Hello. My sister used a pen drive at school and apparently it became infected because when I plugged it into my computer, my A/V stopped it from executing I believe. However, I wanted to double check if my computer is clean. Here is my HJT log.
I have ran Spybot, Adaware, MBAM, and A/V scans and everything seems to be alright. However, it doesn't hurt to be too sure :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:59 AM, on 11/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
O16 - DPF: {9103166D-A34B-45A2-91F5-73D508C7A650} (NateComicViewer Class) - http://crayondata.cyworld.com/OCX/install/NateComicViewer.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BBFD2D10-EC6E-4259-91D1-1E38C826E5E2} (Launcher Class) - http://app.gomtv.com/gomtv/gomtvx.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6097 bytes

looks ok to me and if your AV and anti-malware are coming up clean then i would say all is good. you might want to check your java version:

Vulnerabilities in versions of Sun Java may be responsible for some malware installs via your browser.

It is important to keep Sun Java up to date and also to remove older versions.

* 1. Uninstall old versions of Sun Java via Add/Remove Programs.
* 2. Click the Remove or Change/Remove button
* 3. Reboot your PC if prompted.

to check if you have the latest version of Java and to download the latest version:

http://www.java.com/en/download/installed.jsp

Thanks. Yeah, I haven't had the chance to update my Java but I will soon. Thanks for looking at it. By the way, when I type "ipconfig /displaydns" without the quotes in CMD, I get this:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Dan>ipconfig /displaydns

Windows IP Configuration


----------------------------------------
Record Name . . . .
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


googlebawt.com
----------------------------------------
Record Name . . . . . : googlebawt.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


frostwire.click-new-download.com
----------------------------------------
Record Name . . . . . : frostwire.click-new-download.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . : [url]
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


/url]
----------------------------------------
Record Name . . . . . : [url]
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


file7.qqhelper.com
----------------------------------------
Record Name . . . . . : file7.qqhelper.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


de98.remsys.org
----------------------------------------
Record Name . . . . . : de98.remsys.org
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . : t
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


antivirus-2008-pro.org
----------------------------------------
Record Name . . . . . : antivirus-2008-pro.org
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


antivirus-2008-pro.com
----------------------------------------
Record Name . . . . . : antivirus-2008-pro.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


americanautobargains.com
----------------------------------------
Record Name . . . . . : americanautobargains.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


popstar24.com
----------------------------------------
Record Name . . . . . : popstar24.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1


p2p-paradies.com
----------------------------------------
Record Name . . . . . : p2p-paradies.com
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



----------------------------------------
Record Name . . . . . :
Record Type . . . . . : 1
Time To Live . . . . : 589281
Data Length . . . . . : 4
Section . . . . . . . : Answer
A (Host) Record . . . : 127.0.0.1



C:\Documents and Settings\Dan>

Is this okay? I use Spybot and I'm reading that Spybot puts this up. Additionally, if I look at my hosts files, I only have stuff that Spybot set up.

Crap. Those shouldn't be links, can a mod delete my previous post?

hi xEnvious,

i removed the hot links. those are all loaded into the dns resolver cache from your host file. spybot maintains a host file list for known malware web sites.

Cool. So Spybot put those in order to prevent damage, right? I just want to understand this completely :)

yes spybot has a list of malware related URL's it puts in your host file. To use this feature is optional.

heres a good explanation of how a host file works:

http://www.accs-net.com/hosts/what_is_hosts.html

Ahh.. That makes a lot more sense. I was a bit worried when I saw a bunch! Thanks :D

I just installed the new Java 6 update 10 and jqs.exe seems to be part of my startup now. Is there a way to stop it from doing this?

thats a exe that runs as a service to supposedly speed thinks up as far as java applications go.

links:
http://java.sun.com/javase/6/docs/technotes/guides/jweb/otherFeatures/jqs.html

to disable the quick starter:

http://www.java.com/en/download/help/quickstarter.xml

Thanks again! :)

your welcome. happy safe surfing out there.