I got that fake XP Antimalware 2010 (PC Security) problem last night and been trying to clean my computer.

I ran spybot...reported small cookie issues - I cleaned
I ran Malwarebytes...reported browser hijack, rogue browse - I cleaned

I do not get that XP Anti-malware (pc security) thing anymore, but my browser will try to re-direct from time to time. I think some redirects are blocked because I turned on the list in Spybot under the "host" file section where it lists on the bad links.

I re-ran malwarebytes and there are no problems reported:

Here is the Malwarebytes report from last night BEFORE the program fixed the problems:

Malwarebytes' Anti-Malware 1.44
Database version: 3878
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

3/17/2010 8:03:15 PM
mbam-log-2010-03-17 (20-03-15).txt

Scan type: Quick Scan
Objects scanned: 149855
Time elapsed: 6 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Administrator\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Administrator\Local Settings\Application Data\ave.exe (Rogue.MultipleAV) -> Quarantined and deleted successfully.


HERE IS MALWARE BYTES AFTER CLEANING (Just ran the program):

Malwarebytes' Anti-Malware 1.44
Database version: 3878
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

3/18/2010 4:08:09 PM
mbam-log-2010-03-18 (16-08-09).txt

Scan type: Quick Scan
Objects scanned: 152603
Time elapsed: 8 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


HERE IS MY HIJACK THIS LOG FILE

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:44:24 PM, on 3/18/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\ThpSrv.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://intranet
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} (Cisco Systems WebVPN Relay Loader) - https://firewall.clintoncountygov.com/+CSCOL+/relayp.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://email.health.state.ny.us/go/notes.health.state.ny.us/iNotes6W.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = co.clinton.ny.us
O17 - HKLM\Software\..\Telephony: DomainName = co.clinton.ny.us
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = co.clinton.ny.us
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe

--
End of file - 7579 bytes

Thank you

Here's the DDS 2 log files


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/8/2006 1:56:44 PM
System Uptime: 3/18/2010 5:41:07 PM (1 hours ago)

Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Genuine Intel(R) CPU T1300 @ 1.66GHz | U1 | 1662/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 58.881 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA

==== System Restore Points ===================

RP90: 12/18/2009 3:04:53 PM - System Checkpoint
RP91: 12/19/2009 4:01:05 PM - System Checkpoint
RP92: 12/20/2009 5:00:50 PM - System Checkpoint
RP93: 12/21/2009 5:12:14 PM - System Checkpoint
RP94: 12/22/2009 5:35:54 PM - System Checkpoint
RP95: 12/23/2009 6:07:38 PM - System Checkpoint
RP96: 12/24/2009 6:34:59 PM - System Checkpoint
RP97: 12/25/2009 6:53:48 PM - System Checkpoint
RP98: 12/26/2009 6:54:08 PM - System Checkpoint
RP99: 12/27/2009 11:47:20 PM - System Checkpoint
RP100: 12/29/2009 3:16:56 PM - System Checkpoint
RP101: 12/30/2009 3:38:49 PM - System Checkpoint
RP102: 12/31/2009 3:54:40 PM - System Checkpoint
RP103: 1/1/2010 4:50:37 PM - System Checkpoint
RP104: 1/2/2010 6:14:29 PM - System Checkpoint
RP105: 1/3/2010 7:51:09 PM - System Checkpoint
RP106: 1/5/2010 4:57:05 PM - System Checkpoint
RP107: 1/6/2010 6:53:07 PM - System Checkpoint
RP108: 1/7/2010 7:03:01 PM - System Checkpoint
RP109: 1/8/2010 7:50:56 PM - System Checkpoint
RP110: 1/9/2010 8:07:40 PM - System Checkpoint
RP111: 1/10/2010 8:26:30 PM - System Checkpoint
RP112: 1/12/2010 7:50:41 PM - System Checkpoint
RP113: 1/12/2010 8:20:35 PM - Removed Ask Toolbar.
RP114: 1/14/2010 6:23:13 PM - System Checkpoint
RP115: 1/15/2010 8:13:13 PM - System Checkpoint
RP116: 1/16/2010 9:53:25 PM - System Checkpoint
RP117: 1/17/2010 9:58:00 PM - System Checkpoint
RP118: 1/19/2010 4:12:52 PM - System Checkpoint
RP119: 1/20/2010 7:58:00 PM - System Checkpoint
RP120: 1/22/2010 3:35:29 PM - System Checkpoint
RP121: 1/23/2010 3:36:34 PM - System Checkpoint
RP122: 1/24/2010 11:07:40 PM - System Checkpoint
RP123: 1/26/2010 5:18:42 PM - System Checkpoint
RP124: 1/27/2010 6:02:21 PM - System Checkpoint
RP125: 1/28/2010 6:43:31 PM - System Checkpoint
RP126: 1/29/2010 7:43:42 PM - System Checkpoint
RP127: 1/30/2010 9:23:12 PM - System Checkpoint
RP128: 2/1/2010 10:03:18 AM - System Checkpoint
RP129: 2/2/2010 9:16:43 PM - System Checkpoint
RP130: 2/4/2010 3:51:52 PM - System Checkpoint
RP131: 2/5/2010 8:06:01 PM - System Checkpoint
RP132: 2/6/2010 8:31:19 PM - System Checkpoint
RP133: 2/7/2010 11:50:48 PM - System Checkpoint
RP134: 2/9/2010 9:00:38 PM - System Checkpoint
RP135: 2/11/2010 2:47:01 PM - System Checkpoint
RP136: 2/12/2010 3:18:01 PM - System Checkpoint
RP137: 2/14/2010 12:31:10 AM - System Checkpoint
RP138: 2/15/2010 8:44:45 AM - System Checkpoint
RP139: 2/16/2010 5:06:54 PM - System Checkpoint
RP140: 2/17/2010 6:03:02 PM - System Checkpoint
RP141: 2/18/2010 6:45:12 PM - System Checkpoint
RP142: 2/20/2010 7:15:33 AM - System Checkpoint
RP143: 2/21/2010 10:34:47 AM - System Checkpoint
RP144: 2/22/2010 12:12:38 PM - System Checkpoint
RP145: 2/23/2010 5:31:22 PM - System Checkpoint
RP146: 2/25/2010 7:21:45 PM - System Checkpoint
RP147: 2/26/2010 7:35:25 PM - System Checkpoint
RP148: 2/27/2010 7:42:56 PM - System Checkpoint
RP149: 3/1/2010 8:38:06 AM - System Checkpoint
RP150: 3/2/2010 3:10:12 PM - System Checkpoint
RP151: 3/3/2010 6:52:38 PM - System Checkpoint
RP152: 3/4/2010 6:57:37 PM - System Checkpoint
RP153: 3/6/2010 7:32:09 AM - System Checkpoint
RP154: 3/7/2010 8:50:24 AM - System Checkpoint
RP155: 3/8/2010 9:44:49 AM - System Checkpoint
RP156: 3/9/2010 3:37:54 PM - System Checkpoint
RP157: 3/12/2010 5:28:27 PM - System Checkpoint
RP158: 3/13/2010 6:14:17 PM - System Checkpoint
RP159: 3/14/2010 7:13:28 PM - System Checkpoint
RP160: 3/15/2010 7:52:12 PM - System Checkpoint
RP161: 3/16/2010 4:13:54 PM - Spybot-S&D Spyware removal
RP162: 3/17/2010 4:44:05 PM - Spybot-S&D Spyware removal
RP163: 3/17/2010 4:50:11 PM - Restore Operation
RP164: 3/18/2010 5:16:52 PM - Spybot-S&D Spyware removal
RP165: 3/18/2010 5:18:26 PM - Spybot-S&D System Internals

