We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

help needed please problem with hijack this. LOG NOW INCLUDED

Options
124

Comments

  • annie123
    annie123 Posts: 4,256 Forumite
    1,000 Posts Combo Breaker
    aliEnRIK wrote: »
    Hijack doesnt work properly on a 64 bit system so theyre nothing to worry about

    Do I have a 64bit system?
  • annie123
    annie123 Posts: 4,256 Forumite
    1,000 Posts Combo Breaker
    downloading combofix now

    said error win32only!
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    annie123 wrote: »
    Do I have a 64bit system?

    yes you do
    :idea:
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    annie123 wrote: »
    downloading combofix now

    said error win32only!

    Please run COMBOFIX
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Shut down your anti virus
    Follow the simple instructions it gives (Just continue - forget about the error it gives as it will work on a 64 bit system. If you still have issues then RUN AS ADMIN olike you did with hijack)
    Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out

    If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
    (If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive)
    :idea:
  • annie123
    annie123 Posts: 4,256 Forumite
    1,000 Posts Combo Breaker
    I'm on my old computer now.
    I've done the scan but now I am unable to access any web browser as it says they are marked for deletion!

    Help!!!!!!!!!!!
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    annie123 wrote: »
    I'm on my old computer now.
    I've done the scan but now I am unable to access any web browser as it says they are marked for deletion!

    Help!!!!!!!!!!!

    Odd

    Tried a reboot?
    :idea:
  • annie123
    annie123 Posts: 4,256 Forumite
    1,000 Posts Combo Breaker
    no, will do that and keep fingers crossed as system restore is one of the things says missing files when I tried it yesterday.
  • annie123
    annie123 Posts: 4,256 Forumite
    1,000 Posts Combo Breaker
    right, restart worked, pheww

    Where do I find the log?
    just noticed you told me, off to find it
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    annie123 wrote: »
    no, will do that and keep fingers crossed as system restore is one of the things says missing files when I tried it yesterday.

