11 09:13 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-11 09:13 . 2011-04-11 09:13 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-11 09:13 . 2011-04-11 09:13 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-11 09:13 . 2011-04-11 09:13 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-11 09:13 . 2011-04-11 09:13 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-09 07:02 . 2011-05-16 08:18 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-16 18:06 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-16 08:18 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-16 08:18 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-16 18:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 135664]
R3 cpuz134;cpuz134;c:\users\SIMON&~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 135664]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
R4 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 17:51]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 17:51]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1084949980-1579980129-2083892875-1001Core.job
- c:\users\Simon & Annie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 15:55]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1084949980-1579980129-2083892875-1001UA.job
- c:\users\Simon & Annie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 15:55]
.
.

---

x86-64

---

.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.

---

Supplementary Scan

---

.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.co.uk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &ieSpell Options - c:\program files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Lookup on Merriam Webster - file://c:\program files (x86)\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files (x86)\ieSpell\wikipedia.HTM
Trusted Zone: o2.co.uk\*.broadband
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Simon & Annie\AppData\Roaming\Mozilla\Firefox\Profiles\hfo16pxm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.

---

LOCKED REGISTRY KEYS

---

.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.

---

Other Running Processes

---

.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Completion time: 2011-06-16 15:00:04 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-16 14:00
.
Pre-Run: 575,049,900,032 bytes free
Post-Run: 575,087,906,816 bytes free
.
- - End Of File - - 2CDCC29B630603B243E1C1BB19DE4DD8


Gosh that's a lot of info!