I also ran the DDS program. Here is the log:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Run by Netta at 16:02:38 on 2012-03-31
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page =
hxxp://www.yahoo.com/uSearch Page =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluInternet Settings,ProxyOverride = localhost;127.0.0.1;<local>
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.commSearchAssistant =
hxxp://www.google.com/ieuURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn2\yt.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn2\yt.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: mantech.com
Trusted Zone: mantech.com\psportal
Trusted Zone: mantech.com\psweb
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} -
hxxp://upload.facebook.com/controls/200 ... oader5.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... tor/sw.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} -
hxxp://asp.mathxl.com/books/_Players/Ac ... Player.cabDPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} -
hxxp://asp.mathxl.com/wizmodules/testge ... nstall.cabDPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
hxxp://download.mcafee.com/molbin/share ... insctl.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {95D88B35-A521-472B-A182-BB1A98356421} -
hxxp://asp.mathxl.com/books/_Players/Pe ... lAsst2.cabDPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} -
hxxp://www.crucial.com/controls/cpcScanner.cabDPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
hxxp://cdn2.zone.msn.com/binFramework/v ... b34246.cabDPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
hxxp://download.mcafee.com/molbin/share ... cgdmgr.cabDPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload2.macromedia.com/get/s ... wflash.cabDPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} -
hxxps://ehqpm1.everest.nu/dwa7W.cabDPF: {E6D23284-0E9B-417D-A782-03E4487FC947} -
hxxp://asp.mathxl.com/books/_Players/MathPlayer.cabDPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} -
hxxp://download.mcafee.com/molbin/iss-l ... cfscan.cabTCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{2BE82E51-258F-46BE-A445-1FEB0E675EAD} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.2.0\ViProtocol.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll
Hosts: 127.0.0.1
www.spywareinfo.com.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\netta\application data\mozilla\firefox\profiles\xlq94w1m.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.yahoo.com/FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\netta\application data\mozilla\firefox\profiles\xlq94w1m.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Move Media Player:
moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter:
jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg8\Firefox
FF - Ext: AVG Security Toolbar em:version=3.011.025.005 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg8\toolbar\firefox\avg@igeared
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.zencast -
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-03-31 19:35:52 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-03-31 03:06:54 2 ----a-w- c:\windows\system32\tracert.com
2012-03-31 03:06:54 2 ----a-w- c:\windows\system32\cmd.com
2012-03-31 03:06:53 2 ----a-w- c:\windows\system32\tasklist.com
2012-03-31 03:06:53 2 ----a-w- c:\windows\system32\ping.com
2012-03-31 03:06:53 -------- d-----w- c:\program files\winupdates
2012-03-31 01:41:42 -------- d-----w- c:\documents and settings\netta\local settings\application data\PCHealth
2012-03-31 00:10:54 -------- d-----w- c:\documents and settings\netta\application data\AVG Secure Search
2012-03-30 20:51:56 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-03-30 20:48:18 -------- dc----w- c:\documents and settings\all users\Microsoft
2012-03-30 20:48:18 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-03-30 20:35:09 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2012-03-30 20:31:04 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2012-03-30 20:26:10 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2012-03-30 20:16:16 105472 ------w- c:\windows\system32\dllcache\mup.sys
2012-03-30 20:07:51 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2012-03-30 20:07:26 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2012-03-30 20:07:04 3072 ------w- c:\windows\system32\iacenc.dll
2012-03-30 20:07:04 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-03-30 20:01:01 45568 ------w- c:\windows\system32\dllcache\wab.exe
2012-03-30 19:27:54 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-03-30 19:19:05 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-03-29 16:51:18 -------- d-----w- c:\windows\system32\cache
2012-03-28 17:59:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-28 17:37:56 6582328 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{af4339c6-799e-45cb-aece-b376d46883d8}\mpengine.dll
2012-03-28 14:05:55 -------- dc----w- c:\documents and settings\all users\application data\AVG Secure Search
2012-03-28 14:05:35 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-03-28 14:05:08 -------- d-----w- c:\program files\AVG Secure Search
2012-03-28 14:03:49 -------- dc-h--w- c:\documents and settings\all users\application data\Common Files
2012-03-28 04:45:13 -------- d-----w- c:\windows\system32\scripting
2012-03-28 04:45:08 -------- d-----w- c:\windows\l2schemas
2012-03-28 04:45:02 -------- d-----w- c:\windows\system32\en
2012-03-28 04:45:00 -------- d-----w- c:\windows\system32\bits
2012-03-28 03:00:50 -------- d-----w- c:\windows\EHome
2012-03-28 00:18:31 -------- d-----w- c:\documents and settings\netta\application data\Malwarebytes
2012-03-28 00:14:27 -------- dc----w- c:\documents and settings\all users\application data\Malwarebytes
2012-03-28 00:14:19 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-28 00:14:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-27 23:24:57 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-03-27 23:24:57 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
.
==================== Find3M ====================
.
2012-02-23 13:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 16:06:04.76 ===============