    You never mentioned that before. What exactly has happened recently? (missing files, viruses, new programs etc)
    :idea:
  • annie123
    annie123 Posts: 4,256 Forumite
    1,000 Posts Combo Breaker
    ComboFix 11-06-15.04 - Simon & Annie 16/06/2011 14:50:17.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3061.2010 [GMT 1:00]
    Running from: c:\users\Simon & Annie\Downloads\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\INSTALL.LOG
    c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
    c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
    .
    BITS: Possible infected sites
    .
    hxxp://ads1.msads.net
    .
    ((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))
    .
    .
    2011-06-16 13:54 . 2011-06-16 13:54
    d
    w- c:\users\Default\AppData\Local\temp
    2011-06-16 13:47 . 2011-06-16 13:48
    d
    w- C:\32788R22FWJFW
    2011-06-16 10:19 . 2011-06-16 10:19 388096 ----a-r- c:\users\Simon & Annie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-06-16 10:19 . 2011-06-16 10:19
    d
    w- c:\program files (x86)\Trend Micro
    2011-06-16 09:43 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-06-16 09:43 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys
    2011-06-15 16:04 . 2011-06-15 16:04 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
    2011-06-15 16:04 . 2011-06-15 16:04 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
    2011-06-15 16:04 . 2011-06-15 16:04 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
    2011-06-15 16:04 . 2011-06-15 16:04 89048 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
    2011-06-15 16:04 . 2011-06-15 16:04 465880 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
    2011-06-15 16:04 . 2011-06-15 16:04 1892184 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
    2011-06-15 16:04 . 2011-06-15 16:04 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
    2011-06-15 16:04 . 2011-06-15 16:04 1974616 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
    2011-06-03 06:47 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
    2011-05-27 16:05 . 2011-05-27 16:05
    d
    w- c:\program files (x86)\Common Files\Adobe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-05-29 08:11 . 2010-06-21 10:57 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-05-29 08:11 . 2010-06-21 10:57 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-10 12:10 . 2011-04-05 16:40 40112 ----a-w- c:\windows\avastSS.scr
    2011-05-10 12:10 . 2011-04-05 16:40 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-05-10 12:10 . 2011-04-05 16:41 253888 ----a-w- c:\windows\system32\aswBoot.exe
    2011-05-10 12:04 . 2011-04-05 16:41 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-10 12:04 . 2011-04-05 16:41 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-05-10 12:02 . 2011-04-05 16:41 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-05-10 11:59 . 2011-04-05 16:41 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-05-10 11:59 . 2011-04-05 16:41 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-05-10 11:59 . 2011-04-05 16:41 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-04-11 09:13 . 2011-04-11 09:13 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-04-11 09:13 . 2011-04-11 09:13 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2011-04-11 09:13 . 2011-04-11 09:13 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2011-04-11 09:13 . 2011-04-11 09:13 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2011-04-11 09:13 . 2011-04-11 09:13 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2011-04-11 09:13 . 2011-04-11 09:13 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2011-04-11 09:13 . 2011-04-11 09:13 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2011-04-11 09:13 . 2011-04-11 09:13 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2011-04-11 09:13 . 2011-04-11 09:13 367104 ----a-w- c:\windows\SysWow64\html.iec
    2011-04-11 09:13 . 2011-04-11 09:13 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2011-04-11 09:13 . 2011-04-11 09:13 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2011-04-11 09:13 . 2011-04-11 09:13 222208 ----a-w- c:\windows\system32\msls31.dll
    2011-04-11 09:13 . 2011-04-11 09:13 173056 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-04-11 09:13 . 2011-04-11 09:13 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2011-04-11 09:13 . 2011-04-11 09:13 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2011-04-11 09:13 . 2011-04-11 09:13 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2011-04-11 09:13 . 2011-04-11 09:13 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2011-04-11 09:13 . 2011-04-11 09:13 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2011-04-11 09:13 . 2011-04-11 09:13 1389056 ----a-w- c:\windows\system32\wininet.dll
    2011-04-11 09:13 . 2011-04-11 09:13 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2011-04-11 09:13 . 2011-04-11 09:13 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
    2011-04-11 09:13 . 2011-04-11 09:13 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2011-04-11 09:13 . 2011-04-11 09:13 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2011-04-11 09:13 . 2011-04-11 09:13 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-04-11 09:13 . 2011-04-11 09:13 85504 ----a-w- c:\windows\system32\iesetup.dll
    2011-04-11 09:13 . 2011-04-11 09:13 76800 ----a-w- c:\windows\system32\tdc.ocx
    2011-04-11 09:13 . 2011-04-11 09:13 603648 ----a-w- c:\windows\system32\vbscript.dll
    2011-04-11 09:13 . 2011-04-11 09:13 49664 ----a-w- c:\windows\system32\imgutil.dll
    2011-04-11 09:13 . 2011-04-11 09:13 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-04-11 09:13 . 2011-04-11 09:13 448512 ----a-w- c:\windows\system32\html.iec
    2011-04-11 09:13 . 2011-04-11 09:13 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2011-04-11 09:13 . 2011-04-11 09:13 165888 ----a-w- c:\windows\system32\iexpress.exe
    2011-04-11 09:13 . 2011-04-11 09:13 160256 ----a-w- c:\windows\system32\wextract.exe
    2011-04-11 09:13 . 2011-04-11 09:13 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-04-11 09:13 . 2011-04-11 09:13 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-04-11 09:13 . 2011-04-11 09:13 12288 ----a-w- c:\windows\system32\mshta.exe
    2011-04-11 09:13 . 2011-04-11 09:13 114176 ----a-w- c:\windows\system32\admparse.dll
    2011-04-11 09:13 . 2011-04-11 09:13 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2011-04-09 07:02 . 2011-05-16 08:18 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-04-09 06:58 . 2011-05-16 18:06 142336 ----a-w- c:\windows\system32\poqexec.exe
    2011-04-09 06:02 . 2011-05-16 08:18 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2011-04-09 06:02 . 2011-05-16 08:18 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2011-04-09 05:56 . 2011-05-16 18:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 135664]
    R3 cpuz134;cpuz134;c:\users\SIMON&~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 135664]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    R4 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files (x86)\O2\bin\sprtsvc.exe [2009-03-04 202016]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 17:51]
    .
    2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-22 17:51]
    .
    2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1084949980-1579980129-2083892875-1001Core.job
    - c:\users\Simon & Annie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 15:55]
    .
    2011-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1084949980-1579980129-2083892875-1001UA.job
    - c:\users\Simon & Annie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-28 15:55]
    .
    .
    x86-64
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    Supplementary Scan
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.co.uk/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &ieSpell Options - c:\program files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
    IE: Check &Spelling - c:\program files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    IE: Lookup on Merriam Webster - file://c:\program files (x86)\ieSpell\Merriam Webster.HTM
    IE: Lookup on Wikipedia - file://c:\program files (x86)\ieSpell\wikipedia.HTM
    Trusted Zone: o2.co.uk\*.broadband
    TCP: DhcpNameServer = 192.168.1.254
    FF - ProfilePath - c:\users\Simon & Annie\AppData\Roaming\Mozilla\Firefox\Profiles\hfo16pxm.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    .
    .
    .
    LOCKED REGISTRY KEYS
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Other Running Processes
    .
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    .
    **************************************************************************
    .
    Completion time: 2011-06-16 15:00:04 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-06-16 14:00
    .
    Pre-Run: 575,049,900,032 bytes free
    Post-Run: 575,087,906,816 bytes free
    .
    - - End Of File - - 2CDCC29B630603B243E1C1BB19DE4DD8


    Gosh that's a lot of info!
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.7K Banking & Borrowing
  • 253K Reduce Debt & Boost Income
  • 453.4K Spending & Discounts
  • 243.7K Work, Benefits & Business
  • 598.5K Mortgages, Homes & Bills
  • 176.8K Life & Family
  • 256.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.