==== Installed Programs ======================

µTorrent
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9
Adobe Shockwave Player 11
Bluetooth Stack for Windows by Toshiba
CD/DVD Drive Acoustic Silencer
Cisco Systems VPN Client 5.0.02.0090
Citrix ICA Web Client
Citrix Presentation Server Client - Web Only
CUPSS
CutePDF Writer 2.5
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DVD-RAM Driver
Hard Disk Recovery Utilities
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB894871)
Hotfix for Windows XP (KB895200)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB915865)
HP Deskjet 3900 series
HP Image Zone Express
HP Imaging Device Functions 5.0
HPDeskjet3900Series
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 4
LiveUpdate 3.1 (Symantec Corporation)
Malwarebytes' Anti-Malware
mCore
mDrWiFi
Metamail (Toshiba Registration Utility)
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Meeting 2005
Microsoft Office Professional Edition 2003
Microsoft SQL Server Management Studio Express
mIWA
mLogView
mMHouse
mPfMgr
mPfWiz
mProSafe
MSXML 6.0 Parser
mWlsSafe
mXML
mZConfig
Office 2003 Trial Assistant
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
RunAlyzer
Sanitary Survey Fundamentals
SD Secure Module
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
SMSC IrCC V5.1.3600.7
Sonic DLA
Sonic RecordNow!
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Status
Symantec AntiVirus
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA HDD Protection
TOSHIBA Hotkey Utility
TOSHIBA Mobile Extension3 for Windows XP V3.79.00.XP.C
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA SD Memory Card Format
TOSHIBA Software Upgrades
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Zooming Utility
TrayApp
Update for Windows XP (KB894391)
Viewpoint Media Player
WebEx
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884018
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893056
WinZip
Yahoo! Music Engine

