Attached is combofix log. Thank you.
ComboFix 10-10-17.04 - user1 10/19/2010 12:15:56.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1023.452 [GMT -7:00]
Running from: c:\users\user1\Desktop\ComboFix.exe
* Created a new restore point
.
PEV Error: CookiesFile
((((((((((((((((((((((((( Files Created from 2010-09-19 to 2010-10-19 )))))))))))))))))))))))))))))))
.
2010-10-19 19:03 . 2010-10-19 19:06 -------- d-----w- C:\32788R22FWJFW
2010-10-15 21:06 . 2010-10-15 21:06 -------- d-----w- c:\users\user1\AppData\Roaming\Malwarebytes
2010-10-15 21:06 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-15 21:06 . 2010-10-15 21:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-15 21:06 . 2010-10-15 21:06 -------- d-----w- c:\programdata\Malwarebytes
2010-10-15 21:06 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-15 20:31 . 2010-10-15 20:31 -------- d-----w- c:\users\user1\AppData\Local\ElevatedDiagnostics
2010-10-15 19:37 . 2010-10-17 03:25 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-10-15 19:37 . 2010-10-17 03:25 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-10-15 19:35 . 2010-10-19 18:22 -------- d-----w- c:\programdata\Kaspersky Lab
2010-10-15 19:35 . 2010-10-15 19:35 -------- d-----w- c:\program files\Kaspersky Lab
2010-10-15 17:44 . 2010-09-09 22:52 6084944 ----a-w- c:\programdata\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\Definition Updates\{07D34FB6-D100-45D9-83E6-BB82EC3899D6}\mpengine.dll
2010-10-15 02:19 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-10-03 04:34 . 2010-10-03 04:34 -------- d-----w- c:\program files\hi5
2010-09-28 23:48 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-28 19:02 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-28 19:01 . 2010-08-27 05:30 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-09-22 16:50 . 2010-09-22 16:50 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-02-22 2353176]
"{d3ecaceb-7079-4530-b82c-b20ece0422c5}"= "c:\program files\hi5\tbhi5.dll" [2010-03-25 2349152]
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
[HKEY_CLASSES_ROOT\clsid\{d3ecaceb-7079-4530-b82c-b20ece0422c5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2010-02-22 19:05 2353176 ----a-w- c:\program files\Zynga\tbZyng.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d3ecaceb-7079-4530-b82c-b20ece0422c5}]
2010-03-25 20:26 2349152 ----a-w- c:\program files\hi5\tbhi5.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-02-22 2353176]
"{d3ecaceb-7079-4530-b82c-b20ece0422c5}"= "c:\program files\hi5\tbhi5.dll" [2010-03-25 2349152]
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
[HKEY_CLASSES_ROOT\clsid\{d3ecaceb-7079-4530-b82c-b20ece0422c5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-02-22 2353176]
"{D3ECACEB-7079-4530-B82C-B20ECE0422C5}"= "c:\program files\hi5\tbhi5.dll" [2010-03-25 2349152]
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
[HKEY_CLASSES_ROOT\clsid\{d3ecaceb-7079-4530-b82c-b20ece0422c5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\users\user1\AppData\Roaming\mjusbsp\cdloader2.exe" [2010-09-09 50592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Microsoft Forefront Client Security Antimalware Service"="c:\program files\Microsoft Forefront\Client Security\Client\Antimalware\MSASCui.exe" [2010-07-20 1033600]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2010-10-17 340520]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
c:\users\user1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FCSAM]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-13 1343400]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-15 36880]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
S2 FCSAM;Microsoft Forefront Client Security Antimalware Service;c:\program files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe [2010-07-20 16896]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-03 19472]
.
Contents of the 'Scheduled Tasks' folder
2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 22:14]
2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-14 22:14]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.com/uInternet Settings,ProxyOverride =
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-10-19 12:35:53
ComboFix-quarantined-files.txt 2010-10-19 19:35
Pre-Run: 130,708,066,304 bytes free
Post-Run: 130,838,532,096 bytes free
- - End Of File - - D717F2A82F41559CBD8D874E2C07269B