==== Event Viewer Messages From Past Week ========

3/18/2010 6:41:42 AM, error: NETLOGON [5719] - No Domain Controller is available for domain CLINTON due to the following: The RPC server is unavailable. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
3/17/2010 8:05:44 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
3/17/2010 6:02:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
3/17/2010 5:19:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRT SAVRTPEL SPBBCDrv SYMTDI Tcpip TMEI3E
3/17/2010 5:19:06 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
3/17/2010 5:19:06 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/17/2010 5:19:06 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/17/2010 5:19:06 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
3/17/2010 5:18:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/17/2010 5:18:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/17/2010 4:36:32 PM, error: Service Control Manager [7034] - The TOSHIBA Application Service service terminated unexpectedly. It has done this 1 time(s).
3/17/2010 4:36:25 PM, error: Service Control Manager [7034] - The ConfigFree Service service terminated unexpectedly. It has done this 1 time(s).
3/17/2010 4:36:20 PM, error: Service Control Manager [7034] - The Cisco Systems, Inc. VPN Service service terminated unexpectedly. It has done this 1 time(s).
3/17/2010 4:36:14 PM, error: Service Control Manager [7034] - The TOSHIBA HDD Protection service terminated unexpectedly. It has done this 1 time(s).
3/17/2010 4:36:05 PM, error: Service Control Manager [7034] - The Windows User Mode Driver Framework service terminated unexpectedly. It has done this 1 time(s).
3/17/2010 4:35:52 PM, error: Service Control Manager [7034] - The Swupdtmr service terminated unexpectedly. It has done this 1 time(s).
3/16/2010 3:12:34 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
3/16/2010 3:12:34 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
3/12/2010 11:50:31 AM, error: Dhcp [1002] - The IP address lease 172.16.32.223 for the Network Card with network address 0013022B7D29 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
3/11/2010 7:00:43 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
3/11/2010 6:56:47 AM, error: Service Control Manager [7000] - The SMI helper driver service failed to start due to the following error: The system cannot find the path specified.
3/11/2010 6:56:47 AM, error: Service Control Manager [7000] - The FileDisk Protector Kernel Driver service failed to start due to the following error: The system cannot find the path specified.
3/11/2010 6:56:47 AM, error: Service Control Manager [7000] - The FdRedir service failed to start due to the following error: The system cannot find the path specified.
3/11/2010 6:55:38 AM, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 0013022B7D29 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
3/11/2010 6:55:33 AM, error: NETLOGON [5719] - No Domain Controller is available for domain CLINTON due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

==== End Of File ===========================


Here's the other DDS log file


DDS (Ver_10-03-17.01) - NTFSx86
Run by Administrator at 17:59:35.43 on Thu 03/18/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.502.79 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\ThpSrv.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://news.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/
mSearchAssistant = hxxp://www.google.com/
mCustomizeSearch = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [TPSMain] TPSMain.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [dla] c:\windows\system32\dla\DLACTRLW.exe
mRun: [TMESRV.EXE] c:\program files\toshiba\tme3\TMESRV31.EXE /Logon
mRun: [TMERzCtl.EXE] c:\program files\toshiba\tme3\TMERzCtl.EXE /Service
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
mPolicies-system: dontdisplaylockeduserid = 3 (0x3)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://firewall.clintoncountygov.com/+CSCOL+/relayp.cab
DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxps://email.health.state.ny.us/go/notes.health.state.ny.us/iNotes6W.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
Notify: igfxcui - igfxdev.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2004-12-28 16384]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2005-12-6 6144]
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.sys [2006-1-14 5888]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
R2 Tmesrv;Tmesrv3;c:\program files\toshiba\tme3\TMESRV31.exe [2006-1-14 126976]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2006-12-6 102712]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2005-12-22 35968]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20061220.018\naveng.sys [2006-12-21 80408]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20061220.018\navex15.sys [2006-12-21 833048]
S2 FdRedir;FdRedir;\??\c:\program files\common files\protector suite ql\drivers\fdredir.sys --> c:\program files\common files\protector suite ql\drivers\FdRedir.sys [?]
S2 FileDisk2;FileDisk Protector Kernel Driver;\??\c:\program files\common files\protector suite ql\drivers\filedisk.sys --> c:\program files\common files\protector suite ql\drivers\filedisk.sys [?]
S2 smihlp;SMI helper driver;\??\c:\program files\protector suite ql\smihlp.sys --> c:\program files\protector suite ql\smihlp.sys [?]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]

=============== Created Last 30 ================

2010-03-18 21:24:21 0 d-----w- c:\program files\Safer Networking
2010-03-18 12:26:45 0 d-----w- c:\windows\system32\CatRoot_bak
2010-03-18 12:25:00 0 d-----w- C:\cec3732dd60dcb7cae2cc84f6bc154
2010-03-18 00:54:48 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-03-18 00:54:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-18 00:54:39 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-18 00:54:39 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-18 00:54:39 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-03-17 22:02:13 0 d-----w- c:\program files\Trend Micro
2010-03-16 20:21:25 0 d-----w- c:\windows\pss

==================== Find3M ====================


============= FINISH: 18:00:33.68 ===============


Just trying to give you enough data, thank you very much

Hello karenj_m,

Please start a new topic providing the HJT log only and a link back to this one.

Forum FAQ: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288) ;)

Also see You and Windows, a joint effort (http://forums.spybot.info/showpost.php?p=25290&postcount=4) regarding P2P/Torrents.

Best regards.